commit: 48d1a8ab9969c921b72e9cf357e2ce5a531eaf30
parent: c4a344ca8ff325b0a20423816e6dadf221dc8a63
Author: Haelwenn (lanodan) Monnier <contact@hacktivis.me>
Date: Thu, 17 Jan 2019 04:08:04 +0100
ldns-utils: Fix against LibreSSL
Diffstat:
2 files changed, 71 insertions(+), 2 deletions(-)
diff --git a/net-dns/ldns-utils/files/ldns-utils-1.7.0_libressl.patch b/net-dns/ldns-utils/files/ldns-utils-1.7.0_libressl.patch
@@ -0,0 +1,67 @@
+diff --git a/examples/ldns-dane.c b/examples/ldns-dane.c
+index f223675..c819b4a 100644
+--- a/examples/ldns-dane.c
++++ b/examples/ldns-dane.c
+@@ -1097,7 +1097,7 @@ dane_create(ldns_rr_list* tlsas, ldns_rdf* tlsa_owner,
+ }
+ }
+
+-#if defined(USE_DANE_VERIFY) && ( OPENSSL_VERSION_NUMBER < 0x10100000 || defined(HAVE_LIBRESSL) )
++#if defined(USE_DANE_VERIFY) && ( OPENSSL_VERSION_NUMBER < 0x10100000 || defined(LIBRESSL_VERSION_NUMBER) )
+ static bool
+ dane_verify(ldns_rr_list* tlsas, ldns_rdf* address,
+ X509* cert, STACK_OF(X509)* extra_certs,
+@@ -1165,7 +1165,7 @@ main(int argc, char* const* argv)
+ ldns_status s;
+ size_t i;
+
+-#if OPENSSL_VERSION_NUMBER >= 0x10100000 && ! defined(HAVE_LIBRESSL)
++#if OPENSSL_VERSION_NUMBER >= 0x10100000 && ! defined(LIBRESSL_VERSION_NUMBER)
+ size_t j, usable_tlsas = 0;
+ X509_STORE_CTX *store_ctx = NULL;
+ #endif /* OPENSSL_VERSION_NUMBER >= 0x10100000 */
+@@ -1688,7 +1688,7 @@ main(int argc, char* const* argv)
+ }
+ }
+
+-#if OPENSSL_VERSION_NUMBER < 0x10100000 || defined(HAVE_LIBRESSL)
++#if OPENSSL_VERSION_NUMBER < 0x10100000 || defined(LIBRESSL_VERSION_NUMBER)
+ ctx = SSL_CTX_new(SSLv23_client_method());
+ #else
+ ctx = SSL_CTX_new(TLS_client_method());
+@@ -1730,7 +1730,7 @@ main(int argc, char* const* argv)
+ verify_server_name, name);
+ break;
+ #ifdef USE_DANE_VERIFY
+-#if OPENSSL_VERSION_NUMBER < 0x10100000 || defined(HAVE_LIBRESSL)
++#if OPENSSL_VERSION_NUMBER < 0x10100000 || defined(LIBRESSL_VERSION_NUMBER)
+ case VERIFY: if (! dane_verify(tlsas, NULL,
+ cert, extra_certs, store,
+ verify_server_name, name,
+@@ -1844,7 +1844,7 @@ main(int argc, char* const* argv)
+ address = ldns_rr_a_address(
+ ldns_rr_list_rr(addresses, i));
+ assert(address != NULL);
+-#if OPENSSL_VERSION_NUMBER >= 0x10100000 && ! defined(HAVE_LIBRESSL)
++#if OPENSSL_VERSION_NUMBER >= 0x10100000 && ! defined(LIBRESSL_VERSION_NUMBER)
+ if (mode == VERIFY) {
+ usable_tlsas = 0;
+ if (SSL_dane_enable(ssl, name_str) <= 0) {
+@@ -1904,7 +1904,7 @@ main(int argc, char* const* argv)
+ continue;
+ }
+ LDNS_ERR(s, "could not get cert chain from ssl");
+-#if OPENSSL_VERSION_NUMBER >= 0x10100000 && ! defined(HAVE_LIBRESSL)
++#if OPENSSL_VERSION_NUMBER >= 0x10100000 && ! defined(LIBRESSL_VERSION_NUMBER)
+
+ if (mode == VERIFY) {
+ char *address_str = ldns_rdf2str(address);
+@@ -1934,7 +1934,7 @@ main(int argc, char* const* argv)
+
+ #ifdef USE_DANE_VERIFY
+ case VERIFY:
+-#if OPENSSL_VERSION_NUMBER < 0x10100000 || defined(HAVE_LIBRESSL)
++#if OPENSSL_VERSION_NUMBER < 0x10100000 || defined(LIBRESSL_VERSION_NUMBER)
+ if (! dane_verify(tlsas, address,
+ cert, extra_certs, store,
+ verify_server_name, name,
diff --git a/net-dns/ldns-utils/ldns-utils-1.7.0-r1.ebuild b/net-dns/ldns-utils/ldns-utils-1.7.0-r1.ebuild
@@ -1,7 +1,7 @@
-# Copyright 1999-2017 Gentoo Foundation
+# Copyright 1999-2019 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
-EAPI=5
+EAPI=6
MY_P=${P/-utils}
@@ -26,6 +26,8 @@ RDEPEND="${DEPEND}"
S=${WORKDIR}/${MY_P}
+PATCHES=( "${FILESDIR}/${P}_libressl.patch" )
+
src_configure() {
cd "${S}"/drill
econf $(use_with ssl)
