summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--net-libs/pjproject/files/pjproject-2.7.2-libressl.patch98
-rw-r--r--net-libs/pjproject/files/pjproject-2.7.2-ssl-flipflop.patch103
2 files changed, 0 insertions, 201 deletions
diff --git a/net-libs/pjproject/files/pjproject-2.7.2-libressl.patch b/net-libs/pjproject/files/pjproject-2.7.2-libressl.patch
deleted file mode 100644
index 07efa9ccb8fd..000000000000
--- a/net-libs/pjproject/files/pjproject-2.7.2-libressl.patch
+++ /dev/null
@@ -1,98 +0,0 @@
-Index: /third_party/srtp/crypto/hash/hmac_ossl.c
-===================================================================
---- /third_party/srtp/crypto/hash/hmac_ossl.c (revision 5725)
-+++ /third_party/srtp/crypto/hash/hmac_ossl.c (revision 5726)
-@@ -52,6 +52,8 @@
- #include <openssl/evp.h>
- #include <openssl/hmac.h>
-+#include <openssl/opensslv.h>
-
- #define SHA1_DIGEST_SIZE 20
-+#define USING_LIBRESSL (defined(LIBRESSL_VERSION_NUMBER))
-
- /* the debug module for authentiation */
-@@ -77,5 +79,5 @@
- /* OpenSSL 1.1.0 made HMAC_CTX an opaque structure, which must be allocated
- using HMAC_CTX_new. But this function doesn't exist in OpenSSL 1.0.x. */
--#if OPENSSL_VERSION_NUMBER < 0x10100000L
-+#if USING_LIBRESSL || OPENSSL_VERSION_NUMBER < 0x10100000L
- {
- /* allocate memory for auth and HMAC_CTX structures */
-@@ -122,5 +124,5 @@
- hmac_ctx = (HMAC_CTX*)a->state;
-
--#if OPENSSL_VERSION_NUMBER < 0x10100000L
-+#if USING_LIBRESSL || OPENSSL_VERSION_NUMBER < 0x10100000L
- HMAC_CTX_cleanup(hmac_ctx);
-
-Index: /pjlib/src/pj/ssl_sock_ossl.c
-===================================================================
---- /pjlib/src/pj/ssl_sock_ossl.c (revision 5725)
-+++ /pjlib/src/pj/ssl_sock_ossl.c (revision 5726)
-@@ -56,6 +56,10 @@
- #include <openssl/rand.h>
- #include <openssl/opensslconf.h>
--
--#if !defined(OPENSSL_NO_EC) && OPENSSL_VERSION_NUMBER >= 0x1000200fL
-+#include <openssl/opensslv.h>
-+
-+#define USING_LIBRESSL (defined(LIBRESSL_VERSION_NUMBER))
-+
-+#if !USING_LIBRESSL && !defined(OPENSSL_NO_EC) \
-+ && OPENSSL_VERSION_NUMBER >= 0x1000200fL
-
- # include <openssl/obj_mac.h>
-@@ -115,5 +119,5 @@
-
-
--#if OPENSSL_VERSION_NUMBER >= 0x10100000L
-+#if !USING_LIBRESSL && OPENSSL_VERSION_NUMBER >= 0x10100000L
- # define OPENSSL_NO_SSL2 /* seems to be removed in 1.1.0 */
- # define M_ASN1_STRING_data(x) ASN1_STRING_get0_data(x)
-@@ -539,5 +543,5 @@
-
- /* Init OpenSSL lib */
--#if OPENSSL_VERSION_NUMBER < 0x10100000L
-+#if USING_LIBRESSL || OPENSSL_VERSION_NUMBER < 0x10100000L
- SSL_library_init();
- SSL_load_error_strings();
-@@ -560,5 +564,7 @@
- const char *cname;
-
--#if OPENSSL_VERSION_NUMBER < 0x10100000L
-+#if (USING_LIBRESSL && LIBRESSL_VERSION_NUMBER < 0x2020100fL)\
-+ || OPENSSL_VERSION_NUMBER < 0x10100000L
-+
- meth = (SSL_METHOD*)SSLv23_server_method();
- if (!meth)
-@@ -603,5 +609,6 @@
- SSL_set_session(ssl, SSL_SESSION_new());
-
--#if !defined(OPENSSL_NO_EC) && OPENSSL_VERSION_NUMBER >= 0x1000200fL
-+#if !USING_LIBRESSL && !defined(OPENSSL_NO_EC) \
-+ && OPENSSL_VERSION_NUMBER >= 0x1000200fL
- openssl_curves_num = SSL_get_shared_curve(ssl,-1);
- if (openssl_curves_num > PJ_ARRAY_SIZE(openssl_curves))
-@@ -795,5 +802,6 @@
-
- /* Determine SSL method to use */
--#if OPENSSL_VERSION_NUMBER < 0x10100000L
-+#if (USING_LIBRESSL && LIBRESSL_VERSION_NUMBER < 0x2020100fL)\
-+ || OPENSSL_VERSION_NUMBER < 0x10100000L
- switch (ssock->param.proto) {
- case PJ_SSL_SOCK_PROTO_TLS1:
-@@ -1232,5 +1240,6 @@
- static pj_status_t set_curves_list(pj_ssl_sock_t *ssock)
- {
--#if !defined(OPENSSL_NO_EC) && OPENSSL_VERSION_NUMBER >= 0x1000200fL
-+#if !USING_LIBRESSL && !defined(OPENSSL_NO_EC) \
-+ && OPENSSL_VERSION_NUMBER >= 0x1000200fL
- int ret;
- int curves[PJ_SSL_SOCK_MAX_CURVES];
-@@ -1263,5 +1272,5 @@
- static pj_status_t set_sigalgs(pj_ssl_sock_t *ssock)
- {
--#if OPENSSL_VERSION_NUMBER >= 0x1000200fL
-+#if !USING_LIBRESSL && OPENSSL_VERSION_NUMBER >= 0x1000200fL
- int ret;
-
diff --git a/net-libs/pjproject/files/pjproject-2.7.2-ssl-flipflop.patch b/net-libs/pjproject/files/pjproject-2.7.2-ssl-flipflop.patch
deleted file mode 100644
index c984bc629629..000000000000
--- a/net-libs/pjproject/files/pjproject-2.7.2-ssl-flipflop.patch
+++ /dev/null
@@ -1,103 +0,0 @@
---- pjproject-2.7.1.ORIG/aconfigure.ac 2018-02-06 11:34:20.973411193 +0000
-+++ pjproject-2.7.1/aconfigure.ac 2018-02-06 13:33:31.525015674 +0000
-@@ -1551,57 +1551,56 @@
- enable_ssl=no
- fi
-
--dnl # Include SSL support
-+dnl # Correct --enable vs --disable SSL flipflop logic
- AC_SUBST(ac_no_ssl)
- AC_SUBST(ac_ssl_has_aes_gcm,0)
- AC_ARG_ENABLE(ssl,
- AS_HELP_STRING([--disable-ssl],
- [Exclude SSL support the build (default: autodetect)])
-- ,
-- [
-- if test "$enable_ssl" = "no"; then
-- [ac_no_ssl=1]
-- AC_MSG_RESULT([Checking if SSL support is disabled... yes])
-- fi
-- ],
-- [
-- AC_MSG_RESULT([checking for OpenSSL installations..])
-- if test "x$with_ssl" != "xno" -a "x$with_ssl" != "x"; then
-- CFLAGS="$CFLAGS -I$with_ssl/include"
-- LDFLAGS="$LDFLAGS -L$with_ssl/lib"
-- AC_MSG_RESULT([Using SSL prefix... $with_ssl])
-- fi
-- AC_SUBST(openssl_h_present)
-- AC_SUBST(libssl_present)
-- AC_SUBST(libcrypto_present)
-- AC_CHECK_HEADER(openssl/ssl.h,[openssl_h_present=1])
-- AC_CHECK_LIB(crypto,ERR_load_BIO_strings,[libcrypto_present=1 && LIBS="-lcrypto $LIBS"])
-- AC_CHECK_LIB(ssl,SSL_CTX_new,[libssl_present=1 && LIBS="-lssl $LIBS"])
-- if test "x$openssl_h_present" = "x1" -a "x$libssl_present" = "x1" -a "x$libcrypto_present" = "x1"; then
-- AC_MSG_RESULT([OpenSSL library found, SSL support enabled])
--
-- # Check if SRTP should be compiled with OpenSSL
-- # support, to enable cryptos such as AES GCM.
--
-- # EVP_CIPHER_CTX is now opaque in OpenSSL 1.1.0, libsrtp 1.5.4 uses it as a transparent type.
-- # Update 2.7: our bundled libsrtp has been upgraded to 2.1.0,
-- # so we can omit EVP_CIPHER_CTX definition check now.
-- AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[#include <openssl/evp.h>]],
-- [EVP_CIPHER_CTX *ctx;EVP_aes_128_gcm();])],
-- [AC_CHECK_LIB(crypto,EVP_aes_128_gcm,[ac_ssl_has_aes_gcm=1])])
-- if test "x$ac_ssl_has_aes_gcm" = "x1"; then
-- AC_MSG_RESULT([OpenSSL has AES GCM support, SRTP will use OpenSSL])
-- else
-- AC_MSG_RESULT([OpenSSL AES GCM support not found, SRTP will only support AES CM cryptos])
-- fi
--
-- # PJSIP_HAS_TLS_TRANSPORT setting follows PJ_HAS_SSL_SOCK
-- #AC_DEFINE(PJSIP_HAS_TLS_TRANSPORT, 1)
-- AC_DEFINE(PJ_HAS_SSL_SOCK, 1)
-+)
-+
-+dnl # OpenSSL detection
-+AC_MSG_CHECKING([OpenSSL installations])
-+if test "x$enable_ssl" = "xno"; then
-+ ac_no_ssl=1
-+ AC_MSG_RESULT([explicitly disabled])
-+else
-+ if test "x$with_ssl" != "xno" -a "x$with_ssl" != "x"; then
-+ CFLAGS="$CFLAGS -I$with_ssl/include"
-+ LDFLAGS="$LDFLAGS -L$with_ssl/lib"
-+ AC_MSG_RESULT([Using SSL prefix... $with_ssl])
-+ fi
-+ AC_SUBST(openssl_h_present)
-+ AC_SUBST(libssl_present)
-+ AC_SUBST(libcrypto_present)
-+ AC_CHECK_HEADER(openssl/ssl.h,[openssl_h_present=1])
-+ AC_CHECK_LIB(crypto,ERR_load_BIO_strings,[libcrypto_present=1 && LIBS="-lcrypto $LIBS"])
-+ AC_CHECK_LIB(ssl,SSL_CTX_new,[libssl_present=1 && LIBS="-lssl $LIBS"])
-+ if test "x$openssl_h_present" = "x1" -a "x$libssl_present" = "x1" -a "x$libcrypto_present" = "x1"; then
-+ AC_MSG_RESULT([OpenSSL library found, SSL support enabled])
-+
-+ # Check if SRTP should be compiled with OpenSSL
-+ # support, to enable cryptos such as AES GCM.
-+
-+ # EVP_CIPHER_CTX is now opaque in OpenSSL 1.1.0, libsrtp 1.5.4 uses it as a transparent type.
-+ # Update 2.7: our bundled libsrtp has been upgraded to 2.1.0,
-+ # so we can omit EVP_CIPHER_CTX definition check now.
-+ AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[#include <openssl/evp.h>]],
-+ [EVP_CIPHER_CTX *ctx;EVP_aes_128_gcm();])],
-+ [AC_CHECK_LIB(crypto,EVP_aes_128_gcm,[ac_ssl_has_aes_gcm=1])])
-+ if test "x$ac_ssl_has_aes_gcm" = "x1"; then
-+ AC_MSG_RESULT([OpenSSL has AES GCM support, SRTP will use OpenSSL])
- else
-- AC_MSG_RESULT([** OpenSSL libraries not found, disabling SSL support **])
-+ AC_MSG_RESULT([OpenSSL AES GCM support not found, SRTP will only support AES CM cryptos])
- fi
-- ])
-+
-+ # PJSIP_HAS_TLS_TRANSPORT setting follows PJ_HAS_SSL_SOCK
-+ #AC_DEFINE(PJSIP_HAS_TLS_TRANSPORT, 1)
-+ AC_DEFINE(PJ_HAS_SSL_SOCK, 1)
-+ else
-+ AC_MSG_RESULT([** OpenSSL libraries not found, disabling SSL support **])
-+ fi
-+fi
-
- dnl # Obsolete option --with-opencore-amrnb
- AC_ARG_WITH(opencore-amrnb,