commit: 452494d7ca5dfa6a804e932eadf24b999c51316e Author: Alon Bar-Lev <alonbl <AT> gentoo <DOT> org> AuthorDate: Tue Jan 15 18:45:31 2019 +0000 Commit: Alon Bar-Lev <alonbl <AT> gentoo <DOT> org> CommitDate: Tue Jan 15 18:45:48 2019 +0000 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=452494d7
net-libs/gnutls: libressl fix Closes: https://bugs.gentoo.org/show_bug.cgi?id=675512 Thanks: Toralf Förster Signed-off-by: Alon Bar-Lev <alonbl <AT> gentoo.org> Package-Manager: Portage-2.3.51, Repoman-2.3.11 net-libs/gnutls/files/gnutls-3.6.5-libressl.patch | 53 +++++++++++++++++++++++ net-libs/gnutls/gnutls-3.6.5.ebuild | 1 + 2 files changed, 54 insertions(+) diff --git a/net-libs/gnutls/files/gnutls-3.6.5-libressl.patch b/net-libs/gnutls/files/gnutls-3.6.5-libressl.patch new file mode 100644 index 00000000000..16cac8c13b9 --- /dev/null +++ b/net-libs/gnutls/files/gnutls-3.6.5-libressl.patch @@ -0,0 +1,53 @@ +From bfd036b31f2a47ae40e104b2ea1a0e095900cf52 Mon Sep 17 00:00:00 2001 +From: Dmitry Eremin-Solenikov <[email protected]> +Date: Tue, 25 Dec 2018 14:43:56 +0300 +Subject: [PATCH] tests: cipher-openssl-compat: don't fail if OpenSSL doesn't + provide cipher + +LibreSSL does not provide ChaCha20-Poly1305 through EVP_CIPHER +interface, so let's skip the test if cipher is not available. + +Signed-off-by: Dmitry Eremin-Solenikov <[email protected]> +--- + tests/slow/cipher-openssl-compat.c | 18 +++++++++++++----- + 1 file changed, 13 insertions(+), 5 deletions(-) + +diff --git a/tests/slow/cipher-openssl-compat.c b/tests/slow/cipher-openssl-compat.c +index c9b39d026..a4cb3522d 100644 +--- a/tests/slow/cipher-openssl-compat.c ++++ b/tests/slow/cipher-openssl-compat.c +@@ -38,6 +38,19 @@ static int cipher_test(const char *ocipher, gnutls_cipher_algorithm_t gcipher, + + success("cipher: %s\n", ocipher); + ++ /* decrypt with openssl */ ++ evp_cipher = EVP_get_cipherbyname(ocipher); ++ if (!evp_cipher) { ++ /* XXX: fix version check later when LibreSSL fixes support for aes-ccm and chacha20-poly1305 */ ++#ifdef LIBRESSL_VERSION_NUMBER ++ fprintf(stderr, "EVP_get_cipherbyname failed for %s\n", ocipher); ++ return -1; ++#else ++ /* OpenSSL should always work! */ ++ fail("EVP_get_cipherbyname failed for %s\n", ocipher); ++#endif ++ } ++ + for (i = 0; i < 32; i++) { /* try with multiple keys and nonces */ + assert(gnutls_rnd + (GNUTLS_RND_NONCE, orig_plain_data, +@@ -88,11 +101,6 @@ static int cipher_test(const char *ocipher, gnutls_cipher_algorithm_t gcipher, + + gnutls_aead_cipher_deinit(hd); + +- /* decrypt with openssl */ +- evp_cipher = EVP_get_cipherbyname(ocipher); +- if (!evp_cipher) +- fail("EVP_get_cipherbyname failed for %s\n", ocipher); +- + ctx = EVP_CIPHER_CTX_new(); + + #if OPENSSL_VERSION_NUMBER >= 0x10100000L +-- +2.19.2 + diff --git a/net-libs/gnutls/gnutls-3.6.5.ebuild b/net-libs/gnutls/gnutls-3.6.5.ebuild index 883584c16a7..9d141a5165c 100644 --- a/net-libs/gnutls/gnutls-3.6.5.ebuild +++ b/net-libs/gnutls/gnutls-3.6.5.ebuild @@ -55,6 +55,7 @@ HTML_DOCS=() PATCHES=( "${FILESDIR}/${P}-build.patch" + "${FILESDIR}/${P}-libressl.patch" ) pkg_setup() {
