summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat (limited to 'net-vpn/openvpn')
-rw-r--r--net-vpn/openvpn/files/openvpn-2.4.5-libressl-macro-fix.patch63
-rw-r--r--net-vpn/openvpn/files/openvpn-2.4.7-libressl.patch49
-rw-r--r--net-vpn/openvpn/files/openvpn-2.5-external-cmocka.patch65
-rw-r--r--net-vpn/openvpn/files/openvpn-external-cmocka.patch62
4 files changed, 0 insertions, 239 deletions
diff --git a/net-vpn/openvpn/files/openvpn-2.4.5-libressl-macro-fix.patch b/net-vpn/openvpn/files/openvpn-2.4.5-libressl-macro-fix.patch
deleted file mode 100644
index 13b976009524..000000000000
--- a/net-vpn/openvpn/files/openvpn-2.4.5-libressl-macro-fix.patch
+++ /dev/null
@@ -1,63 +0,0 @@
-diff --git a/configure.ac b/configure.ac
-index 626b4dd..2a8e87f 100644
---- a/configure.ac
-+++ b/configure.ac
-@@ -948,6 +948,18 @@ if test "${with_crypto_library}" = "openssl"; then
- EC_GROUP_order_bits
- ]
- )
-+ AC_CHECK_DECLS(
-+ [
-+ SSL_CTX_get_min_proto_version,
-+ SSL_CTX_get_max_proto_version,
-+ SSL_CTX_set_min_proto_version,
-+ SSL_CTX_set_max_proto_version,
-+ ],
-+ ,
-+ ,
-+ [[#include <openssl/ssl.h>]]
-+
-+ )
-
- CFLAGS="${saved_CFLAGS}"
- LIBS="${saved_LIBS}"
-diff --git a/src/openvpn/openssl_compat.h b/src/openvpn/openssl_compat.h
-index d375fab..340d452 100644
---- a/src/openvpn/openssl_compat.h
-+++ b/src/openvpn/openssl_compat.h
-@@ -661,7 +661,7 @@ EC_GROUP_order_bits(const EC_GROUP *group)
- #define RSA_F_RSA_OSSL_PRIVATE_ENCRYPT RSA_F_RSA_EAY_PRIVATE_ENCRYPT
- #endif
-
--#ifndef SSL_CTX_get_min_proto_version
-+#if !HAVE_DECL_SSL_CTX_GET_MIN_PROTO_VERSION
- /** Return the min SSL protocol version currently enabled in the context.
- * If no valid version >= TLS1.0 is found, return 0. */
- static inline int
-@@ -684,7 +684,7 @@ SSL_CTX_get_min_proto_version(SSL_CTX *ctx)
- }
- #endif /* SSL_CTX_get_min_proto_version */
-
--#ifndef SSL_CTX_get_max_proto_version
-+#if !HAVE_DECL_SSL_CTX_GET_MAX_PROTO_VERSION
- /** Return the max SSL protocol version currently enabled in the context.
- * If no valid version >= TLS1.0 is found, return 0. */
- static inline int
-@@ -707,7 +707,7 @@ SSL_CTX_get_max_proto_version(SSL_CTX *ctx)
- }
- #endif /* SSL_CTX_get_max_proto_version */
-
--#ifndef SSL_CTX_set_min_proto_version
-+#if !HAVE_DECL_SSL_CTX_SET_MIN_PROTO_VERSION
- /** Mimics SSL_CTX_set_min_proto_version for OpenSSL < 1.1 */
- static inline int
- SSL_CTX_set_min_proto_version(SSL_CTX *ctx, long tls_ver_min)
-@@ -736,7 +736,7 @@ SSL_CTX_set_min_proto_version(SSL_CTX *ctx, long tls_ver_min)
- }
- #endif /* SSL_CTX_set_min_proto_version */
-
--#ifndef SSL_CTX_set_max_proto_version
-+#if !HAVE_DECL_SSL_CTX_SET_MAX_PROTO_VERSION
- /** Mimics SSL_CTX_set_max_proto_version for OpenSSL < 1.1 */
- static inline int
- SSL_CTX_set_max_proto_version(SSL_CTX *ctx, long tls_ver_max)
diff --git a/net-vpn/openvpn/files/openvpn-2.4.7-libressl.patch b/net-vpn/openvpn/files/openvpn-2.4.7-libressl.patch
deleted file mode 100644
index 210189cd4d4d..000000000000
--- a/net-vpn/openvpn/files/openvpn-2.4.7-libressl.patch
+++ /dev/null
@@ -1,49 +0,0 @@
-From 4faf695e3c42a81131c2aae96c4a60228aa237a5 Mon Sep 17 00:00:00 2001
-From: Stefan Strogin <stefan.strogin@gmail.com>
-Date: Sat, 23 Feb 2019 20:13:41 +0200
-Subject: [PATCH] Fix compilation with LibreSSL
-
-TLS 1.3 is not ready yet in LibreSSL.
-Also SSL_get1_supported_ciphers() has been just added into master (not yet
-released).
-
-Upstream-Status: Submitted [https://github.com/OpenVPN/openvpn/pull/123]
-Signed-off-by: Stefan Strogin <stefan.strogin@gmail.com>
----
- src/openvpn/ssl_openssl.c | 6 +++---
- 1 file changed, 3 insertions(+), 3 deletions(-)
-
-diff --git a/src/openvpn/ssl_openssl.c b/src/openvpn/ssl_openssl.c
-index a78dae99..6a8fcef3 100644
---- a/src/openvpn/ssl_openssl.c
-+++ b/src/openvpn/ssl_openssl.c
-@@ -459,7 +459,7 @@ tls_ctx_restrict_ciphers_tls13(struct tls_root_ctx *ctx, const char *ciphers)
- return;
- }
-
--#if (OPENSSL_VERSION_NUMBER < 0x1010100fL)
-+#if (OPENSSL_VERSION_NUMBER < 0x1010100fL) || defined(LIBRESSL_VERSION_NUMBER)
- crypto_msg(M_WARN, "Not compiled with OpenSSL 1.1.1 or higher. "
- "Ignoring TLS 1.3 only tls-ciphersuites '%s' setting.",
- ciphers);
-@@ -1846,7 +1846,7 @@ show_available_tls_ciphers_list(const char *cipher_list,
- crypto_msg(M_FATAL, "Cannot create SSL_CTX object");
- }
-
--#if (OPENSSL_VERSION_NUMBER >= 0x1010100fL)
-+#if (OPENSSL_VERSION_NUMBER >= 0x1010100fL && !defined(LIBRESSL_VERSION_NUMBER))
- if (tls13)
- {
- SSL_CTX_set_min_proto_version(tls_ctx.ctx, TLS1_3_VERSION);
-@@ -1867,7 +1867,7 @@ show_available_tls_ciphers_list(const char *cipher_list,
- crypto_msg(M_FATAL, "Cannot create SSL object");
- }
-
--#if (OPENSSL_VERSION_NUMBER < 0x1010000fL)
-+#if (OPENSSL_VERSION_NUMBER < 0x1010000fL) || defined(LIBRESSL_VERSION_NUMBER)
- STACK_OF(SSL_CIPHER) *sk = SSL_get_ciphers(ssl);
- #else
- STACK_OF(SSL_CIPHER) *sk = SSL_get1_supported_ciphers(ssl);
---
-2.20.1
-
diff --git a/net-vpn/openvpn/files/openvpn-2.5-external-cmocka.patch b/net-vpn/openvpn/files/openvpn-2.5-external-cmocka.patch
deleted file mode 100644
index d339dcd558b1..000000000000
--- a/net-vpn/openvpn/files/openvpn-2.5-external-cmocka.patch
+++ /dev/null
@@ -1,65 +0,0 @@
-diff --git a/configure.ac b/configure.ac
-index 1e6891b1..c801789c 100644
---- a/configure.ac
-+++ b/configure.ac
-@@ -1312,6 +1312,21 @@ if test "${enable_async_push}" = "yes"; then
- )
- fi
-
-+AC_ARG_ENABLE(
-+ [tests],
-+ AS_HELP_STRING([--enable-tests], [enable unit tests @<:@default=no@:>@])
-+)
-+
-+if test "${enable_tests}" = "yes"; then
-+ PKG_CHECK_MODULES([CMOCKA], [cmocka])
-+ TEST_CFLAGS="${CMOCKA_CFLAGS}"
-+ TEST_LDFLAGS="${CMOCKA_LIBS}"
-+ AC_SUBST([TEST_CFLAGS])
-+ AC_SUBST([TEST_LDFLAGS])
-+fi
-+AM_CONDITIONAL([ENABLE_TESTS], [test "${enable_tests}" = "yes"])
-+AM_CONDITIONAL([CMOCKA_INITIALIZED], [false])
-+
- CONFIGURE_DEFINES="`set | grep '^enable_.*=' ; set | grep '^with_.*='`"
- AC_DEFINE_UNQUOTED([CONFIGURE_DEFINES], ["`echo ${CONFIGURE_DEFINES}`"], [Configuration settings])
-
-@@ -1360,27 +1375,6 @@ AC_SUBST([VENDOR_SRC_ROOT])
- AC_SUBST([VENDOR_BUILD_ROOT])
- AC_SUBST([VENDOR_DIST_ROOT])
-
--TEST_LDFLAGS="${OPTIONAL_CRYPTO_LIBS} ${OPTIONAL_PKCS11_LIBS} -lcmocka -L\$(abs_top_builddir)/vendor/dist/lib -Wl,-rpath,\$(abs_top_builddir)/vendor/dist/lib"
--TEST_CFLAGS="${OPTIONAL_CRYPTO_CFLAGS} ${OPTIONAL_PKCS11_CFLAGS} -I\$(top_srcdir)/include -I\$(abs_top_builddir)/vendor/dist/include"
--
--AC_SUBST([TEST_LDFLAGS])
--AC_SUBST([TEST_CFLAGS])
--
--# Check if cmake is available and cmocka git submodule is initialized,
--# needed for unit testing
--AC_CHECK_PROGS([CMAKE], [cmake])
--if test -n "${CMAKE}"; then
-- if test -f "${srcdir}/vendor/cmocka/CMakeLists.txt"; then
-- AM_CONDITIONAL([CMOCKA_INITIALIZED], [true])
-- else
-- AM_CONDITIONAL([CMOCKA_INITIALIZED], [false])
-- AC_MSG_RESULT([!! WARNING !! The cmoka git submodule has not been initialized or updated. Unit testing cannot be performed.])
-- fi
--else
-- AC_MSG_RESULT([!! WARNING !! CMake is NOT available. Unit testing cannot be performed.])
-- AM_CONDITIONAL([CMOCKA_INITIALIZED], [false])
--fi
--
-
- AC_CONFIG_FILES([
- version.sh
-diff --git a/tests/unit_tests/Makefile.am b/tests/unit_tests/Makefile.am
-index 31d37b89..4b7fb41d 100644
---- a/tests/unit_tests/Makefile.am
-+++ b/tests/unit_tests/Makefile.am
-@@ -1,5 +1,5 @@
- AUTOMAKE_OPTIONS = foreign
-
--if CMOCKA_INITIALIZED
-+if ENABLE_TESTS
- SUBDIRS = example_test openvpn plugins
- endif
diff --git a/net-vpn/openvpn/files/openvpn-external-cmocka.patch b/net-vpn/openvpn/files/openvpn-external-cmocka.patch
deleted file mode 100644
index eecc5076b4e8..000000000000
--- a/net-vpn/openvpn/files/openvpn-external-cmocka.patch
+++ /dev/null
@@ -1,62 +0,0 @@
-diff --git a/configure.ac b/configure.ac
-index f4073d0..9afcc90 100644
---- a/configure.ac
-+++ b/configure.ac
-@@ -1211,6 +1211,21 @@ if test "${enable_async_push}" = "yes"; then
- )
- fi
-
-+AC_ARG_ENABLE(
-+ [tests],
-+ AS_HELP_STRING([--enable-tests], [enable unit tests @<:@default=no@:>@])
-+)
-+
-+if test "${enable_tests}" = "yes"; then
-+ PKG_CHECK_MODULES([CMOCKA], [cmocka])
-+ TEST_CFLAGS="${CMOCKA_CFLAGS}"
-+ TEST_LDFLAGS="${CMOCKA_LIBS}"
-+ AC_SUBST([TEST_CFLAGS])
-+ AC_SUBST([TEST_LDFLAGS])
-+fi
-+AM_CONDITIONAL([ENABLE_TESTS], [test "${enable_tests}" = "yes"])
-+AM_CONDITIONAL([CMOCKA_INITIALIZED], [false])
-+
- CONFIGURE_DEFINES="`set | grep '^enable_.*=' ; set | grep '^with_.*='`"
- AC_DEFINE_UNQUOTED([CONFIGURE_DEFINES], ["`echo ${CONFIGURE_DEFINES}`"], [Configuration settings])
-
-@@ -1257,28 +1272,6 @@ AC_SUBST([VENDOR_SRC_ROOT])
- AC_SUBST([VENDOR_BUILD_ROOT])
- AC_SUBST([VENDOR_DIST_ROOT])
-
--TEST_LDFLAGS="-lcmocka -L\$(abs_top_builddir)/vendor/dist/lib -Wl,-rpath,\$(abs_top_builddir)/vendor/dist/lib"
--TEST_CFLAGS="-I\$(top_srcdir)/include -I\$(abs_top_builddir)/vendor/dist/include"
--
--AC_SUBST([TEST_LDFLAGS])
--AC_SUBST([TEST_CFLAGS])
--
--# Check if cmake is available and cmocka git submodule is initialized,
--# needed for unit testing
--AC_CHECK_PROGS([CMAKE], [cmake])
--if test -n "${CMAKE}"; then
-- if test -f "${srcdir}/vendor/cmocka/CMakeLists.txt"; then
-- AM_CONDITIONAL([CMOCKA_INITIALIZED], [true])
-- else
-- AM_CONDITIONAL([CMOCKA_INITIALIZED], [false])
-- AC_MSG_RESULT([!! WARNING !! The cmoka git submodule has not been initialized or updated. Unit testing cannot be performed.])
-- fi
--else
-- AC_MSG_RESULT([!! WARNING !! CMake is NOT available. Unit testing cannot be performed.])
-- AM_CONDITIONAL([CMOCKA_INITIALIZED], [false])
--fi
--
--
- AC_CONFIG_FILES([
- version.sh
- Makefile
-diff --git a/tests/unit_tests/Makefile.am b/tests/unit_tests/Makefile.am
-index 31d37b8..4b7fb41 100644
---- a/tests/unit_tests/Makefile.am
-+++ b/tests/unit_tests/Makefile.am
-@@ -3 +3 @@ AUTOMAKE_OPTIONS = foreign
--if CMOCKA_INITIALIZED
-+if ENABLE_TESTS