commit: 38617412a915ab7a6e992f22205d1aaa7a9e90cf Author: Stefan Strogin <stefan.strogin <AT> gmail <DOT> com> AuthorDate: Wed Apr 24 07:34:59 2019 +0000 Commit: Aaron Bauman <bman <AT> gentoo <DOT> org> CommitDate: Wed Apr 24 21:53:17 2019 +0000 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=38617412
net-dialup/freeradius: add patch for LibreSSL support Closes: https://bugs.gentoo.org/680066 Package-Manager: Portage-2.3.64, Repoman-2.3.12 Signed-off-by: Stefan Strogin <stefan.strogin <AT> gmail.com> Closes: https://github.com/gentoo/gentoo/pull/11811 Signed-off-by: Aaron Bauman <bman <AT> gentoo.org> .../files/freeradius-3.0.18-libressl.patch | 63 ++++++++++++++++++++++ net-dialup/freeradius/freeradius-3.0.18.ebuild | 2 + 2 files changed, 65 insertions(+) diff --git a/net-dialup/freeradius/files/freeradius-3.0.18-libressl.patch b/net-dialup/freeradius/files/freeradius-3.0.18-libressl.patch new file mode 100644 index 00000000000..129e251d87b --- /dev/null +++ b/net-dialup/freeradius/files/freeradius-3.0.18-libressl.patch @@ -0,0 +1,63 @@ +From 39e4ac0cf8d415b41dc2ff1fc329de0522b135ca Mon Sep 17 00:00:00 2001 +From: Stefan Strogin <[email protected]> +Date: Wed, 24 Apr 2019 09:16:12 +0300 +Subject: [PATCH] Fix build to LibreSSL + +Upstream-Status: Inappropriate +[https://github.com/FreeRADIUS/freeradius-server/commit/9652affe38f41ba2484e013cf9d2c0bcb8c80d67] +Signed-off-by: Stefan Strogin <[email protected]> +--- + src/main/tls.c | 9 ++++++--- + src/modules/rlm_eap/types/rlm_eap_fast/eap_fast.c | 3 ++- + 2 files changed, 8 insertions(+), 4 deletions(-) + +diff --git a/src/main/tls.c b/src/main/tls.c +index 9726953234..840724bf61 100644 +--- a/src/main/tls.c ++++ b/src/main/tls.c +@@ -1579,7 +1579,8 @@ done: + return 0; + } + +-#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) ++#if OPENSSL_VERSION_NUMBER < 0x10100000L || \ ++ (defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x2090100fL) + static SSL_SESSION *cbtls_get_session(SSL *ssl, unsigned char *data, int len, int *copy) + #else + static SSL_SESSION *cbtls_get_session(SSL *ssl, const unsigned char *data, int len, int *copy) +@@ -3379,14 +3380,16 @@ post_ca: + */ + SSL_CTX_sess_set_cache_size(ctx, conf->session_cache_size); + +-#if OPENSSL_VERSION_NUMBER >= 0x10101000L ++/* Not implemented in LibreSSL 2.9.1 */ ++#if OPENSSL_VERSION_NUMBER >= 0x10101000L && !defined(LIBRESSL_VERSION_NUMBER) + SSL_CTX_set_num_tickets(ctx, 1); + #endif + + } else { + SSL_CTX_set_session_cache_mode(ctx, SSL_SESS_CACHE_OFF); + +-#if OPENSSL_VERSION_NUMBER >= 0x10101000L ++/* Not implemented in LibreSSL 2.9.1 */ ++#if OPENSSL_VERSION_NUMBER >= 0x10101000L && !defined(LIBRESSL_VERSION_NUMBER) + /* + * This controls the number of stateful or stateless tickets + * generated with TLS 1.3. In OpenSSL 1.1.1 it's also +diff --git a/src/modules/rlm_eap/types/rlm_eap_fast/eap_fast.c b/src/modules/rlm_eap/types/rlm_eap_fast/eap_fast.c +index fa9c58f3c3..a53341fc20 100644 +--- a/src/modules/rlm_eap/types/rlm_eap_fast/eap_fast.c ++++ b/src/modules/rlm_eap/types/rlm_eap_fast/eap_fast.c +@@ -44,7 +44,8 @@ static int openssl_get_keyblock_size(REQUEST *request, SSL *ssl) + { + const EVP_CIPHER *c; + const EVP_MD *h; +-#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) ++#if OPENSSL_VERSION_NUMBER < 0x10100000L || \ ++ (defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x2090100fL) + int md_size; + + if (ssl->enc_read_ctx == NULL || ssl->enc_read_ctx->cipher == NULL || +-- +2.21.0 + diff --git a/net-dialup/freeradius/freeradius-3.0.18.ebuild b/net-dialup/freeradius/freeradius-3.0.18.ebuild index 939365c85fc..6b772f41f1f 100644 --- a/net-dialup/freeradius/freeradius-3.0.18.ebuild +++ b/net-dialup/freeradius/freeradius-3.0.18.ebuild @@ -60,6 +60,8 @@ REQUIRED_USE="python? ( ${PYTHON_REQUIRED_USE} )" S="${WORKDIR}/${MY_P}" +PATCHES=( "${FILESDIR}"/${P}-libressl.patch ) + pkg_setup() { enewgroup radius enewuser radius -1 -1 /var/log/radius radius
