commit:     b46ade639dea1b83feb4ed821fa12f58ec0780a1
Author:     Patrick McLean <chutzpah <AT> gentoo <DOT> org>
AuthorDate: Wed Sep 21 18:31:05 2016 +0000
Commit:     Patrick McLean <chutzpah <AT> gentoo <DOT> org>
CommitDate: Wed Sep 21 18:36:25 2016 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=b46ade63

net-misc/socat: Revision bump, add libressl support and license warning

Port to EAPI=6

Add libressl support (bug #565244), thanks to Marek Behun for the patch

Add license warning and RESTRICT (bug #587740)

Package-Manager: portage-2.3.1

 net-misc/socat/files/socat-1.7.3.1-libressl.patch | 277 ++++++++++++++++++++++
 net-misc/socat/socat-1.7.3.1-r1.ebuild            |  73 ++++++
 2 files changed, 350 insertions(+)

diff --git a/net-misc/socat/files/socat-1.7.3.1-libressl.patch 
b/net-misc/socat/files/socat-1.7.3.1-libressl.patch
new file mode 100644
index 00000000..fe9a1b1
--- /dev/null
+++ b/net-misc/socat/files/socat-1.7.3.1-libressl.patch
@@ -0,0 +1,277 @@
+From 1106527e9ca2be33af03d99393aa43069918df1a Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Marek=20Beh=C3=BAn?= <ka...@blackhole.sk>
+Date: Mon, 6 Jun 2016 18:43:56 +0200
+Subject: [PATCH] Support compiling with LibreSSL 2.4.0
+
+This patch checks for macros OPENSSL_NO_COMP, OPENSSL_NO_EGD, and
+if disables those features if they are.
+
+Also add ifdef for HAVE_SSLv3_{client/server}_method in sslcls.c,
+since these were removed from LibreSSL 2.4.0.
+---
+ sslcls.c      |  8 +++++++-
+ sslcls.h      |  6 +++++-
+ xio-openssl.c | 24 ++++++++++++++++++------
+ xio-openssl.h |  4 +++-
+ xioopts.c     |  8 ++++++--
+ xioopts.h     |  4 +++-
+ 6 files changed, 42 insertions(+), 12 deletions(-)
+
+diff --git a/sslcls.c b/sslcls.c
+index 6ddc077..a4de26b 100644
+--- a/sslcls.c
++++ b/sslcls.c
+@@ -55,6 +55,7 @@ const SSL_METHOD *sycSSLv2_server_method(void) {
+ }
+ #endif
+ 
++#if HAVE_SSLv3_client_method
+ const SSL_METHOD *sycSSLv3_client_method(void) {
+    const SSL_METHOD *result;
+    Debug("SSLv3_client_method()");
+@@ -62,7 +63,9 @@ const SSL_METHOD *sycSSLv3_client_method(void) {
+    Debug1("SSLv3_client_method() -> %p", result);
+    return result;
+ }
++#endif
+ 
++#if HAVE_SSLv3_server_method
+ const SSL_METHOD *sycSSLv3_server_method(void) {
+    const SSL_METHOD *result;
+    Debug("SSLv3_server_method()");
+@@ -70,6 +73,7 @@ const SSL_METHOD *sycSSLv3_server_method(void) {
+    Debug1("SSLv3_server_method() -> %p", result);
+    return result;
+ }
++#endif
+ 
+ const SSL_METHOD *sycSSLv23_client_method(void) {
+    const SSL_METHOD *result;
+@@ -331,6 +335,7 @@ void sycSSL_free(SSL *ssl) {
+    return;
+ }
+ 
++#ifndef OPENSSL_NO_EGD
+ int sycRAND_egd(const char *path) {
+    int result;
+    Debug1("RAND_egd(\"%s\")", path);
+@@ -338,6 +343,7 @@ int sycRAND_egd(const char *path) {
+    Debug1("RAND_egd() -> %d", result);
+    return result;
+ }
++#endif
+ 
+ DH *sycPEM_read_bio_DHparams(BIO *bp, DH **x, pem_password_cb *cb, void *u) {
+    DH *result;
+@@ -375,7 +381,7 @@ int sycFIPS_mode_set(int onoff) {
+ }
+ #endif /* WITH_FIPS */
+ 
+-#if OPENSSL_VERSION_NUMBER >= 0x00908000L
++#if OPENSSL_VERSION_NUMBER >= 0x00908000L && !defined(OPENSSL_NO_COMP)
+ const COMP_METHOD *sycSSL_get_current_compression(SSL *ssl) {
+    const COMP_METHOD *result;
+    Debug1("SSL_get_current_compression(%p)", ssl);
+diff --git a/sslcls.h b/sslcls.h
+index aece28a..5a4f8b1 100644
+--- a/sslcls.h
++++ b/sslcls.h
+@@ -47,7 +47,9 @@ X509 *sycSSL_get_peer_certificate(SSL *ssl);
+ int sycSSL_shutdown(SSL *ssl);
+ void sycSSL_CTX_free(SSL_CTX *ctx);
+ void sycSSL_free(SSL *ssl);
++#ifndef OPENSSL_NO_EGD
+ int sycRAND_egd(const char *path);
++#endif
+ 
+ DH *sycPEM_read_bio_DHparams(BIO *bp, DH **x, pem_password_cb *cb, void *u);
+ 
+@@ -55,7 +57,7 @@ BIO *sycBIO_new_file(const char *filename, const char *mode);
+ 
+ int sycFIPS_mode_set(int onoff);
+ 
+-#if OPENSSL_VERSION_NUMBER >= 0x00908000L
++#if OPENSSL_VERSION_NUMBER >= 0x00908000L && !defined(OPENSSL_NO_COMP)
+ const COMP_METHOD *sycSSL_get_current_compression(SSL *ssl);
+ const COMP_METHOD *sycSSL_get_current_expansion(SSL *ssl);
+ const char *sycSSL_COMP_get_name(const COMP_METHOD *comp);
+@@ -98,7 +100,9 @@ const char *sycSSL_COMP_get_name(const COMP_METHOD *comp);
+ #define sycSSL_shutdown(s) SSL_shutdown(s)
+ #define sycSSL_CTX_free(c) SSL_CTX_free(c)
+ #define sycSSL_free(s) SSL_free(s)
++#ifndef OPENSSL_NO_EGD
+ #define sycRAND_egd(p) RAND_egd(p)
++#endif
+ 
+ #define sycPEM_read_bio_DHparams(b,x,p,u) PEM_read_bio_DHparams(b,x,p,u)
+ 
+diff --git a/xio-openssl.c b/xio-openssl.c
+index b7e95c1..03cc9ff 100644
+--- a/xio-openssl.c
++++ b/xio-openssl.c
+@@ -108,9 +108,11 @@ const struct optdesc opt_openssl_key         = { 
"openssl-key",         "key",
+ const struct optdesc opt_openssl_dhparam     = { "openssl-dhparam",     "dh", 
   OPT_OPENSSL_DHPARAM,     GROUP_OPENSSL, PH_SPEC, TYPE_FILENAME, OFUNC_SPEC };
+ const struct optdesc opt_openssl_cafile      = { "openssl-cafile",     
"cafile", OPT_OPENSSL_CAFILE,      GROUP_OPENSSL, PH_SPEC, TYPE_FILENAME, 
OFUNC_SPEC };
+ const struct optdesc opt_openssl_capath      = { "openssl-capath",     
"capath", OPT_OPENSSL_CAPATH,      GROUP_OPENSSL, PH_SPEC, TYPE_FILENAME, 
OFUNC_SPEC };
++#ifndef OPENSSL_NO_EGD
+ const struct optdesc opt_openssl_egd         = { "openssl-egd",        "egd", 
   OPT_OPENSSL_EGD,         GROUP_OPENSSL, PH_SPEC, TYPE_FILENAME, OFUNC_SPEC };
++#endif
+ const struct optdesc opt_openssl_pseudo      = { "openssl-pseudo",     
"pseudo", OPT_OPENSSL_PSEUDO,      GROUP_OPENSSL, PH_SPEC, TYPE_BOOL,     
OFUNC_SPEC };
+-#if OPENSSL_VERSION_NUMBER >= 0x00908000L
++#if OPENSSL_VERSION_NUMBER >= 0x00908000L && !defined(OPENSSL_NO_COMP)
+ const struct optdesc opt_openssl_compress    = { "openssl-compress",   
"compress", OPT_OPENSSL_COMPRESS,  GROUP_OPENSSL, PH_SPEC, TYPE_STRING,   
OFUNC_SPEC };
+ #endif
+ #if WITH_FIPS
+@@ -147,7 +149,7 @@ int xio_reset_fips_mode(void) {
+ static void openssl_conn_loginfo(SSL *ssl) {
+    Notice1("SSL connection using %s", SSL_get_cipher(ssl));
+ 
+-#if OPENSSL_VERSION_NUMBER >= 0x00908000L
++#if OPENSSL_VERSION_NUMBER >= 0x00908000L && !defined(OPENSSL_NO_COMP)
+    {
+       const COMP_METHOD *comp, *expansion;
+ 
+@@ -651,7 +653,7 @@ int _xioopen_openssl_listen(struct single *xfd,
+ #endif /* WITH_LISTEN */
+ 
+ 
+-#if OPENSSL_VERSION_NUMBER >= 0x00908000L
++#if OPENSSL_VERSION_NUMBER >= 0x00908000L && !defined(OPENSSL_NO_COMP)
+ /* In OpenSSL 0.9.7 compression methods could be added using
+  * SSL_COMP_add_compression_method(3), but the implemntation is not compatible
+  * with the standard (RFC3749).
+@@ -722,8 +724,10 @@ int
+    char *opt_dhparam = NULL;  /* file name of DH params */
+    char *opt_cafile = NULL;   /* certificate authority file */
+    char *opt_capath = NULL;   /* certificate authority directory */
++#ifndef OPENSSL_NO_EGD
+    char *opt_egd = NULL;      /* entropy gathering daemon socket path */
+-#if OPENSSL_VERSION_NUMBER >= 0x00908000L
++#endif
++#if OPENSSL_VERSION_NUMBER >= 0x00908000L && !defined(OPENSSL_NO_COMP)
+    char *opt_compress = NULL; /* compression method */
+ #endif
+    bool opt_pseudo = false;   /* use pseudo entropy if nothing else */
+@@ -741,9 +745,11 @@ int
+    retropt_string(opts, OPT_OPENSSL_CAPATH, &opt_capath);
+    retropt_string(opts, OPT_OPENSSL_KEY, &opt_key);
+    retropt_string(opts, OPT_OPENSSL_DHPARAM, &opt_dhparam);
++#ifndef OPENSSL_NO_EGD
+    retropt_string(opts, OPT_OPENSSL_EGD, &opt_egd);
++#endif
+    retropt_bool(opts,OPT_OPENSSL_PSEUDO, &opt_pseudo);
+-#if OPENSSL_VERSION_NUMBER >= 0x00908000L
++#if OPENSSL_VERSION_NUMBER >= 0x00908000L && !defined(OPENSSL_NO_COMP)
+    retropt_string(opts, OPT_OPENSSL_COMPRESS, &opt_compress);
+ #endif
+ #if WITH_FIPS
+@@ -877,9 +883,11 @@ int
+       }
+    }
+ 
++#ifndef OPENSSL_NO_EGD
+    if (opt_egd) {
+       sycRAND_egd(opt_egd);
+    }
++#endif
+ 
+    if (opt_pseudo) {
+       long int randdata;
+@@ -991,7 +999,7 @@ int
+    }
+ #endif /* !defined(EC_KEY) */
+ 
+-#if OPENSSL_VERSION_NUMBER >= 0x00908000L
++#if OPENSSL_VERSION_NUMBER >= 0x00908000L && !defined(OPENSSL_NO_COMP)
+    if (opt_compress) {
+       int result;
+       result = openssl_setup_compression(*ctx, opt_compress);
+@@ -1105,7 +1113,11 @@ static int openssl_SSL_ERROR_SSL(int level, const char 
*funcname) {
+       if (e == ((ERR_LIB_RAND<<24)|
+               (RAND_F_SSLEAY_RAND_BYTES<<12)|
+               (RAND_R_PRNG_NOT_SEEDED)) /*0x24064064*/) {
++#ifdef OPENSSL_NO_EGD
++       Error("too few entropy; use option \"pseudo\"");
++#else
+        Error("too few entropy; use options \"egd\" or \"pseudo\"");
++#endif
+        stat = STAT_NORETRY;
+       } else {
+        Msg2(level, "%s(): %s", funcname, ERR_error_string(e, buf));
+diff --git a/xio-openssl.h b/xio-openssl.h
+index 9cad8f4..bfe69ee 100644
+--- a/xio-openssl.h
++++ b/xio-openssl.h
+@@ -21,9 +21,11 @@ extern const struct optdesc opt_openssl_key;
+ extern const struct optdesc opt_openssl_dhparam;
+ extern const struct optdesc opt_openssl_cafile;
+ extern const struct optdesc opt_openssl_capath;
++#ifndef OPENSSL_NO_EGD
+ extern const struct optdesc opt_openssl_egd;
++#endif
+ extern const struct optdesc opt_openssl_pseudo;
+-#if OPENSSL_VERSION_NUMBER >= 0x00908000L
++#if OPENSSL_VERSION_NUMBER >= 0x00908000L && !defined(OPENSSL_NO_COMP)
+ extern const struct optdesc opt_openssl_compress;
+ #endif
+ #if WITH_FIPS
+diff --git a/xioopts.c b/xioopts.c
+index 3b0f300..e50c26c 100644
+--- a/xioopts.c
++++ b/xioopts.c
+@@ -296,7 +296,7 @@ const struct optname optionnames[] = {
+ #if WITH_EXT2 && defined(EXT2_COMPR_FL)
+       IF_ANY    ("compr",     &opt_ext2_compr)
+ #endif
+-#if OPENSSL_VERSION_NUMBER >= 0x00908000L
++#if OPENSSL_VERSION_NUMBER >= 0x00908000L && !defined(OPENSSL_NO_COMP)
+       IF_OPENSSL("compress",  &opt_openssl_compress)
+ #endif
+ #ifdef TCP_CONN_ABORT_THRESHOLD  /* HP_UX */
+@@ -412,7 +412,9 @@ const struct optname optionnames[] = {
+ #ifdef ECHOPRT
+       IF_TERMIOS("echoprt",   &opt_echoprt)
+ #endif
++#ifndef OPENSSL_NO_EGD
+       IF_OPENSSL("egd",       &opt_openssl_egd)
++#endif
+       IF_ANY    ("end-close", &opt_end_close)
+       IF_TERMIOS("eof",       &opt_veof)
+       IF_TERMIOS("eol",       &opt_veol)
+@@ -1098,11 +1100,13 @@ const struct optname optionnames[] = {
+       IF_OPENSSL("openssl-certificate",       &opt_openssl_certificate)
+       IF_OPENSSL("openssl-cipherlist",        &opt_openssl_cipherlist)
+       IF_OPENSSL("openssl-commonname",        &opt_openssl_commonname)
+-#if OPENSSL_VERSION_NUMBER >= 0x00908000L
++#if OPENSSL_VERSION_NUMBER >= 0x00908000L && !defined(OPENSSL_NO_COMP)
+       IF_OPENSSL("openssl-compress",  &opt_openssl_compress)
+ #endif
+       IF_OPENSSL("openssl-dhparam",   &opt_openssl_dhparam)
++#ifndef OPENSSL_NO_EGD
+       IF_OPENSSL("openssl-egd",       &opt_openssl_egd)
++#endif
+ #if WITH_FIPS
+       IF_OPENSSL("openssl-fips",      &opt_openssl_fips)
+ #endif
+diff --git a/xioopts.h b/xioopts.h
+index ebcf315..305e018 100644
+--- a/xioopts.h
++++ b/xioopts.h
+@@ -474,11 +474,13 @@ enum e_optcode {
+    OPT_OPENSSL_CERTIFICATE,
+    OPT_OPENSSL_CIPHERLIST,
+    OPT_OPENSSL_COMMONNAME,
+-#if OPENSSL_VERSION_NUMBER >= 0x00908000L
++#if OPENSSL_VERSION_NUMBER >= 0x00908000L && !defined(OPENSSL_NO_COMP)
+    OPT_OPENSSL_COMPRESS,
+ #endif
+    OPT_OPENSSL_DHPARAM,
++#ifndef OPENSSL_NO_EGD
+    OPT_OPENSSL_EGD,
++#endif
+    OPT_OPENSSL_FIPS,
+    OPT_OPENSSL_KEY,
+    OPT_OPENSSL_METHOD,
+-- 
+2.7.3
+

diff --git a/net-misc/socat/socat-1.7.3.1-r1.ebuild 
b/net-misc/socat/socat-1.7.3.1-r1.ebuild
new file mode 100644
index 00000000..15236ff
--- /dev/null
+++ b/net-misc/socat/socat-1.7.3.1-r1.ebuild
@@ -0,0 +1,73 @@
+# Copyright 1999-2016 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+EAPI=6
+
+inherit autotools flag-o-matic toolchain-funcs
+
+DESCRIPTION="Multipurpose relay (SOcket CAT)"
+HOMEPAGE="http://www.dest-unreach.org/socat/";
+MY_P=${P/_beta/-b}
+S="${WORKDIR}/${MY_P}"
+SRC_URI="http://www.dest-unreach.org/socat/download/${MY_P}.tar.bz2";
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~sparc ~x86 ~amd64-linux 
~x86-linux ~ppc-macos ~x64-macos ~x86-macos"
+IUSE="bindist libressl ssl readline ipv6 tcpd"
+
+DEPEND="
+       ssl? (
+               !libressl? ( dev-libs/openssl:0= )
+               libressl? ( dev-libs/libressl:= )
+       )
+       readline? ( sys-libs/readline:= )
+       tcpd? ( sys-apps/tcp-wrappers )
+"
+RDEPEND="${DEPEND}"
+
+RESTRICT="test
+       ssl? ( readline? ( bindist ) )"
+
+DOCS=(
+       BUGREPORTS CHANGES DEVELOPMENT EXAMPLES FAQ FILES PORTING README 
SECURITY
+)
+
+PATCHES=(
+       "${FILESDIR}"/${PN}-1.7.3.0-filan-build.patch
+       "${FILESDIR}"/${PN}-1.7.3.1-stddef_h.patch
+       "${FILESDIR}"/${PN}-1.7.3.1-libressl.patch
+)
+
+pkg_setup() {
+       # bug #587740
+       if use readline && use ssl; then
+               elog "You are enabling both readline and openssl USE flags, the 
licenses"
+               elog "for these packages conflict. You may not be able to 
legally"
+               elog "redistribute the resulting binary."
+       fi
+}
+
+src_prepare() {
+       default
+
+       eautoreconf
+}
+
+src_configure() {
+       filter-flags '-Wno-error*' #293324
+       tc-export AR
+       econf \
+               $(use_enable ssl openssl) \
+               $(use_enable readline) \
+               $(use_enable ipv6 ip6) \
+               $(use_enable tcpd libwrap)
+}
+
+src_install() {
+       default
+
+       docinto html
+       dodoc doc/*.html doc/*.css
+}

Reply via email to