[arch-commits] Commit in apr-util/trunk (3 files)
Jan de Groot
jgc at archlinux.org
Thu Mar 2 22:31:52 UTC 2017
Date: Thursday, March 2, 2017 @ 22:31:51
Author: jgc
Revision: 289900
upgpkg: apr-util 1.5.4-3
Fix build with OpenSSL 1.1
Added:
apr-util/trunk/buildconf_config.guess_sub_location.patch
apr-util/trunk/openssl-1.1.patch
Modified:
apr-util/trunk/PKGBUILD
-------------------------------------------+
PKGBUILD | 21 +-
buildconf_config.guess_sub_location.patch | 22 ++
openssl-1.1.patch | 250 ++++++++++++++++++++++++++++
3 files changed, 288 insertions(+), 5 deletions(-)
Modified: PKGBUILD
===================================================================
--- PKGBUILD 2017-03-02 22:20:57 UTC (rev 289899)
+++ PKGBUILD 2017-03-02 22:31:51 UTC (rev 289900)
@@ -4,12 +4,12 @@
pkgname=apr-util
pkgver=1.5.4
-pkgrel=2
+pkgrel=3
pkgdesc="The Apache Portable Runtime"
arch=('i686' 'x86_64')
url="http://apr.apache.org/"
depends=('apr' 'expat')
-makedepends=('gdbm' 'libldap' 'unixodbc' 'openssl' 'nss' 'sqlite' 'libmariadbclient' 'db' 'postgresql-libs')
+makedepends=('gdbm' 'libldap' 'unixodbc' 'openssl' 'nss' 'sqlite' 'libmariadbclient' 'db' 'postgresql-libs' 'python2')
optdepends=(
'gdbm: enable gdbm support'
'libldap: enable ldap support'
@@ -22,11 +22,22 @@
'openssl: enable openssl crypto support'
)
license=('APACHE')
-source=(https://www.apache.org/dist/apr/apr-util-${pkgver}.tar.bz2{,.asc})
-md5sums=('2202b18f269ad606d70e1864857ed93c'
- 'SKIP')
+source=(https://www.apache.org/dist/apr/apr-util-${pkgver}.tar.bz2{,.asc}
+ buildconf_config.guess_sub_location.patch
+ openssl-1.1.patch)
+sha256sums=('a6cf327189ca0df2fb9d5633d7326c460fe2b61684745fd7963e79a6dd0dc82e'
+ 'SKIP'
+ '33f3509d8ad089109c70835efc3535b27a6b5fc2fe27793d30689138f8c4f8aa'
+ '88225f93632ee4fb2fa1e0c5ee7a177b1299e1b55f644c567b4763f8c8acbe54')
validpgpkeys=('5B5181C2C0AB13E59DA3F7A3EC582EB639FF092C') # Jeff Trawick
+prepare() {
+ cd apr-util-$pkgver
+ patch -Np1 -i ../buildconf_config.guess_sub_location.patch
+ patch -Np1 -i ../openssl-1.1.patch
+ ./buildconf --with-apr=`apr-1-config --srcdir`
+}
+
build() {
cd "${srcdir}/apr-util-${pkgver}"
./configure --prefix=/usr --with-apr=/usr --with-ldap --with-crypto \
Added: buildconf_config.guess_sub_location.patch
===================================================================
--- buildconf_config.guess_sub_location.patch (rev 0)
+++ buildconf_config.guess_sub_location.patch 2017-03-02 22:31:51 UTC (rev 289900)
@@ -0,0 +1,22 @@
+From: Tollef Fog Heen <tfheen at debian.org>
+Subject: Adjust path of config.guess and config.sub
+
+---
+ buildconf | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+Index: trunk/buildconf
+===================================================================
+--- trunk.orig/buildconf
++++ trunk/buildconf
+@@ -61,8 +61,8 @@
+ rm -f build/apr_common.m4 build/find_apr.m4 build/install.sh \
+ build/config.guess build/config.sub build/get-version.sh
+ cp -p $apr_src_dir/build/apr_common.m4 $apr_src_dir/build/find_apr.m4 \
+- $apr_src_dir/build/install.sh $apr_src_dir/build/config.guess \
+- $apr_src_dir/build/config.sub $apr_src_dir/build/get-version.sh \
++ $apr_src_dir/build/install.sh /usr/share/libtool/build-aux/config.guess \
++ /usr/share/libtool/build-aux/config.sub $apr_src_dir/build/get-version.sh \
+ build/
+
+ # Remove aclocal.m4 as it'll break some builds...
Added: openssl-1.1.patch
===================================================================
--- openssl-1.1.patch (rev 0)
+++ openssl-1.1.patch 2017-03-02 22:31:51 UTC (rev 289900)
@@ -0,0 +1,250 @@
+# commit f163d8b5af9185de80d24b4dd13951dd64872aa6
+# Author: Rainer Jung <rjung at apache.org>
+# Date: Sun Feb 7 14:40:46 2016 +0000
+#
+# Add support for OpenSSL 1.1.0:
+# - Switch configure test for OpenSSL libcrypto
+# from BN_init() to BN_new().
+# - BN_init() is gone in OpenSSL 1.1.0.
+# BN_new() exists at least since 0.9.8.
+# - use OPENSSL_malloc_init() instead of
+# CRYPTO_malloc_init
+# - make cipherCtx a pointer. Type EVP_CIPHER_CTX
+# is now opaque.
+# - use EVP_CIPHER_CTX_new() in init() functions
+# if initialised flag is not set (and set flag)
+# - use EVP_CIPHER_CTX_free() in cleanup function
+# - Improve reuse cleanup
+# - call EVP_CIPHER_CTX_reset() resp.
+# EVP_CIPHER_CTX_cleanup() in finish functions
+# - call EVP_CIPHER_CTX_reset() resp.
+# EVP_CIPHER_CTX_cleanup() when Update fails
+# Backport of r1728958 and r1728963 from trunk.
+#
+#
+# git-svn-id: https://svn.apache.org/repos/asf/apr/apr-util/branches/1.5.x@1728969 13f79535-47bb-0310-9956-ffa450edef68
+#
+diff --git a/build/crypto.m4 b/build/crypto.m4
+index 9f9be6f..57884e3 100644
+--- a/build/crypto.m4
++++ b/build/crypto.m4
+@@ -88,7 +88,7 @@ AC_DEFUN([APU_CHECK_CRYPTO_OPENSSL], [
+ [
+ if test "$withval" = "yes"; then
+ AC_CHECK_HEADERS(openssl/x509.h, [openssl_have_headers=1])
+- AC_CHECK_LIB(crypto, BN_init, AC_CHECK_LIB(ssl, SSL_accept, [openssl_have_libs=1],,-lcrypto))
++ AC_CHECK_LIB(crypto, BN_new, AC_CHECK_LIB(ssl, SSL_accept, [openssl_have_libs=1],,-lcrypto))
+ if test "$openssl_have_headers" != "0" && test "$openssl_have_libs" != "0"; then
+ apu_have_openssl=1
+ fi
+@@ -104,7 +104,7 @@ AC_DEFUN([APU_CHECK_CRYPTO_OPENSSL], [
+
+ AC_MSG_NOTICE(checking for openssl in $withval)
+ AC_CHECK_HEADERS(openssl/x509.h, [openssl_have_headers=1])
+- AC_CHECK_LIB(crypto, BN_init, AC_CHECK_LIB(ssl, SSL_accept, [openssl_have_libs=1],,-lcrypto))
++ AC_CHECK_LIB(crypto, BN_new, AC_CHECK_LIB(ssl, SSL_accept, [openssl_have_libs=1],,-lcrypto))
+ if test "$openssl_have_headers" != "0" && test "$openssl_have_libs" != "0"; then
+ apu_have_openssl=1
+ APR_ADDTO(APRUTIL_LDFLAGS, [-L$withval/lib])
+@@ -113,7 +113,7 @@ AC_DEFUN([APU_CHECK_CRYPTO_OPENSSL], [
+
+ if test "$apu_have_openssl" != "1"; then
+ AC_CHECK_HEADERS(openssl/x509.h, [openssl_have_headers=1])
+- AC_CHECK_LIB(crypto, BN_init, AC_CHECK_LIB(ssl, SSL_accept, [openssl_have_libs=1],,-lcrypto))
++ AC_CHECK_LIB(crypto, BN_new, AC_CHECK_LIB(ssl, SSL_accept, [openssl_have_libs=1],,-lcrypto))
+ if test "$openssl_have_headers" != "0" && test "$openssl_have_libs" != "0"; then
+ apu_have_openssl=1
+ APR_ADDTO(APRUTIL_LDFLAGS, [-L$withval/lib])
+diff --git a/crypto/apr_crypto_openssl.c b/crypto/apr_crypto_openssl.c
+index 0740f93..7d61fca 100644
+--- a/crypto/apr_crypto_openssl.c
++++ b/crypto/apr_crypto_openssl.c
+@@ -64,7 +64,7 @@ struct apr_crypto_block_t {
+ apr_pool_t *pool;
+ const apr_crypto_driver_t *provider;
+ const apr_crypto_t *f;
+- EVP_CIPHER_CTX cipherCtx;
++ EVP_CIPHER_CTX *cipherCtx;
+ int initialised;
+ int ivSize;
+ int blockSize;
+@@ -111,7 +111,11 @@ static apr_status_t crypto_shutdown_helper(void *data)
+ static apr_status_t crypto_init(apr_pool_t *pool, const char *params,
+ const apu_err_t **result)
+ {
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
+ CRYPTO_malloc_init();
++#else
++ OPENSSL_malloc_init();
++#endif
+ ERR_load_crypto_strings();
+ /* SSL_load_error_strings(); */
+ OpenSSL_add_all_algorithms();
+@@ -134,7 +138,7 @@ static apr_status_t crypto_block_cleanup(apr_crypto_block_t *ctx)
+ {
+
+ if (ctx->initialised) {
+- EVP_CIPHER_CTX_cleanup(&ctx->cipherCtx);
++ EVP_CIPHER_CTX_free(ctx->cipherCtx);
+ ctx->initialised = 0;
+ }
+
+@@ -491,8 +495,10 @@ static apr_status_t crypto_block_encrypt_init(apr_crypto_block_t **ctx,
+ apr_pool_cleanup_null);
+
+ /* create a new context for encryption */
+- EVP_CIPHER_CTX_init(&block->cipherCtx);
+- block->initialised = 1;
++ if (!block->initialised) {
++ block->cipherCtx = EVP_CIPHER_CTX_new();
++ block->initialised = 1;
++ }
+
+ /* generate an IV, if necessary */
+ usedIv = NULL;
+@@ -519,16 +525,16 @@ static apr_status_t crypto_block_encrypt_init(apr_crypto_block_t **ctx,
+
+ /* set up our encryption context */
+ #if CRYPTO_OPENSSL_CONST_BUFFERS
+- if (!EVP_EncryptInit_ex(&block->cipherCtx, key->cipher, config->engine,
++ if (!EVP_EncryptInit_ex(block->cipherCtx, key->cipher, config->engine,
+ key->key, usedIv)) {
+ #else
+- if (!EVP_EncryptInit_ex(&block->cipherCtx, key->cipher, config->engine, (unsigned char *) key->key, (unsigned char *) usedIv)) {
++ if (!EVP_EncryptInit_ex(block->cipherCtx, key->cipher, config->engine, (unsigned char *) key->key, (unsigned char *) usedIv)) {
+ #endif
+ return APR_EINIT;
+ }
+
+ /* Clear up any read padding */
+- if (!EVP_CIPHER_CTX_set_padding(&block->cipherCtx, key->doPad)) {
++ if (!EVP_CIPHER_CTX_set_padding(block->cipherCtx, key->doPad)) {
+ return APR_EPADDING;
+ }
+
+@@ -582,11 +588,16 @@ static apr_status_t crypto_block_encrypt(unsigned char **out,
+ }
+
+ #if CRYPT_OPENSSL_CONST_BUFFERS
+- if (!EVP_EncryptUpdate(&ctx->cipherCtx, (*out), &outl, in, inlen)) {
++ if (!EVP_EncryptUpdate(ctx->cipherCtx, (*out), &outl, in, inlen)) {
+ #else
+- if (!EVP_EncryptUpdate(&ctx->cipherCtx, (*out), &outl,
++ if (!EVP_EncryptUpdate(ctx->cipherCtx, (*out), &outl,
+ (unsigned char *) in, inlen)) {
+ #endif
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
++ EVP_CIPHER_CTX_cleanup(ctx->cipherCtx);
++#else
++ EVP_CIPHER_CTX_reset(ctx->cipherCtx);
++#endif
+ return APR_ECRYPT;
+ }
+ *outlen = outl;
+@@ -616,14 +627,22 @@ static apr_status_t crypto_block_encrypt(unsigned char **out,
+ static apr_status_t crypto_block_encrypt_finish(unsigned char *out,
+ apr_size_t *outlen, apr_crypto_block_t *ctx)
+ {
++ apr_status_t rc = APR_SUCCESS;
+ int len = *outlen;
+
+- if (EVP_EncryptFinal_ex(&ctx->cipherCtx, out, &len) == 0) {
+- return APR_EPADDING;
++ if (EVP_EncryptFinal_ex(ctx->cipherCtx, out, &len) == 0) {
++ rc = APR_EPADDING;
++ }
++ else {
++ *outlen = len;
+ }
+- *outlen = len;
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
++ EVP_CIPHER_CTX_cleanup(ctx->cipherCtx);
++#else
++ EVP_CIPHER_CTX_reset(ctx->cipherCtx);
++#endif
+
+- return APR_SUCCESS;
++ return rc;
+
+ }
+
+@@ -662,8 +681,10 @@ static apr_status_t crypto_block_decrypt_init(apr_crypto_block_t **ctx,
+ apr_pool_cleanup_null);
+
+ /* create a new context for encryption */
+- EVP_CIPHER_CTX_init(&block->cipherCtx);
+- block->initialised = 1;
++ if (!block->initialised) {
++ block->cipherCtx = EVP_CIPHER_CTX_new();
++ block->initialised = 1;
++ }
+
+ /* generate an IV, if necessary */
+ if (key->ivSize) {
+@@ -674,16 +695,16 @@ static apr_status_t crypto_block_decrypt_init(apr_crypto_block_t **ctx,
+
+ /* set up our encryption context */
+ #if CRYPTO_OPENSSL_CONST_BUFFERS
+- if (!EVP_DecryptInit_ex(&block->cipherCtx, key->cipher, config->engine,
++ if (!EVP_DecryptInit_ex(block->cipherCtx, key->cipher, config->engine,
+ key->key, iv)) {
+ #else
+- if (!EVP_DecryptInit_ex(&block->cipherCtx, key->cipher, config->engine, (unsigned char *) key->key, (unsigned char *) iv)) {
++ if (!EVP_DecryptInit_ex(block->cipherCtx, key->cipher, config->engine, (unsigned char *) key->key, (unsigned char *) iv)) {
+ #endif
+ return APR_EINIT;
+ }
+
+ /* Clear up any read padding */
+- if (!EVP_CIPHER_CTX_set_padding(&block->cipherCtx, key->doPad)) {
++ if (!EVP_CIPHER_CTX_set_padding(block->cipherCtx, key->doPad)) {
+ return APR_EPADDING;
+ }
+
+@@ -737,11 +758,16 @@ static apr_status_t crypto_block_decrypt(unsigned char **out,
+ }
+
+ #if CRYPT_OPENSSL_CONST_BUFFERS
+- if (!EVP_DecryptUpdate(&ctx->cipherCtx, *out, &outl, in, inlen)) {
++ if (!EVP_DecryptUpdate(ctx->cipherCtx, *out, &outl, in, inlen)) {
+ #else
+- if (!EVP_DecryptUpdate(&ctx->cipherCtx, *out, &outl, (unsigned char *) in,
++ if (!EVP_DecryptUpdate(ctx->cipherCtx, *out, &outl, (unsigned char *) in,
+ inlen)) {
+ #endif
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
++ EVP_CIPHER_CTX_cleanup(ctx->cipherCtx);
++#else
++ EVP_CIPHER_CTX_reset(ctx->cipherCtx);
++#endif
+ return APR_ECRYPT;
+ }
+ *outlen = outl;
+@@ -771,15 +797,22 @@ static apr_status_t crypto_block_decrypt(unsigned char **out,
+ static apr_status_t crypto_block_decrypt_finish(unsigned char *out,
+ apr_size_t *outlen, apr_crypto_block_t *ctx)
+ {
+-
++ apr_status_t rc = APR_SUCCESS;
+ int len = *outlen;
+
+- if (EVP_DecryptFinal_ex(&ctx->cipherCtx, out, &len) == 0) {
+- return APR_EPADDING;
++ if (EVP_DecryptFinal_ex(ctx->cipherCtx, out, &len) == 0) {
++ rc = APR_EPADDING;
+ }
+- *outlen = len;
++ else {
++ *outlen = len;
++ }
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
++ EVP_CIPHER_CTX_cleanup(ctx->cipherCtx);
++#else
++ EVP_CIPHER_CTX_reset(ctx->cipherCtx);
++#endif
+
+- return APR_SUCCESS;
++ return rc;
+
+ }
+
More information about the arch-commits
mailing list