[arch-commits] Commit in luasec/trunk (PKGBUILD luasec-openssl-1.1.patch)
Antonio Rojas
arojas at archlinux.org
Tue Mar 7 22:00:52 UTC 2017
Date: Tuesday, March 7, 2017 @ 22:00:51
Author: arojas
Revision: 215270
openssl 1.1 rebuild
Added:
luasec/trunk/luasec-openssl-1.1.patch
Modified:
luasec/trunk/PKGBUILD
--------------------------+
PKGBUILD | 13 +++-
luasec-openssl-1.1.patch | 129 +++++++++++++++++++++++++++++++++++++++++++++
2 files changed, 139 insertions(+), 3 deletions(-)
Modified: PKGBUILD
===================================================================
--- PKGBUILD 2017-03-07 21:52:12 UTC (rev 215269)
+++ PKGBUILD 2017-03-07 22:00:51 UTC (rev 215270)
@@ -7,7 +7,7 @@
pkgname=(lua-sec lua51-sec lua52-sec)
epoch=2
pkgver=0.6
-pkgrel=1
+pkgrel=2
pkgdesc='Lua bindings for OpenSSL library to provide TLS/SSL communication.'
arch=('i686' 'x86_64')
url='https://github.com/brunoos/luasec/wiki'
@@ -14,10 +14,17 @@
license=('MIT')
makedepends=('openssl' 'lua' 'lua-socket' 'lua51' 'lua51-socket' 'lua52' 'lua52-socket')
options=('!buildflags')
-source=("https://github.com/brunoos/luasec/archive/luasec-$pkgver.tar.gz")
-md5sums=('14e1aef6d2aae96bbf98afc6b6634af2')
+source=("https://github.com/brunoos/luasec/archive/luasec-$pkgver.tar.gz"
+ luasec-openssl-1.1.patch)
+md5sums=('14e1aef6d2aae96bbf98afc6b6634af2'
+ '729e64adcab9b4bd9f3d68521706ef0f')
prepare() {
+ # openssl 1.1 compatibility
+ cd luasec-luasec-$pkgver
+ patch -p1 -i ../luasec-openssl-1.1.patch
+ cd ..
+
cp -a luasec-luasec-$pkgver luasec-luasec-$pkgver-51
cp -a luasec-luasec-$pkgver luasec-luasec-$pkgver-52
}
Added: luasec-openssl-1.1.patch
===================================================================
--- luasec-openssl-1.1.patch (rev 0)
+++ luasec-openssl-1.1.patch 2017-03-07 22:00:51 UTC (rev 215270)
@@ -0,0 +1,129 @@
+From: Bruno Silvestre <brunoos at inf.ufg.br>
+Date: Wed, 14 Sep 2016 17:47:09 -0300
+Subject: Compatibility with OpenSSL 1.1.0
+
+Defining macros X509_up_ref() and SSL_is_server to use the same
+API of OpenSSL 1.1.0.
+---
+ src/context.c | 4 ----
+ src/ssl.c | 15 +++++++++++----
+ 2 files changed, 11 insertions(+), 8 deletions(-)
+
+diff --git a/src/context.c b/src/context.c
+index 22f43b7..4187314 100644
+--- a/src/context.c
++++ b/src/context.c
+@@ -35,10 +35,6 @@ typedef const SSL_METHOD LSEC_SSL_METHOD;
+ typedef SSL_METHOD LSEC_SSL_METHOD;
+ #endif
+
+-#if OPENSSL_VERSION_NUMBER>=0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
+-#define SSLv23_method() TLS_method()
+-#endif
+-
+ /*-- Compat - Lua 5.1 --------------------------------------------------------*/
+
+ #if (LUA_VERSION_NUM == 501)
+diff --git a/src/ssl.c b/src/ssl.c
+index 84c609d..d7b7243 100644
+--- a/src/ssl.c
++++ b/src/ssl.c
+@@ -31,6 +31,13 @@
+ #include "context.h"
+ #include "ssl.h"
+
++
++#if defined(LIBRESSL_VERSION_NUMBER) || OPENSSL_VERSION_NUMBER<0x10100000L
++#define SSL_is_server(s) (s->server)
++#define X509_up_ref(c) CRYPTO_add(&c->references, 1, CRYPTO_LOCK_X509)
++#endif
++
++
+ /**
+ * Underline socket error.
+ */
+@@ -460,7 +467,7 @@ static int meth_getpeercertificate(lua_State *L)
+ /* In a server-context, the stack doesn't contain the peer cert,
+ * so adjust accordingly.
+ */
+- if (ssl->ssl->server)
++ if (SSL_is_server(ssl->ssl))
+ --n;
+ certs = SSL_get_peer_cert_chain(ssl->ssl);
+ if (n >= sk_X509_num(certs)) {
+@@ -470,7 +477,7 @@ static int meth_getpeercertificate(lua_State *L)
+ cert = sk_X509_value(certs, n);
+ /* Increment the reference counting of the object. */
+ /* See SSL_get_peer_certificate() source code. */
+- CRYPTO_add(&cert->references, 1, CRYPTO_LOCK_X509);
++ X509_up_ref(cert);
+ lsec_pushx509(L, cert);
+ return 1;
+ }
+@@ -492,7 +499,7 @@ static int meth_getpeerchain(lua_State *L)
+ return 2;
+ }
+ lua_newtable(L);
+- if (ssl->ssl->server) {
++ if (SSL_is_server(ssl->ssl)) {
+ lsec_pushx509(L, SSL_get_peer_certificate(ssl->ssl));
+ lua_rawseti(L, -2, idx++);
+ }
+@@ -502,7 +509,7 @@ static int meth_getpeerchain(lua_State *L)
+ cert = sk_X509_value(certs, i);
+ /* Increment the reference counting of the object. */
+ /* See SSL_get_peer_certificate() source code. */
+- CRYPTO_add(&cert->references, 1, CRYPTO_LOCK_X509);
++ X509_up_ref(cert);
+ lsec_pushx509(L, cert);
+ lua_rawseti(L, -2, idx++);
+ }
+From: Bruno Silvestre <brunoos at inf.ufg.br>
+Date: Tue, 13 Sep 2016 13:30:44 -0300
+Subject: Use EVP_PKEY_base_id() to recover the key's type
+
+---
+ src/x509.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/x509.c b/src/x509.c
+index 207d682..0042fc4 100644
+--- a/src/x509.c
++++ b/src/x509.c
+@@ -415,7 +415,7 @@ static int meth_pubkey(lua_State* L)
+ bytes = BIO_get_mem_data(bio, &data);
+ if (bytes > 0) {
+ lua_pushlstring(L, data, bytes);
+- switch(EVP_PKEY_type(pkey->type)) {
++ switch(EVP_PKEY_base_id(pkey)) {
+ case EVP_PKEY_RSA:
+ lua_pushstring(L, "RSA");
+ break;
+From: Bruno Silvestre <brunoos at inf.ufg.br>
+Date: Tue, 13 Sep 2016 13:22:25 -0300
+Subject: Use X509_EXTENSION_get_object() to get the 'object' field from
+ extension
+
+---
+ src/x509.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/src/x509.c b/src/x509.c
+index a8cb9fd..207d682 100644
+--- a/src/x509.c
++++ b/src/x509.c
+@@ -304,11 +304,11 @@ int meth_extensions(lua_State* L)
+ break;
+
+ /* Push ret[oid] */
+- push_asn1_objname(L, extension->object, 1);
++ push_asn1_objname(L, X509_EXTENSION_get_object(extension), 1);
+ push_subtable(L, -2);
+
+ /* Set ret[oid].name = name */
+- push_asn1_objname(L, extension->object, 0);
++ push_asn1_objname(L, X509_EXTENSION_get_object(extension), 0);
+ lua_setfield(L, -2, "name");
+
+ n_general_names = sk_GENERAL_NAME_num(values);
+
More information about the arch-commits
mailing list