Date: Tuesday, March 7, 2017 @ 22:00:51 Author: arojas Revision: 215270
openssl 1.1 rebuild Added: luasec/trunk/luasec-openssl-1.1.patch Modified: luasec/trunk/PKGBUILD --------------------------+ PKGBUILD | 13 +++- luasec-openssl-1.1.patch | 129 +++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 139 insertions(+), 3 deletions(-) Modified: PKGBUILD =================================================================== --- PKGBUILD 2017-03-07 21:52:12 UTC (rev 215269) +++ PKGBUILD 2017-03-07 22:00:51 UTC (rev 215270) @@ -7,7 +7,7 @@ pkgname=(lua-sec lua51-sec lua52-sec) epoch=2 pkgver=0.6 -pkgrel=1 +pkgrel=2 pkgdesc='Lua bindings for OpenSSL library to provide TLS/SSL communication.' arch=('i686' 'x86_64') url='https://github.com/brunoos/luasec/wiki' @@ -14,10 +14,17 @@ license=('MIT') makedepends=('openssl' 'lua' 'lua-socket' 'lua51' 'lua51-socket' 'lua52' 'lua52-socket') options=('!buildflags') -source=("https://github.com/brunoos/luasec/archive/luasec-$pkgver.tar.gz") -md5sums=('14e1aef6d2aae96bbf98afc6b6634af2') +source=("https://github.com/brunoos/luasec/archive/luasec-$pkgver.tar.gz" + luasec-openssl-1.1.patch) +md5sums=('14e1aef6d2aae96bbf98afc6b6634af2' + '729e64adcab9b4bd9f3d68521706ef0f') prepare() { + # openssl 1.1 compatibility + cd luasec-luasec-$pkgver + patch -p1 -i ../luasec-openssl-1.1.patch + cd .. + cp -a luasec-luasec-$pkgver luasec-luasec-$pkgver-51 cp -a luasec-luasec-$pkgver luasec-luasec-$pkgver-52 } Added: luasec-openssl-1.1.patch =================================================================== --- luasec-openssl-1.1.patch (rev 0) +++ luasec-openssl-1.1.patch 2017-03-07 22:00:51 UTC (rev 215270) @@ -0,0 +1,129 @@ +From: Bruno Silvestre <brun...@inf.ufg.br> +Date: Wed, 14 Sep 2016 17:47:09 -0300 +Subject: Compatibility with OpenSSL 1.1.0 + +Defining macros X509_up_ref() and SSL_is_server to use the same +API of OpenSSL 1.1.0. +--- + src/context.c | 4 ---- + src/ssl.c | 15 +++++++++++---- + 2 files changed, 11 insertions(+), 8 deletions(-) + +diff --git a/src/context.c b/src/context.c +index 22f43b7..4187314 100644 +--- a/src/context.c ++++ b/src/context.c +@@ -35,10 +35,6 @@ typedef const SSL_METHOD LSEC_SSL_METHOD; + typedef SSL_METHOD LSEC_SSL_METHOD; + #endif + +-#if OPENSSL_VERSION_NUMBER>=0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) +-#define SSLv23_method() TLS_method() +-#endif +- + /*-- Compat - Lua 5.1 --------------------------------------------------------*/ + + #if (LUA_VERSION_NUM == 501) +diff --git a/src/ssl.c b/src/ssl.c +index 84c609d..d7b7243 100644 +--- a/src/ssl.c ++++ b/src/ssl.c +@@ -31,6 +31,13 @@ + #include "context.h" + #include "ssl.h" + ++ ++#if defined(LIBRESSL_VERSION_NUMBER) || OPENSSL_VERSION_NUMBER<0x10100000L ++#define SSL_is_server(s) (s->server) ++#define X509_up_ref(c) CRYPTO_add(&c->references, 1, CRYPTO_LOCK_X509) ++#endif ++ ++ + /** + * Underline socket error. + */ +@@ -460,7 +467,7 @@ static int meth_getpeercertificate(lua_State *L) + /* In a server-context, the stack doesn't contain the peer cert, + * so adjust accordingly. + */ +- if (ssl->ssl->server) ++ if (SSL_is_server(ssl->ssl)) + --n; + certs = SSL_get_peer_cert_chain(ssl->ssl); + if (n >= sk_X509_num(certs)) { +@@ -470,7 +477,7 @@ static int meth_getpeercertificate(lua_State *L) + cert = sk_X509_value(certs, n); + /* Increment the reference counting of the object. */ + /* See SSL_get_peer_certificate() source code. */ +- CRYPTO_add(&cert->references, 1, CRYPTO_LOCK_X509); ++ X509_up_ref(cert); + lsec_pushx509(L, cert); + return 1; + } +@@ -492,7 +499,7 @@ static int meth_getpeerchain(lua_State *L) + return 2; + } + lua_newtable(L); +- if (ssl->ssl->server) { ++ if (SSL_is_server(ssl->ssl)) { + lsec_pushx509(L, SSL_get_peer_certificate(ssl->ssl)); + lua_rawseti(L, -2, idx++); + } +@@ -502,7 +509,7 @@ static int meth_getpeerchain(lua_State *L) + cert = sk_X509_value(certs, i); + /* Increment the reference counting of the object. */ + /* See SSL_get_peer_certificate() source code. */ +- CRYPTO_add(&cert->references, 1, CRYPTO_LOCK_X509); ++ X509_up_ref(cert); + lsec_pushx509(L, cert); + lua_rawseti(L, -2, idx++); + } +From: Bruno Silvestre <brun...@inf.ufg.br> +Date: Tue, 13 Sep 2016 13:30:44 -0300 +Subject: Use EVP_PKEY_base_id() to recover the key's type + +--- + src/x509.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/x509.c b/src/x509.c +index 207d682..0042fc4 100644 +--- a/src/x509.c ++++ b/src/x509.c +@@ -415,7 +415,7 @@ static int meth_pubkey(lua_State* L) + bytes = BIO_get_mem_data(bio, &data); + if (bytes > 0) { + lua_pushlstring(L, data, bytes); +- switch(EVP_PKEY_type(pkey->type)) { ++ switch(EVP_PKEY_base_id(pkey)) { + case EVP_PKEY_RSA: + lua_pushstring(L, "RSA"); + break; +From: Bruno Silvestre <brun...@inf.ufg.br> +Date: Tue, 13 Sep 2016 13:22:25 -0300 +Subject: Use X509_EXTENSION_get_object() to get the 'object' field from + extension + +--- + src/x509.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/src/x509.c b/src/x509.c +index a8cb9fd..207d682 100644 +--- a/src/x509.c ++++ b/src/x509.c +@@ -304,11 +304,11 @@ int meth_extensions(lua_State* L) + break; + + /* Push ret[oid] */ +- push_asn1_objname(L, extension->object, 1); ++ push_asn1_objname(L, X509_EXTENSION_get_object(extension), 1); + push_subtable(L, -2); + + /* Set ret[oid].name = name */ +- push_asn1_objname(L, extension->object, 0); ++ push_asn1_objname(L, X509_EXTENSION_get_object(extension), 0); + lua_setfield(L, -2, "name"); + + n_general_names = sk_GENERAL_NAME_num(values); +