diff options
-rw-r--r-- | net-libs/pjproject/files/pjproject-2.7.2-libressl.patch | 98 | ||||
-rw-r--r-- | net-libs/pjproject/files/pjproject-2.7.2-ssl-flipflop.patch | 103 |
2 files changed, 0 insertions, 201 deletions
diff --git a/net-libs/pjproject/files/pjproject-2.7.2-libressl.patch b/net-libs/pjproject/files/pjproject-2.7.2-libressl.patch deleted file mode 100644 index 07efa9ccb8fd..000000000000 --- a/net-libs/pjproject/files/pjproject-2.7.2-libressl.patch +++ /dev/null @@ -1,98 +0,0 @@ -Index: /third_party/srtp/crypto/hash/hmac_ossl.c -=================================================================== ---- /third_party/srtp/crypto/hash/hmac_ossl.c (revision 5725) -+++ /third_party/srtp/crypto/hash/hmac_ossl.c (revision 5726) -@@ -52,6 +52,8 @@ - #include <openssl/evp.h> - #include <openssl/hmac.h> -+#include <openssl/opensslv.h> - - #define SHA1_DIGEST_SIZE 20 -+#define USING_LIBRESSL (defined(LIBRESSL_VERSION_NUMBER)) - - /* the debug module for authentiation */ -@@ -77,5 +79,5 @@ - /* OpenSSL 1.1.0 made HMAC_CTX an opaque structure, which must be allocated - using HMAC_CTX_new. But this function doesn't exist in OpenSSL 1.0.x. */ --#if OPENSSL_VERSION_NUMBER < 0x10100000L -+#if USING_LIBRESSL || OPENSSL_VERSION_NUMBER < 0x10100000L - { - /* allocate memory for auth and HMAC_CTX structures */ -@@ -122,5 +124,5 @@ - hmac_ctx = (HMAC_CTX*)a->state; - --#if OPENSSL_VERSION_NUMBER < 0x10100000L -+#if USING_LIBRESSL || OPENSSL_VERSION_NUMBER < 0x10100000L - HMAC_CTX_cleanup(hmac_ctx); - -Index: /pjlib/src/pj/ssl_sock_ossl.c -=================================================================== ---- /pjlib/src/pj/ssl_sock_ossl.c (revision 5725) -+++ /pjlib/src/pj/ssl_sock_ossl.c (revision 5726) -@@ -56,6 +56,10 @@ - #include <openssl/rand.h> - #include <openssl/opensslconf.h> -- --#if !defined(OPENSSL_NO_EC) && OPENSSL_VERSION_NUMBER >= 0x1000200fL -+#include <openssl/opensslv.h> -+ -+#define USING_LIBRESSL (defined(LIBRESSL_VERSION_NUMBER)) -+ -+#if !USING_LIBRESSL && !defined(OPENSSL_NO_EC) \ -+ && OPENSSL_VERSION_NUMBER >= 0x1000200fL - - # include <openssl/obj_mac.h> -@@ -115,5 +119,5 @@ - - --#if OPENSSL_VERSION_NUMBER >= 0x10100000L -+#if !USING_LIBRESSL && OPENSSL_VERSION_NUMBER >= 0x10100000L - # define OPENSSL_NO_SSL2 /* seems to be removed in 1.1.0 */ - # define M_ASN1_STRING_data(x) ASN1_STRING_get0_data(x) -@@ -539,5 +543,5 @@ - - /* Init OpenSSL lib */ --#if OPENSSL_VERSION_NUMBER < 0x10100000L -+#if USING_LIBRESSL || OPENSSL_VERSION_NUMBER < 0x10100000L - SSL_library_init(); - SSL_load_error_strings(); -@@ -560,5 +564,7 @@ - const char *cname; - --#if OPENSSL_VERSION_NUMBER < 0x10100000L -+#if (USING_LIBRESSL && LIBRESSL_VERSION_NUMBER < 0x2020100fL)\ -+ || OPENSSL_VERSION_NUMBER < 0x10100000L -+ - meth = (SSL_METHOD*)SSLv23_server_method(); - if (!meth) -@@ -603,5 +609,6 @@ - SSL_set_session(ssl, SSL_SESSION_new()); - --#if !defined(OPENSSL_NO_EC) && OPENSSL_VERSION_NUMBER >= 0x1000200fL -+#if !USING_LIBRESSL && !defined(OPENSSL_NO_EC) \ -+ && OPENSSL_VERSION_NUMBER >= 0x1000200fL - openssl_curves_num = SSL_get_shared_curve(ssl,-1); - if (openssl_curves_num > PJ_ARRAY_SIZE(openssl_curves)) -@@ -795,5 +802,6 @@ - - /* Determine SSL method to use */ --#if OPENSSL_VERSION_NUMBER < 0x10100000L -+#if (USING_LIBRESSL && LIBRESSL_VERSION_NUMBER < 0x2020100fL)\ -+ || OPENSSL_VERSION_NUMBER < 0x10100000L - switch (ssock->param.proto) { - case PJ_SSL_SOCK_PROTO_TLS1: -@@ -1232,5 +1240,6 @@ - static pj_status_t set_curves_list(pj_ssl_sock_t *ssock) - { --#if !defined(OPENSSL_NO_EC) && OPENSSL_VERSION_NUMBER >= 0x1000200fL -+#if !USING_LIBRESSL && !defined(OPENSSL_NO_EC) \ -+ && OPENSSL_VERSION_NUMBER >= 0x1000200fL - int ret; - int curves[PJ_SSL_SOCK_MAX_CURVES]; -@@ -1263,5 +1272,5 @@ - static pj_status_t set_sigalgs(pj_ssl_sock_t *ssock) - { --#if OPENSSL_VERSION_NUMBER >= 0x1000200fL -+#if !USING_LIBRESSL && OPENSSL_VERSION_NUMBER >= 0x1000200fL - int ret; - diff --git a/net-libs/pjproject/files/pjproject-2.7.2-ssl-flipflop.patch b/net-libs/pjproject/files/pjproject-2.7.2-ssl-flipflop.patch deleted file mode 100644 index c984bc629629..000000000000 --- a/net-libs/pjproject/files/pjproject-2.7.2-ssl-flipflop.patch +++ /dev/null @@ -1,103 +0,0 @@ ---- pjproject-2.7.1.ORIG/aconfigure.ac 2018-02-06 11:34:20.973411193 +0000 -+++ pjproject-2.7.1/aconfigure.ac 2018-02-06 13:33:31.525015674 +0000 -@@ -1551,57 +1551,56 @@ - enable_ssl=no - fi - --dnl # Include SSL support -+dnl # Correct --enable vs --disable SSL flipflop logic - AC_SUBST(ac_no_ssl) - AC_SUBST(ac_ssl_has_aes_gcm,0) - AC_ARG_ENABLE(ssl, - AS_HELP_STRING([--disable-ssl], - [Exclude SSL support the build (default: autodetect)]) -- , -- [ -- if test "$enable_ssl" = "no"; then -- [ac_no_ssl=1] -- AC_MSG_RESULT([Checking if SSL support is disabled... yes]) -- fi -- ], -- [ -- AC_MSG_RESULT([checking for OpenSSL installations..]) -- if test "x$with_ssl" != "xno" -a "x$with_ssl" != "x"; then -- CFLAGS="$CFLAGS -I$with_ssl/include" -- LDFLAGS="$LDFLAGS -L$with_ssl/lib" -- AC_MSG_RESULT([Using SSL prefix... $with_ssl]) -- fi -- AC_SUBST(openssl_h_present) -- AC_SUBST(libssl_present) -- AC_SUBST(libcrypto_present) -- AC_CHECK_HEADER(openssl/ssl.h,[openssl_h_present=1]) -- AC_CHECK_LIB(crypto,ERR_load_BIO_strings,[libcrypto_present=1 && LIBS="-lcrypto $LIBS"]) -- AC_CHECK_LIB(ssl,SSL_CTX_new,[libssl_present=1 && LIBS="-lssl $LIBS"]) -- if test "x$openssl_h_present" = "x1" -a "x$libssl_present" = "x1" -a "x$libcrypto_present" = "x1"; then -- AC_MSG_RESULT([OpenSSL library found, SSL support enabled]) -- -- # Check if SRTP should be compiled with OpenSSL -- # support, to enable cryptos such as AES GCM. -- -- # EVP_CIPHER_CTX is now opaque in OpenSSL 1.1.0, libsrtp 1.5.4 uses it as a transparent type. -- # Update 2.7: our bundled libsrtp has been upgraded to 2.1.0, -- # so we can omit EVP_CIPHER_CTX definition check now. -- AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[#include <openssl/evp.h>]], -- [EVP_CIPHER_CTX *ctx;EVP_aes_128_gcm();])], -- [AC_CHECK_LIB(crypto,EVP_aes_128_gcm,[ac_ssl_has_aes_gcm=1])]) -- if test "x$ac_ssl_has_aes_gcm" = "x1"; then -- AC_MSG_RESULT([OpenSSL has AES GCM support, SRTP will use OpenSSL]) -- else -- AC_MSG_RESULT([OpenSSL AES GCM support not found, SRTP will only support AES CM cryptos]) -- fi -- -- # PJSIP_HAS_TLS_TRANSPORT setting follows PJ_HAS_SSL_SOCK -- #AC_DEFINE(PJSIP_HAS_TLS_TRANSPORT, 1) -- AC_DEFINE(PJ_HAS_SSL_SOCK, 1) -+) -+ -+dnl # OpenSSL detection -+AC_MSG_CHECKING([OpenSSL installations]) -+if test "x$enable_ssl" = "xno"; then -+ ac_no_ssl=1 -+ AC_MSG_RESULT([explicitly disabled]) -+else -+ if test "x$with_ssl" != "xno" -a "x$with_ssl" != "x"; then -+ CFLAGS="$CFLAGS -I$with_ssl/include" -+ LDFLAGS="$LDFLAGS -L$with_ssl/lib" -+ AC_MSG_RESULT([Using SSL prefix... $with_ssl]) -+ fi -+ AC_SUBST(openssl_h_present) -+ AC_SUBST(libssl_present) -+ AC_SUBST(libcrypto_present) -+ AC_CHECK_HEADER(openssl/ssl.h,[openssl_h_present=1]) -+ AC_CHECK_LIB(crypto,ERR_load_BIO_strings,[libcrypto_present=1 && LIBS="-lcrypto $LIBS"]) -+ AC_CHECK_LIB(ssl,SSL_CTX_new,[libssl_present=1 && LIBS="-lssl $LIBS"]) -+ if test "x$openssl_h_present" = "x1" -a "x$libssl_present" = "x1" -a "x$libcrypto_present" = "x1"; then -+ AC_MSG_RESULT([OpenSSL library found, SSL support enabled]) -+ -+ # Check if SRTP should be compiled with OpenSSL -+ # support, to enable cryptos such as AES GCM. -+ -+ # EVP_CIPHER_CTX is now opaque in OpenSSL 1.1.0, libsrtp 1.5.4 uses it as a transparent type. -+ # Update 2.7: our bundled libsrtp has been upgraded to 2.1.0, -+ # so we can omit EVP_CIPHER_CTX definition check now. -+ AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[#include <openssl/evp.h>]], -+ [EVP_CIPHER_CTX *ctx;EVP_aes_128_gcm();])], -+ [AC_CHECK_LIB(crypto,EVP_aes_128_gcm,[ac_ssl_has_aes_gcm=1])]) -+ if test "x$ac_ssl_has_aes_gcm" = "x1"; then -+ AC_MSG_RESULT([OpenSSL has AES GCM support, SRTP will use OpenSSL]) - else -- AC_MSG_RESULT([** OpenSSL libraries not found, disabling SSL support **]) -+ AC_MSG_RESULT([OpenSSL AES GCM support not found, SRTP will only support AES CM cryptos]) - fi -- ]) -+ -+ # PJSIP_HAS_TLS_TRANSPORT setting follows PJ_HAS_SSL_SOCK -+ #AC_DEFINE(PJSIP_HAS_TLS_TRANSPORT, 1) -+ AC_DEFINE(PJ_HAS_SSL_SOCK, 1) -+ else -+ AC_MSG_RESULT([** OpenSSL libraries not found, disabling SSL support **]) -+ fi -+fi - - dnl # Obsolete option --with-opencore-amrnb - AC_ARG_WITH(opencore-amrnb, |