[gentoo-commits] repo/gentoo:master commit in: net-libs/c-client/, net-libs/c-client/files/
commit: bcd6b6d96343c2a56ed7f0df97dc9ec13daa94c9
Author: Sam James gentoo org>
AuthorDate: Mon Feb 6 03:56:03 2023 +
Commit: Sam James gentoo org>
CommitDate: Mon Feb 6 03:58:50 2023 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=bcd6b6d9
net-libs/c-client: add 2007f_p7
One of our patches (c-client-2007f-openssl-1.1.patch, which seems
to have been from - or derived from at least - openwrt at
https://github.com/openwrt/packages/commit/b087da8530a8889bd7c765dddbbe218116d11643)
has been causing issues with OpenSSL 1.1 by not giving proper regard
to the return value of ssl_validate_cert.
There's a suggested alternative fixed patch in the bug, but given that
c-client is one of those zombie packages we need to keep but isn't
active upstream, let's try switching to Debian's patchset, as it
works for them, and the effective diff comparing prepared sources before/after
is pretty small overall.
(We also end up cleaning up a few things, like the library stops exporting
'Gethostbyname' (with a capital G) and such.)
Scott Tester smbc.edu.au> deserves a special mention for being
persistent
here. Thank you!
Bug: https://bugs.gentoo.org/647616
Closes: https://bugs.gentoo.org/683708
Signed-off-by: Sam James gentoo.org>
net-libs/c-client/Manifest | 1 +
net-libs/c-client/c-client-2007f_p7.ebuild | 172 +
.../files/c-client-2007f_GENTOO_amd64-so-fix.patch | 12 ++
...-client-2007f_p7-implicit-declaration-fix.patch | 46 ++
.../c-client/files/c-client-2007f_p7-ldflags.patch | 33
5 files changed, 264 insertions(+)
diff --git a/net-libs/c-client/Manifest b/net-libs/c-client/Manifest
index a84c4a83e18d..6a0e06458996 100644
--- a/net-libs/c-client/Manifest
+++ b/net-libs/c-client/Manifest
@@ -1,2 +1,3 @@
DIST c-client-2007f-chappa-115-all.patch.gz 30571 BLAKE2B
707ec7718f764d5fea4142a4e0c4dd561d0a387cb72fea16de656a01bc21a0b30600dc121c8af090b76188d0131852ca6f3d40b9bba8745696faed5a79fb8c59
SHA512
f44489ec38aa6a3dc682872a6857154254c23352db81ee380dfdfad39743234d97a8bcc07a74459f7532efe2fc073cf7d9c078433e11a95de19beeb387ff8b65
DIST imap-2007f.tar.Z 2793529 BLAKE2B
f5b597551ef56d284180cd49cf6b7d01a63ee60bcb513a354bd7ec63428184b854e3ea666a9f3ce1f5b27699cf81d2f1d0e66e5cfc7fee93d723bb146d113ec7
SHA512
2c728deaf66d23158c61ae55ff94f05d2a1cf0168002760321ca30c6ee1c58c0a4c7bc14ece0097ea662df6c7c49be3b91c8e5e943724c9e2736800fa9298dae
+DIST uw-imap_2007f~dfsg-7.debian.tar.xz 44960 BLAKE2B
836dfd9a5922cd3043278a89c87276c974c8e91c5831a94caef6e73b2839d246bda879f67bdad88ae59888b5dc8b6ca366aa48b6d197508cd10cdc68f1e7027f
SHA512
3a903062c782c942d4c7a1122be686e301ea4d4c6f6ff1dbc78ae29c7ee7b8e02fb25a903401e6a7047ddccaf6bcceba953f6cad1c1890cd6410ea909b014af6
diff --git a/net-libs/c-client/c-client-2007f_p7.ebuild
b/net-libs/c-client/c-client-2007f_p7.ebuild
new file mode 100644
index ..c3fd74b4a8a9
--- /dev/null
+++ b/net-libs/c-client/c-client-2007f_p7.ebuild
@@ -0,0 +1,172 @@
+# Copyright 1999-2023 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+inherit flag-o-matic libtool toolchain-funcs
+
+MY_PN=imap
+MY_P="${MY_PN}-${PV}"
+
+CHAPPA_PL=115
+DESCRIPTION="UW IMAP c-client library"
+HOMEPAGE="http://www.washington.edu/imap/;
+SRC_URI="
+ ftp://ftp.cac.washington.edu/imap/${MY_PN}-$(ver_cut 1-2).tar.Z
+
mirror://debian/pool/main/u/uw-${MY_PN}/uw-${MY_PN}_${PV/_p/"~dfsg-"}.debian.tar.xz
+ chappa? ( mirror://gentoo/${PN}-$(ver_cut
1-2)-chappa-${CHAPPA_PL}-all.patch.gz )
+"
+S="${WORKDIR}"/${MY_PN}-$(ver_cut 1-2)
+
+LICENSE="Apache-2.0"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~loong ~mips ~ppc ~ppc64
~riscv ~s390 ~sparc ~x86"
+IUSE="doc +ipv6 kerberos pam ssl static-libs topal chappa"
+
+RDEPEND="
+ ssl? (
+ dev-libs/openssl:=
+ )
+ kernel_linux? (
+ pam? ( >=sys-libs/pam-0.72 )
+ !pam? ( virtual/libcrypt:= )
+ )
+ kerberos? ( app-crypt/mit-krb5 )
+"
+DEPEND="${RDEPEND}"
+
+PATCHES=(
+ "${WORKDIR}"/debian/patches
+
+ # Apply a patch to only build the stuff we need for c-client
+ "${FILESDIR}/${PN}-2006k_GENTOO_Makefile.patch"
+
+ # Apply patch to add the compilation of a .so for PHP
+ # This was previously conditional, but is more widely useful.
+ "${FILESDIR}/${PN}-2007f_GENTOO_amd64-so-fix.patch"
+
+ # Respect LDFLAGS
+ "${FILESDIR}/${PN}-2007f_p7-ldflags.patch"
+
+ # build fix for -Werror=implicit-function-declaration and
+ # incompatible function pointer types, bug #870478
+ "${FILESDIR}/${PN}-2007f-scandir-callback-types.patch"
+ "${FILESDIR}/${PN}-2007f_p7-implicit-declaration-fix.patch"
+)
+
+src_prepare() {
+ use topal && PATCHES+=( "${FILESDIR}/${P}-topal.patch" )
+
+ default
+
+ use chappa && eapply -p2 "${WORKDIR}/${P}-chappa-${CHAPPA_PL}-all.patch"
+
+
[gentoo-commits] repo/gentoo:master commit in: net-libs/c-client/, net-libs/c-client/files/
commit: c2626757b304cbe1ba5da551b0db496989e95cc0
Author: Lars Wendler gentoo org>
AuthorDate: Wed Oct 24 15:07:24 2018 +
Commit: Lars Wendler gentoo org>
CommitDate: Wed Oct 24 15:07:39 2018 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=c2626757
net-libs/c-client: Fixed build with openssl-1.1
Closes: https://bugs.gentoo.org/647616
Signed-off-by: Lars Wendler gentoo.org>
Package-Manager: Portage-2.3.51, Repoman-2.3.11
net-libs/c-client/c-client-2007f-r6.ebuild | 33 ++-
.../files/c-client-2007f-openssl-1.1.patch | 66 ++
2 files changed, 86 insertions(+), 13 deletions(-)
diff --git a/net-libs/c-client/c-client-2007f-r6.ebuild
b/net-libs/c-client/c-client-2007f-r6.ebuild
index 6f539a98487..bd9925412df 100644
--- a/net-libs/c-client/c-client-2007f-r6.ebuild
+++ b/net-libs/c-client/c-client-2007f-r6.ebuild
@@ -1,4 +1,4 @@
-# Copyright 1999-2017 Gentoo Foundation
+# Copyright 1999-2018 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
EAPI=6
@@ -30,9 +30,28 @@ DEPEND="${RDEPEND}
kernel_linux? ( pam? ( >=sys-libs/pam-0.72 ) )
"
+PATCHES=(
+ # Apply a patch to only build the stuff we need for c-client
+ "${FILESDIR}/${PN}-2006k_GENTOO_Makefile.patch"
+
+ # Apply patch to add the compilation of a .so for PHP
+ # This was previously conditional, but is more widely useful.
+ "${FILESDIR}/${PN}-2006k_GENTOO_amd64-so-fix.patch"
+
+ # Respect LDFLAGS
+ "${FILESDIR}/${PN}-2007f-ldflags.patch"
+
+ # openssl-1.1 build fix #647616
+ "${FILESDIR}/${PN}-2007f-openssl-1.1.patch"
+)
+
src_prepare() {
+ use topal && PATCHES+=( "${FILESDIR}/${P}-topal.patch" )
+
default
+ use chappa && eapply -p2 "${WORKDIR}/${P}-chappa-${CHAPPA_PL}-all.patch"
+
# Tarball packed with bad file perms
chmod -R u+rwX,go-w . || die "failed to fix permissions"
@@ -60,28 +79,16 @@ src_prepare() {
-i src/osdep/unix/Makefile \
|| die "failed to fix the FreeBSD ACTIVEFILE path in the
Makefile"
- # Apply a patch to only build the stuff we need for c-client
- eapply "${FILESDIR}/${PN}-2006k_GENTOO_Makefile.patch"
-
- # Apply patch to add the compilation of a .so for PHP
- # This was previously conditional, but is more widely useful.
- eapply "${FILESDIR}/${PN}-2006k_GENTOO_amd64-so-fix.patch"
-
# Remove the pesky checks about SSL stuff
sed -e '/read.*exit/d' -i Makefile \
|| die "failed to disable SSL warning in the Makefile"
- # Respect LDFLAGS
- eapply "${FILESDIR}/${PN}-2007f-ldflags.patch"
sed -e "s:CC=cc:CC=$(tc-getCC):" \
-e "s:ARRC=ar:ARRC=$(tc-getAR):" \
-e "s:RANLIB=ranlib:RANLIB=$(tc-getRANLIB):" \
-i src/osdep/unix/Makefile \
|| die "failed to fix build flags support in the Makefile"
- use topal && eapply "${FILESDIR}/${P}-topal.patch"
- use chappa && epatch "${DISTDIR}/${P}-chappa-${CHAPPA_PL}-all.patch.gz"
-
elibtoolize
}
diff --git a/net-libs/c-client/files/c-client-2007f-openssl-1.1.patch
b/net-libs/c-client/files/c-client-2007f-openssl-1.1.patch
new file mode 100644
index 000..918f0bd3fbd
--- /dev/null
+++ b/net-libs/c-client/files/c-client-2007f-openssl-1.1.patch
@@ -0,0 +1,66 @@
+diff -Nru a/src/osdep/unix/ssl_unix.c b/src/osdep/unix/ssl_unix.c
+--- a/src/osdep/unix/ssl_unix.c2011-07-23 02:20:10.0 +0200
b/src/osdep/unix/ssl_unix.c2018-09-22 09:34:26.492765776 +0200
+@@ -59,7 +59,7 @@
+ static SSLSTREAM *ssl_start(TCPSTREAM *tstream,char *host,unsigned long
flags);
+ static char *ssl_start_work (SSLSTREAM *stream,char *host,unsigned long
flags);
+ static int ssl_open_verify (int ok,X509_STORE_CTX *ctx);
+-static char *ssl_validate_cert (X509 *cert,char *host);
++static char *ssl_validate_cert (X509 *cert,char *host, char *cert_subj);
+ static long ssl_compare_hostnames (unsigned char *s,unsigned char *pat);
+ static char *ssl_getline_work (SSLSTREAM *stream,unsigned long *size,
+ long *contd);
+@@ -210,6 +210,7 @@
+ BIO *bio;
+ X509 *cert;
+ unsigned long sl,tl;
++ char cert_subj[250];
+ char *s,*t,*err,tmp[MAILTMPLEN];
+ sslcertificatequery_t scq =
+ (sslcertificatequery_t) mail_parameters (NIL,GET_SSLCERTIFICATEQUERY,NIL);
+@@ -266,13 +267,17 @@
+ if (SSL_write (stream->con,"",0) < 0)
+ return ssl_last_error ? ssl_last_error : "SSL negotiation failed";
+ /* need to validate host names? */
+- if (!(flags & NET_NOVALIDATECERT) &&
+- (err = ssl_validate_cert (cert = SSL_get_peer_certificate (stream->con),
+- host))) {
+- /* application callback */
+-if (scq) return (*scq) (err,host,cert ? cert->name : "???") ? NIL :
