[arch-commits] Commit in luasec/trunk (PKGBUILD luasec-openssl-1.1.patch)

Antonio Rojas arojas at archlinux.org
Tue Mar 7 22:00:52 UTC 2017


    Date: Tuesday, March 7, 2017 @ 22:00:51
  Author: arojas
Revision: 215270

openssl 1.1 rebuild

Added:
  luasec/trunk/luasec-openssl-1.1.patch
Modified:
  luasec/trunk/PKGBUILD

--------------------------+
 PKGBUILD                 |   13 +++-
 luasec-openssl-1.1.patch |  129 +++++++++++++++++++++++++++++++++++++++++++++
 2 files changed, 139 insertions(+), 3 deletions(-)

Modified: PKGBUILD
===================================================================
--- PKGBUILD	2017-03-07 21:52:12 UTC (rev 215269)
+++ PKGBUILD	2017-03-07 22:00:51 UTC (rev 215270)
@@ -7,7 +7,7 @@
 pkgname=(lua-sec lua51-sec lua52-sec)
 epoch=2
 pkgver=0.6
-pkgrel=1
+pkgrel=2
 pkgdesc='Lua bindings for OpenSSL library to provide TLS/SSL communication.'
 arch=('i686' 'x86_64')
 url='https://github.com/brunoos/luasec/wiki'
@@ -14,10 +14,17 @@
 license=('MIT')
 makedepends=('openssl' 'lua' 'lua-socket' 'lua51' 'lua51-socket' 'lua52' 'lua52-socket')
 options=('!buildflags')
-source=("https://github.com/brunoos/luasec/archive/luasec-$pkgver.tar.gz")
-md5sums=('14e1aef6d2aae96bbf98afc6b6634af2')
+source=("https://github.com/brunoos/luasec/archive/luasec-$pkgver.tar.gz"
+        luasec-openssl-1.1.patch)
+md5sums=('14e1aef6d2aae96bbf98afc6b6634af2'
+         '729e64adcab9b4bd9f3d68521706ef0f')
 
 prepare() {
+  # openssl 1.1 compatibility
+  cd luasec-luasec-$pkgver
+  patch -p1 -i ../luasec-openssl-1.1.patch
+  cd ..
+
   cp -a luasec-luasec-$pkgver luasec-luasec-$pkgver-51
   cp -a luasec-luasec-$pkgver luasec-luasec-$pkgver-52
 }

Added: luasec-openssl-1.1.patch
===================================================================
--- luasec-openssl-1.1.patch	                        (rev 0)
+++ luasec-openssl-1.1.patch	2017-03-07 22:00:51 UTC (rev 215270)
@@ -0,0 +1,129 @@
+From: Bruno Silvestre <brunoos at inf.ufg.br>
+Date: Wed, 14 Sep 2016 17:47:09 -0300
+Subject: Compatibility with OpenSSL 1.1.0
+
+Defining macros X509_up_ref() and SSL_is_server to use the same
+API of OpenSSL 1.1.0.
+---
+ src/context.c |  4 ----
+ src/ssl.c     | 15 +++++++++++----
+ 2 files changed, 11 insertions(+), 8 deletions(-)
+
+diff --git a/src/context.c b/src/context.c
+index 22f43b7..4187314 100644
+--- a/src/context.c
++++ b/src/context.c
+@@ -35,10 +35,6 @@ typedef const SSL_METHOD LSEC_SSL_METHOD;
+ typedef       SSL_METHOD LSEC_SSL_METHOD;
+ #endif
+ 
+-#if OPENSSL_VERSION_NUMBER>=0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
+-#define SSLv23_method() TLS_method()
+-#endif
+-
+ /*-- Compat - Lua 5.1 --------------------------------------------------------*/
+ 
+ #if (LUA_VERSION_NUM == 501)
+diff --git a/src/ssl.c b/src/ssl.c
+index 84c609d..d7b7243 100644
+--- a/src/ssl.c
++++ b/src/ssl.c
+@@ -31,6 +31,13 @@
+ #include "context.h"
+ #include "ssl.h"
+ 
++
++#if defined(LIBRESSL_VERSION_NUMBER) || OPENSSL_VERSION_NUMBER<0x10100000L
++#define SSL_is_server(s) (s->server)
++#define X509_up_ref(c)   CRYPTO_add(&c->references, 1, CRYPTO_LOCK_X509)
++#endif
++
++
+ /**
+  * Underline socket error.
+  */
+@@ -460,7 +467,7 @@ static int meth_getpeercertificate(lua_State *L)
+   /* In a server-context, the stack doesn't contain the peer cert,
+    * so adjust accordingly.
+    */
+-  if (ssl->ssl->server)
++  if (SSL_is_server(ssl->ssl))
+     --n;
+   certs = SSL_get_peer_cert_chain(ssl->ssl);
+   if (n >= sk_X509_num(certs)) {
+@@ -470,7 +477,7 @@ static int meth_getpeercertificate(lua_State *L)
+   cert = sk_X509_value(certs, n);
+   /* Increment the reference counting of the object. */
+   /* See SSL_get_peer_certificate() source code.     */
+-  CRYPTO_add(&cert->references, 1, CRYPTO_LOCK_X509);
++  X509_up_ref(cert);
+   lsec_pushx509(L, cert);
+   return 1;
+ }
+@@ -492,7 +499,7 @@ static int meth_getpeerchain(lua_State *L)
+     return 2;
+   }
+   lua_newtable(L);
+-  if (ssl->ssl->server) {
++  if (SSL_is_server(ssl->ssl)) {
+     lsec_pushx509(L, SSL_get_peer_certificate(ssl->ssl));
+     lua_rawseti(L, -2, idx++);
+   }
+@@ -502,7 +509,7 @@ static int meth_getpeerchain(lua_State *L)
+     cert = sk_X509_value(certs, i);
+     /* Increment the reference counting of the object. */
+     /* See SSL_get_peer_certificate() source code.     */
+-    CRYPTO_add(&cert->references, 1, CRYPTO_LOCK_X509);
++    X509_up_ref(cert);
+     lsec_pushx509(L, cert);
+     lua_rawseti(L, -2, idx++);
+   }
+From: Bruno Silvestre <brunoos at inf.ufg.br>
+Date: Tue, 13 Sep 2016 13:30:44 -0300
+Subject: Use EVP_PKEY_base_id() to recover the key's type
+
+---
+ src/x509.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/x509.c b/src/x509.c
+index 207d682..0042fc4 100644
+--- a/src/x509.c
++++ b/src/x509.c
+@@ -415,7 +415,7 @@ static int meth_pubkey(lua_State* L)
+     bytes = BIO_get_mem_data(bio, &data);
+     if (bytes > 0) {
+       lua_pushlstring(L, data, bytes);
+-      switch(EVP_PKEY_type(pkey->type)) {
++      switch(EVP_PKEY_base_id(pkey)) {
+         case EVP_PKEY_RSA:
+           lua_pushstring(L, "RSA");
+           break;
+From: Bruno Silvestre <brunoos at inf.ufg.br>
+Date: Tue, 13 Sep 2016 13:22:25 -0300
+Subject: Use X509_EXTENSION_get_object() to get the 'object' field from
+ extension
+
+---
+ src/x509.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/src/x509.c b/src/x509.c
+index a8cb9fd..207d682 100644
+--- a/src/x509.c
++++ b/src/x509.c
+@@ -304,11 +304,11 @@ int meth_extensions(lua_State* L)
+       break;
+ 
+     /* Push ret[oid] */
+-    push_asn1_objname(L, extension->object, 1);
++    push_asn1_objname(L, X509_EXTENSION_get_object(extension), 1);
+     push_subtable(L, -2);
+ 
+     /* Set ret[oid].name = name */
+-    push_asn1_objname(L, extension->object, 0);
++    push_asn1_objname(L, X509_EXTENSION_get_object(extension), 0);
+     lua_setfield(L, -2, "name");
+ 
+     n_general_names = sk_GENERAL_NAME_num(values);
+


More information about the arch-commits mailing list