diff options
author | V3n3RiX <venerix@koprulu.sector> | 2023-04-26 06:14:16 +0100 |
---|---|---|
committer | V3n3RiX <venerix@koprulu.sector> | 2023-04-26 06:14:16 +0100 |
commit | d5d36fc823b7189d033e69314ae2764f1eed9168 (patch) | |
tree | 7ad153046482fd6c121d0654933c134a72aab4d6 /net-vpn/tor | |
parent | 81a92c310907a51d2a03b6d470f4276a7d7ac00c (diff) |
gentoo auto-resync : 26:04:2023 - 06:14:16
Diffstat (limited to 'net-vpn/tor')
-rw-r--r-- | net-vpn/tor/Manifest | 3 | ||||
-rw-r--r-- | net-vpn/tor/files/tor-0.4.7.13-libressl.patch | 161 | ||||
-rw-r--r-- | net-vpn/tor/tor-0.4.7.13-r1.ebuild | 1 |
3 files changed, 164 insertions, 1 deletions
diff --git a/net-vpn/tor/Manifest b/net-vpn/tor/Manifest index fa09f1daa24d..f800f9fdf398 100644 --- a/net-vpn/tor/Manifest +++ b/net-vpn/tor/Manifest @@ -1,5 +1,6 @@ AUX README.gentoo 316 BLAKE2B 9c962395e49a2eff8411e7fb3996d99e504b0023712151acdd6bee43755be89d52c970cbf7e5aae62c0adfb33ff7ad072578b88a40857bffb359a3d2c8571947 SHA512 6ca305c710562c0f9a3f0cba07760adf300ea166c8baa47e8872719190d779fb63d4dd6c9193fb60ddb51015138790aaa93935668423e0f861f05496d22ce660 AUX tor-0.2.7.4-torrc.sample.patch 1341 BLAKE2B c6b398d6fd417e9029196046529109ed52c7c5dd6bd38505261116e15d1516a6e200583b480fe50b6e971d2ab4336673f9e75effa9dc8d3858c6248fbe31a69b SHA512 4a6b855734717416b6615fbd76bb75a54731767a74d3ade8c58fe52f4a42ee51c93ff8d591943343f319018e18d65b768bbe8fe936200ad829ab1e262c5e9b0f +AUX tor-0.4.7.13-libressl.patch 5946 BLAKE2B 443129b81c6221c4e007b921f266fb93d17d9fdc3674ed3937362a85dde650054d060a6509e37ec7475fd93e373f7619bc9839e2da59f3632ee3a1ca4b3bbe45 SHA512 a473d4701478e9fc6a11b64edf409a155e4c844290049ca2eebb1661913358750a9972634d88f50da3b4b9cb86650b91e2bd4a861a989f55882494e0f7c73e0a AUX tor.confd 44 BLAKE2B 70df86a361c7b735283c5699e4d8d8a054a84629c749adb4dc57c196d49df4492471cb8b21dde43d668b31171ee2dfae81562a70367c72801ae60046908b022e SHA512 9028ac41e3acdf4405095addb69537e87edecafaec840296ac27a5a8992fe132dc822e4e4abb8826f76460c438da2719dea17859690d03e17198a82086a3d660 AUX tor.initd-r9 942 BLAKE2B 1008ed981e1e7040b098f5c8c509e6a5de89e94b6fa110998c50b0521b99cb80e9b793a78de3de0e0e89d56553c32f3a6566015dd2c4fd77c812577f6f637d7a SHA512 fa3a6f52dc733d27f954299cfb32fc813ef731e1d124096450f7b53f0e4fce9f41cf48b66651d1f5383c18bdca8a87d6bbe03c65dc8a5f9a58660bb8db0040a1 AUX tor.service 1050 BLAKE2B 7f6553b9f4b928f0c924d73ee6f9df8a99ee75ec1801f6b865a7d8e40ff30290bf836907b561586d0f429b7ddf05286ab51974d207906a0fe52cb2fbcc8e160f SHA512 786481b20d7cab9696656c5136ff74c9c2aaa73ca3d63b163a294b9b3c4b628da387cb5ec3ada81277ca81cff16ead5162f3b4d64cb0d773c22f2e4607c3194b @@ -7,5 +8,5 @@ AUX torrc-r2 136 BLAKE2B 022636974f24bc630657a67fe95805b1d647a5d18cce3dbc6fd42e9 DIST tor-0.4.7.13.tar.gz 8031948 BLAKE2B 338a0a541423f27f594a091307b5edeafc9826bb651c2bd050f3282c9355d9d43d1ef4791f3c98a37dc4c0f64bc40925ea1c1e32cbdff78b1a7308df501f279a SHA512 0900416887afbb24f7b72e6ef181b7b01308d1bb35c37736f3b13e06810a07febf9f47fadd9ff6c0e73204d93b49545e4e2516906eb3ba74398ad2b299f530be DIST tor-0.4.7.13.tar.gz.sha256sum 86 BLAKE2B 339db9869bfe485cbd328fe942cc23e60c08ad67fc2d9e7927ed3c9f3b606192e5efac34013c5bf0b0e8b26e957dcf8b586e1cc0a0c27756b8b3d823af37fdee SHA512 ec1d19fa662255df5dd575ba943f4ccb30d9dfa49ff656cdfa73df2d24248b52a3bfd715f4d3efe11d8129968b0e06e3c75e8d82416e1807020ebf65f65401a0 DIST tor-0.4.7.13.tar.gz.sha256sum.asc 716 BLAKE2B 968a3852293ab9bcadac626862c9dc360b17de5afd00af7c46358fa2adfc03b55c02dfe029e9427efba999f553489a04388b395e8fb8fe16325e0895663c2deb SHA512 eb78e8369941d8de833e3616a9a1c1e59b0d3dde918353e2f4fa5eb5da09f038238c46f5e180844bd3cba1211a9daa6d60e9ddb5690998e27a6b7d1616aa20cc -EBUILD tor-0.4.7.13-r1.ebuild 3297 BLAKE2B 8486619dfbfb31d6d3f19a68da6ce9df952d9a1cca41d6178291f936f9f6de9bccabfac91e88910994657d81c7519384f1c7e6913d091daed0de123ffb110445 SHA512 9b0098aff20cdd176974e87abc7c81dc724a49eec1166b743a2f09512c41f7665aeebec81f492eaeeabfbdf4b8807d6bd1c79d58f9f15be7aed84f1e2dccedac +EBUILD tor-0.4.7.13-r1.ebuild 3342 BLAKE2B d6fb5e619066f47d361165434c2dbf936c9388f90552caf5aaf6dc87db41e4db6aaa756c8a61d1ca6c73d77b7439f3ec8b3a0bf11bd21698346713126d797821 SHA512 5abf61134ee02a9ecfd48eacdbd38a3773962c1b875f830d614d3170cadd94d8fe3cb8a8db5194526ca2a3b126b39d06fa92dafea8a70f064ccbef8bfe359113 MISC metadata.xml 645 BLAKE2B a7f450c6cfb9a605f7021cbe533ec64ff0926c9877bef7aace8ce1770a8ec552255b5c54ac80035646c3515d7d0b778100573897068d0905a56f7b860c8de21b SHA512 e5724033912b73ab8abe1b47e74578c8fe4bf6e341b8e7d7434d69071508cd1f35d97f4c7ade9787ae0ded6660cf0a5477d3c7462ed13832693bfd6205f0f0f1 diff --git a/net-vpn/tor/files/tor-0.4.7.13-libressl.patch b/net-vpn/tor/files/tor-0.4.7.13-libressl.patch new file mode 100644 index 000000000000..76d52fd1c54e --- /dev/null +++ b/net-vpn/tor/files/tor-0.4.7.13-libressl.patch @@ -0,0 +1,161 @@ +Upstream-MR: https://gitlab.torproject.org/tpo/core/tor/-/merge_requests/598 +Upstream-Commit: https://gitlab.torproject.org/tpo/core/tor/-/commit/da52d7206a4a8e4fa8b5e80b5ed73de50fbe8692 + +From f3dabd705f26c56076934323f24b5b05ecdfd39c Mon Sep 17 00:00:00 2001 +From: "Alex Xu (Hello71)" <alex_y_xu@yahoo.ca> +Date: Tue, 5 Jul 2022 11:37:30 -0400 +Subject: [PATCH 1/2] LibreSSL 3.5 compatibility + +LibreSSL is now closer to OpenSSL 1.1 than OpenSSL 1.0. According to +https://undeadly.org/cgi?action=article;sid=20220116121253, this is the +intention of OpenBSD developers. + +According to #40630, many special cases are needed to compile Tor against +LibreSSL 3.5 when using Tor's OpenSSL 1.0 compatibility mode, whereas only a +small number of #defines are required when using OpenSSL 1.1 compatibility +mode. One additional workaround is required for LibreSSL 3.4 compatibility. + +Compiles and passes unit tests with LibreSSL 3.4.3 and 3.5.1. +--- + configure.ac | 2 +- + src/lib/crypt_ops/compat_openssl.h | 22 +++++++++++++--------- + src/lib/crypt_ops/crypto_openssl_mgt.h | 3 +-- + src/lib/crypt_ops/crypto_rsa_openssl.c | 8 +++++--- + 4 files changed, 20 insertions(+), 15 deletions(-) + +diff --git a/configure.ac b/configure.ac +index 8baae007cf..6ab7903010 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -1022,7 +1022,7 @@ AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ + AC_MSG_CHECKING([for OpenSSL < 1.0.1]) + AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ + #include <openssl/opensslv.h> +-#if !defined(LIBRESSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER < 0x1000100fL ++#if OPENSSL_VERSION_NUMBER < 0x1000100fL + #error "too old" + #endif + ]], [[]])], +diff --git a/src/lib/crypt_ops/compat_openssl.h b/src/lib/crypt_ops/compat_openssl.h +index 0f56f338b5..c5eccdb015 100644 +--- a/src/lib/crypt_ops/compat_openssl.h ++++ b/src/lib/crypt_ops/compat_openssl.h +@@ -20,32 +20,36 @@ + * \brief compatibility definitions for working with different openssl forks + **/ + +-#if !defined(LIBRESSL_VERSION_NUMBER) && \ +- OPENSSL_VERSION_NUMBER < OPENSSL_V_SERIES(1,0,1) ++#if OPENSSL_VERSION_NUMBER < OPENSSL_V_SERIES(1,0,1) + #error "We require OpenSSL >= 1.0.1" + #endif + +-#if OPENSSL_VERSION_NUMBER >= OPENSSL_V_SERIES(1,1,0) && \ +- ! defined(LIBRESSL_VERSION_NUMBER) ++#if OPENSSL_VERSION_NUMBER >= OPENSSL_V_SERIES(1,1,0) + /* We define this macro if we're trying to build with the majorly refactored + * API in OpenSSL 1.1 */ + #define OPENSSL_1_1_API + #endif /* OPENSSL_VERSION_NUMBER >= OPENSSL_V_SERIES(1,1,0) && ... */ + +-#ifndef OPENSSL_1_1_API +-#define OpenSSL_version(v) SSLeay_version(v) +-#define tor_OpenSSL_version_num() SSLeay() ++/* LibreSSL claims to be OpenSSL 2.0 but lacks these OpenSSL 1.1 APIs */ ++#if !defined(OPENSSL_1_1_API) || defined(LIBRESSL_VERSION_NUMBER) + #define RAND_OpenSSL() RAND_SSLeay() + #define STATE_IS_SW_SERVER_HELLO(st) \ + (((st) == SSL3_ST_SW_SRVR_HELLO_A) || \ + ((st) == SSL3_ST_SW_SRVR_HELLO_B)) + #define OSSL_HANDSHAKE_STATE int + #define CONST_IF_OPENSSL_1_1_API +-#else /* defined(OPENSSL_1_1_API) */ +-#define tor_OpenSSL_version_num() OpenSSL_version_num() ++#else + #define STATE_IS_SW_SERVER_HELLO(st) \ + ((st) == TLS_ST_SW_SRVR_HELLO) + #define CONST_IF_OPENSSL_1_1_API const ++#endif ++ ++/* OpenSSL 1.1 and LibreSSL both have these APIs */ ++#ifndef OPENSSL_1_1_API ++#define OpenSSL_version(v) SSLeay_version(v) ++#define tor_OpenSSL_version_num() SSLeay() ++#else /* defined(OPENSSL_1_1_API) */ ++#define tor_OpenSSL_version_num() OpenSSL_version_num() + #endif /* !defined(OPENSSL_1_1_API) */ + + #endif /* defined(ENABLE_OPENSSL) */ +diff --git a/src/lib/crypt_ops/crypto_openssl_mgt.h b/src/lib/crypt_ops/crypto_openssl_mgt.h +index c6f63ffa08..96a37721dd 100644 +--- a/src/lib/crypt_ops/crypto_openssl_mgt.h ++++ b/src/lib/crypt_ops/crypto_openssl_mgt.h +@@ -54,8 +54,7 @@ + #define DISABLE_ENGINES + #endif + +-#if OPENSSL_VERSION_NUMBER >= OPENSSL_VER(1,1,0,0,5) && \ +- !defined(LIBRESSL_VERSION_NUMBER) ++#if OPENSSL_VERSION_NUMBER >= OPENSSL_VER(1,1,0,0,5) + /* OpenSSL as of 1.1.0pre4 has an "new" thread API, which doesn't require + * setting up various callbacks. + * +diff --git a/src/lib/crypt_ops/crypto_rsa_openssl.c b/src/lib/crypt_ops/crypto_rsa_openssl.c +index a21c4a65cf..544d72e6ca 100644 +--- a/src/lib/crypt_ops/crypto_rsa_openssl.c ++++ b/src/lib/crypt_ops/crypto_rsa_openssl.c +@@ -572,7 +572,9 @@ static bool + rsa_private_key_too_long(RSA *rsa, int max_bits) + { + const BIGNUM *n, *e, *p, *q, *d, *dmp1, *dmq1, *iqmp; +-#ifdef OPENSSL_1_1_API ++#if defined(OPENSSL_1_1_API) && \ ++ (!defined(LIBRESSL_VERSION_NUMBER) || \ ++ LIBRESSL_VERSION_NUMBER >= OPENSSL_V_SERIES(3,5,0)) + + #if OPENSSL_VERSION_NUMBER >= OPENSSL_V_SERIES(1,1,1) + n = RSA_get0_n(rsa); +@@ -591,7 +593,7 @@ rsa_private_key_too_long(RSA *rsa, int max_bits) + + if (RSA_bits(rsa) > max_bits) + return true; +-#else /* !defined(OPENSSL_1_1_API) */ ++#else /* !defined(OPENSSL_1_1_API) && ... */ + n = rsa->n; + e = rsa->e; + p = rsa->p; +@@ -600,7 +602,7 @@ rsa_private_key_too_long(RSA *rsa, int max_bits) + dmp1 = rsa->dmp1; + dmq1 = rsa->dmq1; + iqmp = rsa->iqmp; +-#endif /* defined(OPENSSL_1_1_API) */ ++#endif /* defined(OPENSSL_1_1_API) && ... */ + + if (n && BN_num_bits(n) > max_bits) + return true; +-- +GitLab + + +From b1545b6d18fbef6c790e2731a814fa54230d8857 Mon Sep 17 00:00:00 2001 +From: "Alex Xu (Hello71)" <alex_y_xu@yahoo.ca> +Date: Tue, 19 Jul 2022 16:18:29 -0400 +Subject: [PATCH 2/2] Changes file for #40630 (LibreSSL 3.5 compatibility) + +--- + changes/issue40630 | 3 +++ + 1 file changed, 3 insertions(+) + create mode 100644 changes/issue40630 + +diff --git a/changes/issue40630 b/changes/issue40630 +new file mode 100644 +index 0000000000..faf04941b6 +--- /dev/null ++++ b/changes/issue40630 +@@ -0,0 +1,3 @@ ++ o Minor features (portability, compilation): ++ - Use OpenSSL 1.1 APIs for LibreSSL, fixing LibreSSL 3.5 compatibility. ++ Fixes issue 40630; patch by Alex Xu (Hello71). +-- +GitLab + diff --git a/net-vpn/tor/tor-0.4.7.13-r1.ebuild b/net-vpn/tor/tor-0.4.7.13-r1.ebuild index 8333b20dfdbc..b553be2e1e0f 100644 --- a/net-vpn/tor/tor-0.4.7.13-r1.ebuild +++ b/net-vpn/tor/tor-0.4.7.13-r1.ebuild @@ -59,6 +59,7 @@ DOCS=() PATCHES=( "${FILESDIR}"/${PN}-0.2.7.4-torrc.sample.patch + "${FILESDIR}"/${PN}-0.4.7.13-libressl.patch ) pkg_setup() { |