[arch-commits] Commit in sslsplit/repos/community-x86_64 (3 files)

Levente Polyak anthraxx at archlinux.org
Thu Jan 25 22:26:08 UTC 2018


    Date: Thursday, January 25, 2018 @ 22:26:06
  Author: anthraxx
Revision: 286973

archrelease: copy trunk to community-x86_64

Added:
  sslsplit/repos/community-x86_64/PKGBUILD
    (from rev 286972, sslsplit/trunk/PKGBUILD)
Deleted:
  sslsplit/repos/community-x86_64/0003-Add-fixes-for-OpenSSL-1.1-while-retaining-1.0-compat.patch
  sslsplit/repos/community-x86_64/PKGBUILD

-----------------------------------------------------------------+
 0003-Add-fixes-for-OpenSSL-1.1-while-retaining-1.0-compat.patch |  510 ----------
 PKGBUILD                                                        |   75 -
 2 files changed, 34 insertions(+), 551 deletions(-)

Deleted: 0003-Add-fixes-for-OpenSSL-1.1-while-retaining-1.0-compat.patch
===================================================================
--- 0003-Add-fixes-for-OpenSSL-1.1-while-retaining-1.0-compat.patch	2018-01-25 22:25:53 UTC (rev 286972)
+++ 0003-Add-fixes-for-OpenSSL-1.1-while-retaining-1.0-compat.patch	2018-01-25 22:26:06 UTC (rev 286973)
@@ -1,510 +0,0 @@
-From: Hilko Bengen <bengen at debian.org>
-Date: Tue, 8 Nov 2016 00:30:42 +0100
-Subject: Add fixes for OpenSSL 1.1 while retaining 1.0 compatibility
-
----
- cachedsess.t.c        |   4 ++
- cachefkcrt.t.c        |   4 ++
- cachemgr.h            |  21 ++++++----
- cachessess.t.c        |  24 ++++++++++--
- extra/pki/GNUmakefile |   4 +-
- ssl.c                 | 105 +++++++++++++++++++++++++++++++++++---------------
- ssl.t.c               |  11 ++++--
- 7 files changed, 125 insertions(+), 48 deletions(-)
-
-diff --git a/cachedsess.t.c b/cachedsess.t.c
-index 7daa472..49fb9e0 100644
---- a/cachedsess.t.c
-+++ b/cachedsess.t.c
-@@ -120,6 +120,7 @@ START_TEST(cache_dsess_03)
- }
- END_TEST
- 
-+#if OPENSSL_VERSION_NUMBER < 0x10100000
- START_TEST(cache_dsess_04)
- {
- 	SSL_SESSION *s1, *s2;
-@@ -145,6 +146,7 @@ START_TEST(cache_dsess_04)
- 	SSL_SESSION_free(s2);
- }
- END_TEST
-+#endif
- 
- Suite *
- cachedsess_suite(void)
-@@ -159,7 +161,9 @@ cachedsess_suite(void)
- 	tcase_add_test(tc, cache_dsess_01);
- 	tcase_add_test(tc, cache_dsess_02);
- 	tcase_add_test(tc, cache_dsess_03);
-+#if OPENSSL_VERSION_NUMBER < 0x10100000
- 	tcase_add_test(tc, cache_dsess_04);
-+#endif
- 	suite_add_tcase(s, tc);
- 
- 	return s;
-diff --git a/cachefkcrt.t.c b/cachefkcrt.t.c
-index db5e365..d79fb77 100644
---- a/cachefkcrt.t.c
-+++ b/cachefkcrt.t.c
-@@ -89,6 +89,7 @@ START_TEST(cache_fkcrt_03)
- }
- END_TEST
- 
-+#if OPENSSL_VERSION_NUMBER < 0x10100000
- START_TEST(cache_fkcrt_04)
- {
- 	X509 *c1, *c2;
-@@ -116,6 +117,7 @@ START_TEST(cache_fkcrt_04)
- 	fail_unless(cachemgr_preinit() != -1, "reinit");
- }
- END_TEST
-+#endif
- 
- Suite *
- cachefkcrt_suite(void)
-@@ -130,7 +132,9 @@ cachefkcrt_suite(void)
- 	tcase_add_test(tc, cache_fkcrt_01);
- 	tcase_add_test(tc, cache_fkcrt_02);
- 	tcase_add_test(tc, cache_fkcrt_03);
-+#if OPENSSL_VERSION_NUMBER < 0x10100000
- 	tcase_add_test(tc, cache_fkcrt_04);
-+#endif
- 	suite_add_tcase(s, tc);
- 
- 	return s;
-diff --git a/cachemgr.h b/cachemgr.h
-index 8ec7306..2a0fb0e 100644
---- a/cachemgr.h
-+++ b/cachemgr.h
-@@ -61,15 +61,20 @@ void cachemgr_gc(void);
- #define cachemgr_ssess_get(key, keysz) \
-         cache_get(cachemgr_ssess, cachessess_mkkey((key), (keysz)))
- #define cachemgr_ssess_set(val) \
--        cache_set(cachemgr_ssess, \
--                  cachessess_mkkey((val)->session_id, \
--                                   (val)->session_id_length), \
--                  cachessess_mkval(val))
-+        { \
-+                unsigned int len; \
-+                const unsigned char* id = SSL_SESSION_get_id(val, &len); \
-+                cache_set(cachemgr_ssess, \
-+                          cachessess_mkkey(id, len), \
-+                          cachessess_mkval(val));    \
-+        }
- #define cachemgr_ssess_del(val) \
--        cache_del(cachemgr_ssess, \
--                  cachessess_mkkey((val)->session_id, \
--                                   (val)->session_id_length))
--
-+        { \
-+                unsigned int len; \
-+                const unsigned char* id = SSL_SESSION_get_id(val, &len); \
-+                cache_del(cachemgr_ssess, \
-+                          cachessess_mkkey(id, len)); \
-+        }
- #define cachemgr_dsess_get(addr, addrlen, sni) \
-         cache_get(cachemgr_dsess, cachedsess_mkkey((addr), (addrlen), (sni)))
- #define cachemgr_dsess_set(addr, addrlen, sni, val) \
-diff --git a/cachessess.t.c b/cachessess.t.c
-index 8da5287..b23b661 100644
---- a/cachessess.t.c
-+++ b/cachessess.t.c
-@@ -68,13 +68,16 @@ cachemgr_teardown(void)
- START_TEST(cache_ssess_01)
- {
- 	SSL_SESSION *s1, *s2;
-+	char* session_id;
-+	unsigned int len;
- 
- 	s1 = ssl_session_from_file(TMP_SESS_FILE);
- 	fail_unless(!!s1, "creating session failed");
- 	fail_unless(ssl_session_is_valid(s1), "session invalid");
- 
- 	cachemgr_ssess_set(s1);
--	s2 = cachemgr_ssess_get(s1->session_id, s1->session_id_length);
-+	session_id = SSL_SESSION_get_id(s1, &len);
-+	s2 = cachemgr_ssess_get(session_id, len);
- 	fail_unless(!!s2, "cache returned no session");
- 	fail_unless(s2 != s1, "cache returned same pointer");
- 	SSL_SESSION_free(s1);
-@@ -85,12 +88,15 @@ END_TEST
- START_TEST(cache_ssess_02)
- {
- 	SSL_SESSION *s1, *s2;
-+	char* session_id;
-+	unsigned int len;
- 
- 	s1 = ssl_session_from_file(TMP_SESS_FILE);
- 	fail_unless(!!s1, "creating session failed");
- 	fail_unless(ssl_session_is_valid(s1), "session invalid");
- 
--	s2 = cachemgr_ssess_get(s1->session_id, s1->session_id_length);
-+	session_id = SSL_SESSION_get_id(s1, &len);
-+	s2 = cachemgr_ssess_get(session_id, len);
- 	fail_unless(s2 == NULL, "session was already in empty cache");
- 	SSL_SESSION_free(s1);
- }
-@@ -99,6 +105,8 @@ END_TEST
- START_TEST(cache_ssess_03)
- {
- 	SSL_SESSION *s1, *s2;
-+	char* session_id;
-+	unsigned int len;
- 
- 	s1 = ssl_session_from_file(TMP_SESS_FILE);
- 	fail_unless(!!s1, "creating session failed");
-@@ -106,15 +114,19 @@ START_TEST(cache_ssess_03)
- 
- 	cachemgr_ssess_set(s1);
- 	cachemgr_ssess_del(s1);
--	s2 = cachemgr_ssess_get(s1->session_id, s1->session_id_length);
-+	session_id = SSL_SESSION_get_id(s1, &len);
-+	s2 = cachemgr_ssess_get(session_id, len);
- 	fail_unless(s2 == NULL, "cache returned deleted session");
- 	SSL_SESSION_free(s1);
- }
- END_TEST
- 
-+#if OPENSSL_VERSION_NUMBER < 0x10100000
- START_TEST(cache_ssess_04)
- {
- 	SSL_SESSION *s1, *s2;
-+	char* session_id;
-+	unsigned int len;
- 
- 	s1 = ssl_session_from_file(TMP_SESS_FILE);
- 	fail_unless(!!s1, "creating session failed");
-@@ -123,7 +135,8 @@ START_TEST(cache_ssess_04)
- 	fail_unless(s1->references == 1, "refcount != 1");
- 	cachemgr_ssess_set(s1);
- 	fail_unless(s1->references == 1, "refcount != 1");
--	s2 = cachemgr_ssess_get(s1->session_id, s1->session_id_length);
-+	session_id = SSL_SESSION_get_id(s1, &len);
-+	s2 = cachemgr_ssess_get(session_id, len);
- 	fail_unless(s1->references == 1, "refcount != 1");
- 	fail_unless(!!s2, "cache returned no session");
- 	fail_unless(s2->references == 1, "refcount != 1");
-@@ -137,6 +150,7 @@ START_TEST(cache_ssess_04)
- 	SSL_SESSION_free(s2);
- }
- END_TEST
-+#endif
- 
- Suite *
- cachessess_suite(void)
-@@ -151,7 +165,9 @@ cachessess_suite(void)
- 	tcase_add_test(tc, cache_ssess_01);
- 	tcase_add_test(tc, cache_ssess_02);
- 	tcase_add_test(tc, cache_ssess_03);
-+#if OPENSSL_VERSION_NUMBER < 0x10100000
- 	tcase_add_test(tc, cache_ssess_04);
-+#endif
- 	suite_add_tcase(s, tc);
- 
- 	return s;
-diff --git a/extra/pki/GNUmakefile b/extra/pki/GNUmakefile
-index bd7b8d6..d0300fe 100644
---- a/extra/pki/GNUmakefile
-+++ b/extra/pki/GNUmakefile
-@@ -63,7 +63,7 @@ ec.key:
- 	$(OPENSSL) req -new -nodes -x509 $(DIGEST) -out $@ -key $< \
- 		-config $(CONFIG) -extensions $(CA_EXT) \
- 		-subj $(CA_SUBJECT) \
--		-set_serial 0 -days $(CA_DAYS)
-+		-set_serial 1 -days $(CA_DAYS)
- 
- server.key:
- 	$(OPENSSL) genrsa -out $@ 2048
-@@ -112,7 +112,7 @@ targets/wildcard.roe.ch.pem: rsa.crt
- 
- # localhost network connectivity is required
- session.pem:
--	openssl s_server -accept 46143 -cert server.pem -quiet -no_ssl2 & \
-+	openssl s_server -accept 46143 -cert server.pem -quiet & \
- 		pid=$$! ; \
- 		sleep 1 ; \
- 		echo q | $(OPENSSL) s_client -connect localhost:46143 \
-diff --git a/ssl.c b/ssl.c
-index ca19263..417d57d 100644
---- a/ssl.c
-+++ b/ssl.c
-@@ -88,6 +88,39 @@ ssl_ssl_cert_get(SSL *s)
- }
- #endif /* OpenSSL 0.9.8y, 1.0.0k or 1.0.1e */
- 
-+#if OPENSSL_VERSION_NUMBER < 0x10100000
-+#define SSL_is_server(ssl) (ssl->type != SSL_ST_CONNECT)
-+#define X509_get_signature_nid(x509) (OBJ_obj2nid(x509->sig_alg->algorithm))
-+static int DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g)
-+{
-+    /* If the fields p and g in d are NULL, the corresponding input
-+     * parameters MUST be non-NULL.  q may remain NULL.
-+     */
-+    if ((dh->p == NULL && p == NULL)
-+        || (dh->g == NULL && g == NULL))
-+        return 0;
-+
-+    if (p != NULL) {
-+        BN_free(dh->p);
-+        dh->p = p;
-+    }
-+    if (q != NULL) {
-+        BN_free(dh->q);
-+        dh->q = q;
-+    }
-+    if (g != NULL) {
-+        BN_free(dh->g);
-+        dh->g = g;
-+    }
-+
-+    if (q != NULL) {
-+        dh->length = BN_num_bits(q);
-+    }
-+
-+    return 1;
-+}
-+#endif
-+
- 
- /*
-  * Print OpenSSL version and build-time configuration to standard error and
-@@ -226,7 +259,7 @@ ssl_openssl_version(void)
-  */
- static int ssl_initialized = 0;
- 
--#ifdef OPENSSL_THREADS
-+#if defined(OPENSSL_THREADS) && OPENSSL_VERSION_NUMBER < 0x10100000L
- struct CRYPTO_dynlock_value {
- 	pthread_mutex_t mutex;
- };
-@@ -331,7 +364,7 @@ ssl_init(void)
- 	OpenSSL_add_all_algorithms();
- 
- 	/* thread-safety */
--#ifdef OPENSSL_THREADS
-+#if defined(OPENSSL_THREADS) && OPENSSL_VERSION_NUMBER < 0x10100000L
- 	ssl_mutex_num = CRYPTO_num_locks();
- 	ssl_mutex = malloc(ssl_mutex_num * sizeof(*ssl_mutex));
- 	for (int i = 0; i < ssl_mutex_num; i++) {
-@@ -397,7 +430,7 @@ ssl_reinit(void)
- 	if (!ssl_initialized)
- 		return;
- 
--#ifdef OPENSSL_THREADS
-+#if defined(OPENSSL_THREADS) && OPENSSL_VERSION_NUMBER < 0x10100000L
- 	for (int i = 0; i < ssl_mutex_num; i++) {
- 		pthread_mutex_init(&ssl_mutex[i], NULL);
- 	}
-@@ -416,7 +449,7 @@ ssl_fini(void)
- 
- 	ERR_remove_state(0); /* current thread */
- 
--#ifdef OPENSSL_THREADS
-+#if defined(OPENSSL_THREADS) && OPENSSL_VERSION_NUMBER < 0x10100000L
- 	CRYPTO_set_locking_callback(NULL);
- 	CRYPTO_set_dynlock_create_callback(NULL);
- 	CRYPTO_set_dynlock_lock_callback(NULL);
-@@ -476,16 +509,14 @@ ssl_ssl_state_to_str(SSL *ssl)
- 	char *str = NULL;
- 	int rv;
- 
--	rv = asprintf(&str, "%08x = %s%s%s%04x = %s (%s) [%s]",
--	              ssl->state,
--	              (ssl->state & SSL_ST_CONNECT) ? "SSL_ST_CONNECT|" : "",
--	              (ssl->state & SSL_ST_ACCEPT) ? "SSL_ST_ACCEPT|" : "",
--	              (ssl->state & SSL_ST_BEFORE) ? "SSL_ST_BEFORE|" : "",
--	              ssl->state & SSL_ST_MASK,
-+	rv = asprintf(&str, "%08x = %s%s%04x = %s (%s) [%s]",
-+	              SSL_get_state(ssl),
-+	              (SSL_get_state(ssl) & SSL_ST_CONNECT) ? "SSL_ST_CONNECT|" : "",
-+	              (SSL_get_state(ssl) & SSL_ST_ACCEPT) ? "SSL_ST_ACCEPT|" : "",
-+	              SSL_get_state(ssl) & SSL_ST_MASK,
- 	              SSL_state_string(ssl),
- 	              SSL_state_string_long(ssl),
--	              (ssl->type == SSL_ST_CONNECT) ? "connect socket"
--	                                            : "accept socket");
-+	              SSL_is_server(ssl) ? "accept socket" : "connect socket");
- 
- 	return (rv < 0) ? NULL : str;
- }
-@@ -587,6 +618,7 @@ DH *
- ssl_tmp_dh_callback(UNUSED SSL *s, int is_export, int keylength)
- {
- 	DH *dh;
-+	int success = 0;
- 
- 	if (!(dh = DH_new())) {
- 		log_err_printf("DH_new() failed\n");
-@@ -594,16 +626,20 @@ ssl_tmp_dh_callback(UNUSED SSL *s, int is_export, int keylength)
- 	}
- 	switch (keylength) {
- 		case 512:
--			dh->p = BN_bin2bn(dh512_p, sizeof(dh512_p), NULL);
-+			success = DH_set0_pqg(dh, BN_bin2bn(dh512_p, sizeof(dh512_p), NULL), NULL,
-+				    BN_bin2bn(dh_g, sizeof(dh_g), NULL));
- 			break;
- 		case 1024:
--			dh->p = BN_bin2bn(dh1024_p, sizeof(dh1024_p), NULL);
-+			success = DH_set0_pqg(dh, BN_bin2bn(dh1024_p, sizeof(dh1024_p), NULL), NULL,
-+				    BN_bin2bn(dh_g, sizeof(dh_g), NULL));
- 			break;
- 		case 2048:
--			dh->p = BN_bin2bn(dh2048_p, sizeof(dh2048_p), NULL);
-+			success = DH_set0_pqg(dh, BN_bin2bn(dh2048_p, sizeof(dh2048_p), NULL), NULL,
-+				    BN_bin2bn(dh_g, sizeof(dh_g), NULL));
- 			break;
- 		case 4096:
--			dh->p = BN_bin2bn(dh4096_p, sizeof(dh4096_p), NULL);
-+			success = DH_set0_pqg(dh, BN_bin2bn(dh4096_p, sizeof(dh4096_p), NULL), NULL,
-+				    BN_bin2bn(dh_g, sizeof(dh_g), NULL));
- 			break;
- 		default:
- 			log_err_printf("Unhandled DH keylength %i%s\n",
-@@ -612,8 +648,7 @@ ssl_tmp_dh_callback(UNUSED SSL *s, int is_export, int keylength)
- 			DH_free(dh);
- 			return NULL;
- 	}
--	dh->g = BN_bin2bn(dh_g, sizeof(dh_g), NULL);
--	if (!dh->p || !dh->g) {
-+	if (!success) {
- 		log_err_printf("Failed to load DH p and g from memory\n");
- 		DH_free(dh);
- 		return NULL;
-@@ -841,7 +876,7 @@ ssl_x509_forge(X509 *cacrt, EVP_PKEY *cakey, X509 *origcrt,
- 			if (!gn)
- 				goto errout2;
- 			gn->type = GEN_DNS;
--			gn->d.dNSName = M_ASN1_IA5STRING_new();
-+			gn->d.dNSName = ASN1_IA5STRING_new();
- 			if (!gn->d.dNSName)
- 				goto errout3;
- 			ASN1_STRING_set(gn->d.dNSName,
-@@ -865,10 +900,10 @@ ssl_x509_forge(X509 *cacrt, EVP_PKEY *cakey, X509 *origcrt,
- #endif /* DEBUG_CERTIFICATE */
- 
- 	const EVP_MD *md;
--	switch (EVP_PKEY_type(cakey->type)) {
-+	switch (EVP_PKEY_type(EVP_PKEY_base_id(cakey))) {
- #ifndef OPENSSL_NO_RSA
- 	case EVP_PKEY_RSA:
--		switch (OBJ_obj2nid(origcrt->sig_alg->algorithm)) {
-+		switch (X509_get_signature_nid(origcrt)) {
- 		case NID_md5WithRSAEncryption:
- 			md = EVP_md5();
- 			break;
-@@ -897,12 +932,20 @@ ssl_x509_forge(X509 *cacrt, EVP_PKEY *cakey, X509 *origcrt,
- #endif /* !OPENSSL_NO_RSA */
- #ifndef OPENSSL_NO_DSA
- 	case EVP_PKEY_DSA:
-+#if OPENSSL_VERSION_NUMBER < 0x10100000L
- 		md = EVP_dss1();
-+#else
-+		md = EVP_sha1();
-+#endif
- 		break;
- #endif /* !OPENSSL_NO_DSA */
- #ifndef OPENSSL_NO_ECDSA
- 	case EVP_PKEY_EC:
-+#if OPENSSL_VERSION_NUMBER < 0x10100000L
- 		md = EVP_ecdsa();
-+#else
-+		md = EVP_sha1();
-+#endif
- 		break;
- #endif /* !OPENSSL_NO_ECDSA */
- 	default:
-@@ -1015,7 +1058,6 @@ ssl_x509chain_use(SSL_CTX *sslctx, X509 *crt, STACK_OF(X509) *chain)
- 
- 		tmpcrt = sk_X509_value(chain, i);
- 		ssl_x509_refcount_inc(tmpcrt);
--		sk_X509_push(sslctx->extra_certs, tmpcrt);
- 		SSL_CTX_add_extra_chain_cert(sslctx, tmpcrt);
- 	}
- }
-@@ -1117,14 +1159,15 @@ int
- ssl_key_identifier_sha1(EVP_PKEY *key, unsigned char *keyid)
- {
- 	X509_PUBKEY *pubkey = NULL;
--	ASN1_BIT_STRING *pk;
-+	const unsigned char *pk;
-+	int length;
- 
- 	/* X509_PUBKEY_set() will attempt to free pubkey if != NULL */
- 	if (X509_PUBKEY_set(&pubkey, key) != 1 || !pubkey)
- 		return -1;
--	if (!(pk = pubkey->public_key))
-+	if (!X509_PUBKEY_get0_param(NULL, &pk, &length, NULL, pubkey))
- 		goto errout;
--	if (!EVP_Digest(pk->data, pk->length, keyid, NULL, EVP_sha1(), NULL))
-+	if (!EVP_Digest(pk, length, keyid, NULL, EVP_sha1(), NULL))
- 		goto errout;
- 	X509_PUBKEY_free(pubkey);
- 	return 0;
-@@ -1221,10 +1264,10 @@ ssl_x509_fingerprint(X509 *crt, int colons)
- void
- ssl_dh_refcount_inc(DH *dh)
- {
--#ifdef OPENSSL_THREADS
-+#if defined(OPENSSL_THREADS) && OPENSSL_VERSION_NUMBER < 0x10100000L
- 	CRYPTO_add(&dh->references, 1, CRYPTO_LOCK_DH);
- #else /* !OPENSSL_THREADS */
--	dh->references++;
-+	DH_up_ref(dh);
- #endif /* !OPENSSL_THREADS */
- }
- #endif /* !OPENSSL_NO_DH */
-@@ -1236,10 +1279,10 @@ ssl_dh_refcount_inc(DH *dh)
- void
- ssl_key_refcount_inc(EVP_PKEY *key)
- {
--#ifdef OPENSSL_THREADS
-+#if defined(OPENSSL_THREADS) && OPENSSL_VERSION_NUMBER < 0x10100000L
- 	CRYPTO_add(&key->references, 1, CRYPTO_LOCK_EVP_PKEY);
- #else /* !OPENSSL_THREADS */
--	key->references++;
-+	EVP_PKEY_up_ref(key);
- #endif /* !OPENSSL_THREADS */
- }
- 
-@@ -1251,10 +1294,10 @@ ssl_key_refcount_inc(EVP_PKEY *key)
- void
- ssl_x509_refcount_inc(X509 *crt)
- {
--#ifdef OPENSSL_THREADS
-+#if defined(OPENSSL_THREADS) && OPENSSL_VERSION_NUMBER < 0x10100000L
- 	CRYPTO_add(&crt->references, 1, CRYPTO_LOCK_X509);
- #else /* !OPENSSL_THREADS */
--	crt->references++;
-+	X509_up_ref(crt);
- #endif /* !OPENSSL_THREADS */
- }
- 
-diff --git a/ssl.t.c b/ssl.t.c
-index 997794f..9705976 100644
---- a/ssl.t.c
-+++ b/ssl.t.c
-@@ -498,6 +498,10 @@ START_TEST(ssl_tls_clienthello_parse_10)
- }
- END_TEST
- 
-+#if OPENSSL_VERSION_NUMBER < 0x10100000
-+#define ASN1_STRING_get0_data(value) ASN1_STRING_data(value)
-+#endif
-+
- START_TEST(ssl_key_identifier_sha1_01)
- {
- 	X509 *c;
-@@ -515,9 +519,10 @@ START_TEST(ssl_key_identifier_sha1_01)
- 	int loc = X509_get_ext_by_NID(c, NID_subject_key_identifier, -1);
- 	X509_EXTENSION *ext = X509_get_ext(c, loc);
- 	fail_unless(!!ext, "loading ext failed");
--	fail_unless(ext->value->length - 2 == SSL_KEY_IDSZ,
--	            "extension length mismatch");
--	fail_unless(!memcmp(ext->value->data + 2, keyid, SSL_KEY_IDSZ),
-+	ASN1_STRING *value = X509_EXTENSION_get_data(ext);
-+	fail_unless(ASN1_STRING_length(value) - 2 == SSL_KEY_IDSZ,
-+	             "extension length mismatch");
-+	fail_unless(!memcmp(ASN1_STRING_get0_data(value) + 2, keyid, SSL_KEY_IDSZ),
- 	            "key id mismatch");
- }
- END_TEST

Deleted: PKGBUILD
===================================================================
--- PKGBUILD	2018-01-25 22:25:53 UTC (rev 286972)
+++ PKGBUILD	2018-01-25 22:26:06 UTC (rev 286973)
@@ -1,41 +0,0 @@
-# Maintainer: Levente Polyak <anthraxx[at]archlinux[dot]org>
-
-pkgname=sslsplit
-pkgver=0.5.0
-pkgrel=3
-pkgdesc="Tool for man-in-the-middle attacks against SSL/TLS encrypted network connections"
-url="https://www.roe.ch/SSLsplit"
-arch=('i686' 'x86_64')
-license=('BSD')
-depends=('libevent' 'openssl')
-checkdepends=('check')
-source=(https://mirror.roe.ch/rel/${pkgname}/${pkgname}-${pkgver}.tar.bz2{,.asc}
-        0003-Add-fixes-for-OpenSSL-1.1-while-retaining-1.0-compat.patch)
-sha512sums=('d8d4f294018a7a28b6e5cdec4690c5078118e1fc9c8b78d626290cdb5f2c8d2ecdbbee776a50666a99c522e9e22a15e85b5a602c412e242ec4cce64327555862'
-            'SKIP'
-            'b3fbde26b992c40adb15d218ce067ecc53707ed9746b3a7e166d0333543283368a0c439903d36dedfb6fd9d33599abbf0554b731a68bd2524824319e1970de56')
-validpgpkeys=('BFF9C7D7EA0EAC7F1AA55B3EFABE3324B5D3397E') # Daniel Roethlisberger <daniel at roe.ch>
-
-prepare() {
-  cd ${pkgname}-${pkgver}
-  patch -p1 < "${srcdir}/0003-Add-fixes-for-OpenSSL-1.1-while-retaining-1.0-compat.patch"
-}
-
-build() {
-  cd ${pkgname}-${pkgver}
-  make
-}
-
-check() {
-  cd ${pkgname}-${pkgver}
-  make -j1 test
-}
-
-package() {
-  cd ${pkgname}-${pkgver}
-  make PREFIX="${pkgdir}/usr" install
-  install -Dm 644 LICENSE.md "${pkgdir}/usr/share/licenses/${pkgname}/LICENSE"
-  install -Dm 644 README.md NEWS.md -t "${pkgdir}/usr/share/doc/${pkgname}"
-}
-
-# vim: ts=2 sw=2 et:

Copied: sslsplit/repos/community-x86_64/PKGBUILD (from rev 286972, sslsplit/trunk/PKGBUILD)
===================================================================
--- PKGBUILD	                        (rev 0)
+++ PKGBUILD	2018-01-25 22:26:06 UTC (rev 286973)
@@ -0,0 +1,34 @@
+# Maintainer: Levente Polyak <anthraxx[at]archlinux[dot]org>
+
+pkgname=sslsplit
+pkgver=0.5.1
+pkgrel=1
+pkgdesc='Tool for man-in-the-middle attacks against SSL/TLS encrypted network connections'
+url='https://www.roe.ch/SSLsplit'
+arch=('x86_64')
+license=('BSD')
+depends=('libevent' 'openssl')
+checkdepends=('check')
+source=(https://mirror.roe.ch/rel/${pkgname}/${pkgname}-${pkgver}.tar.bz2{,.asc})
+sha512sums=('89f399e9efa86610ede5d4f1ebaedfe90c2da36fa7d613c92f5b1a83bc385a83fd2775f350e6f320cd637c4546a7cbb97b7a554214ccb639df047370227d8d92'
+            'SKIP')
+validpgpkeys=('BFF9C7D7EA0EAC7F1AA55B3EFABE3324B5D3397E') # Daniel Roethlisberger <daniel at roe.ch>
+
+build() {
+  cd ${pkgname}-${pkgver}
+  make
+}
+
+check() {
+  cd ${pkgname}-${pkgver}
+  make -j1 test
+}
+
+package() {
+  cd ${pkgname}-${pkgver}
+  make PREFIX="${pkgdir}/usr" install
+  install -Dm 644 LICENSE.md -t "${pkgdir}/usr/share/licenses/${pkgname}"
+  install -Dm 644 README.md NEWS.md -t "${pkgdir}/usr/share/doc/${pkgname}"
+}
+
+# vim: ts=2 sw=2 et:



More information about the arch-commits mailing list