summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat (limited to 'net-libs')
-rw-r--r--net-libs/wvstreams/files/wvstreams-4.6.1_p14-libressl.patch114
1 files changed, 0 insertions, 114 deletions
diff --git a/net-libs/wvstreams/files/wvstreams-4.6.1_p14-libressl.patch b/net-libs/wvstreams/files/wvstreams-4.6.1_p14-libressl.patch
deleted file mode 100644
index e897c95bf093..000000000000
--- a/net-libs/wvstreams/files/wvstreams-4.6.1_p14-libressl.patch
+++ /dev/null
@@ -1,114 +0,0 @@
-From cb8a81da928054c2e8174d671f2abc88f4f35b87 Mon Sep 17 00:00:00 2001
-From: Stefan Strogin <steils@gentoo.org>
-Date: Mon, 10 Jun 2019 17:07:06 +0300
-Subject: [PATCH] Fix LibreSSL support
-
----
- crypto/wvocsp.cc | 34 ++++++++++++++++++++++++++++++++++
- crypto/wvx509mgr.cc | 14 ++++++++++++++
- include/wvdigest.h | 1 +
- 3 files changed, 49 insertions(+)
-
-diff --git a/crypto/wvocsp.cc b/crypto/wvocsp.cc
-index 7d5da072..7a157f90 100644
---- a/crypto/wvocsp.cc
-+++ b/crypto/wvocsp.cc
-@@ -130,6 +130,7 @@ bool WvOCSPResp::signedbycert(const WvX509 &cert) const
- }
-
-
-+#ifndef LIBRESSL_VERSION_NUMBER
- WvX509 WvOCSPResp::get_signing_cert() const
- {
- const STACK_OF(X509) *certs = OCSP_resp_get0_certs(bs);
-@@ -143,6 +144,39 @@ WvX509 WvOCSPResp::get_signing_cert() const
-
- return WvX509();
- }
-+#else
-+WvX509 WvOCSPResp::get_signing_cert() const
-+{
-+ if (!bs || !sk_X509_num(bs->certs))
-+ return WvX509();
-+
-+ // note: the following bit of code is taken almost verbatim from
-+ // ocsp_vfy.c in OpenSSL 0.9.8. Copyright and attribution should
-+ // properly belong to them
-+
-+ OCSP_RESPID *id = bs->tbsResponseData->responderId;
-+
-+ if (id->type == V_OCSP_RESPID_NAME)
-+ {
-+ X509 *x = X509_find_by_subject(bs->certs, id->value.byName);
-+ if (x)
-+ return WvX509(X509_dup(x));
-+ }
-+
-+ if (id->value.byKey->length != SHA_DIGEST_LENGTH) return NULL;
-+ unsigned char tmphash[SHA_DIGEST_LENGTH];
-+ unsigned char *keyhash = id->value.byKey->data;
-+ for (int i = 0; i < sk_X509_num(bs->certs); i++)
-+ {
-+ X509 *x = sk_X509_value(bs->certs, i);
-+ X509_pubkey_digest(x, EVP_sha1(), tmphash, NULL);
-+ if(!memcmp(keyhash, tmphash, SHA_DIGEST_LENGTH))
-+ return WvX509(X509_dup(x));
-+ }
-+
-+ return WvX509();
-+}
-+#endif /* LIBRESSL_VERSION_NUMBER */
-
-
- WvOCSPResp::Status WvOCSPResp::get_status(const WvX509 &cert,
-diff --git a/crypto/wvx509mgr.cc b/crypto/wvx509mgr.cc
-index 156d3a49..e2bb3ffe 100644
---- a/crypto/wvx509mgr.cc
-+++ b/crypto/wvx509mgr.cc
-@@ -350,8 +350,15 @@ bool WvX509Mgr::signcert(WvX509 &unsignedcert) const
- return false;
- }
-
-+#ifndef LIBRESSL_VERSION_NUMBER
- uint32_t ex_flags = X509_get_extension_flags(cert);
- uint32_t ex_kusage = X509_get_key_usage(cert);
-+#else
-+ X509_check_purpose(cert, -1, -1);
-+ uint32_t ex_flags = cert->ex_flags;
-+ uint32_t ex_kusage = (cert->ex_flags & EXFLAG_KUSAGE) ?
-+ cert->ex_kusage : UINT32_MAX;
-+#endif
- if (cert == unsignedcert.cert)
- {
- debug("Self Signing!\n");
-@@ -392,8 +399,15 @@ bool WvX509Mgr::signcert(WvX509 &unsignedcert) const
-
- bool WvX509Mgr::signcrl(WvCRL &crl) const
- {
-+#ifndef LIBRESSL_VERSION_NUMBER
- uint32_t ex_flags = X509_get_extension_flags(cert);
- uint32_t ex_kusage = X509_get_key_usage(cert);
-+#else
-+ X509_check_purpose(cert, -1, -1);
-+ uint32_t ex_flags = cert->ex_flags;
-+ uint32_t ex_kusage = (cert->ex_flags & EXFLAG_KUSAGE) ?
-+ cert->ex_kusage : UINT32_MAX;
-+#endif
- if (!isok() || !crl.isok())
- {
- debug(WvLog::Warning, "Asked to sign CRL, but certificate or CRL (or "
-diff --git a/include/wvdigest.h b/include/wvdigest.h
-index f2eed401..e637fb49 100644
---- a/include/wvdigest.h
-+++ b/include/wvdigest.h
-@@ -10,6 +10,7 @@
- #include "wvencoder.h"
- #include <stdint.h>
- #include <openssl/evp.h>
-+#include <openssl/hmac.h>
-
-
- /**
---
-2.21.0
-