sys-cluster/keepalived: add upstream libressl patch

This patch was accepted upstream and fixes the build with LibreSSL which
doesn't yet have the SSL_set0_wbio() function and this is solved by
adding a configure check.

Bug: https://bugs.gentoo.org/903001
Upstream-PR: acassen/keepalived#2124
Upstream-Commit: acassen/keepalived@bbec15d
Upstream-PR: acassen/keepalived#2130
Upstream-Commit: acassen/keepalived@5cb4030
Upstream-Issue: libressl/portable#838
Signed-off-by: orbea <orbea@riseup.net>

sys-cluster/keepalived/files/keepalived-2.2.7-libressl.patch

@@ -0,0 +1,67 @@
+https://bugs.gentoo.org/903001
+https://github.com/acassen/keepalived/pull/2124
+https://github.com/acassen/keepalived/commit/bbec15d4781670ac1be5e543cb04543f79200e69
+https://github.com/acassen/keepalived/pull/2130
+https://github.com/acassen/keepalived/commit/5cb40301f5cd8fbedbb756cd3d838def7293e0bd
+
+From bbec15d4781670ac1be5e543cb04543f79200e69 Mon Sep 17 00:00:00 2001
+From: Fabrice Fontaine <fontaine.fabrice@gmail.com>
+Date: Tue, 12 Apr 2022 20:30:57 +0200
+Subject: [PATCH] fix build with libressl
+
+SSL_set0_rbio is provided by libressl since version 3.4.0 and
+https://github.com/libressl-portable/openbsd/commit/c99939f9665a9c3c648682b4987df46600b70efc
+but SSL_set0_wbio is not provided resulting in the following build
+failure:
+
+/nvmedata/autobuild/instance-9/output-1/host/lib/gcc/s390x-buildroot-linux-gnu/10.3.0/../../../../s390x-buildroot-linux-gnu/bin/ld: check/libcheck.a(check_ssl.o): in function `ssl_connect':
+check_ssl.c:(.text+0x7da): undefined reference to `SSL_set0_wbio'
+
+Fixes:
+ - http://autobuild.buildroot.org/results/76f72a3c7350ea265e2277c89d68e5256410e94c
+
+Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
+---
+ configure.ac                 | 2 +-
+ keepalived/check/check_ssl.c | 2 +-
+ 2 files changed, 2 insertions(+), 2 deletions(-)
+
+From 5cb40301f5cd8fbedbb756cd3d838def7293e0bd Mon Sep 17 00:00:00 2001
+From: Quentin Armitage <quentin@armitage.org.uk>
+Date: Mon, 18 Apr 2022 09:52:47 +0100
+Subject: [PATCH] Check for both SSL_set0_rbio and SSL_set0_wbio
+
+This updates commit bbec15d - "fix build with libressl"
+
+Signed-off-by: Quentin Armitage <quentin@armitage.org.uk>
+---
+ configure.ac                 | 2 +-
+ keepalived/check/check_ssl.c | 2 +-
+ 2 files changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/configure.ac b/configure.ac
+index 350a9f4e..91f90afe 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -1327,7 +1327,7 @@ AC_COMPILE_IFELSE([AC_LANG_SOURCE([[
+ AC_CHECK_FUNCS([SSL_CTX_set_verify_depth])
+
+ # SSL_set0_rbio(), SSL_set0_wbio() OPENSSL_init_crypto() and TLS_method() introduced OpenSSL v1.1.0
+-AC_CHECK_FUNCS([SSL_set0_rbio OPENSSL_init_crypto TLS_method])
++AC_CHECK_FUNCS([SSL_set0_rbio SSL_set0_wbio OPENSSL_init_crypto TLS_method])
+
+ # In OpenSSL v1.1.1 the call to SSL_CTX_new() fails if OPENSSL_init_crypto() has been called with
+ # OPENSSL_INIT_NO_LOAD_CONFIG. It does not fail in v1.1.0h and v1.1.1b.
+diff --git a/keepalived/check/check_ssl.c b/keepalived/check/check_ssl.c
+index 0155fce5..1a5c2acb 100644
+--- a/keepalived/check/check_ssl.c
++++ b/keepalived/check/check_ssl.c
+@@ -234,7 +234,7 @@ ssl_connect(thread_ref_t thread, int new_req)
+ 		BIO_get_fd(req->bio, &bio_fd);
+ 		if (fcntl(bio_fd, F_SETFD, fcntl(bio_fd, F_GETFD) | FD_CLOEXEC) == -1)
+ 			log_message(LOG_INFO, "Setting CLOEXEC failed on ssl socket - errno %d", errno);
+-#ifdef HAVE_SSL_SET0_RBIO
++#if defined HAVE_SSL_SET0_RBIO && defined HAVE_SSL_SET0_WBIO
+ 		BIO_up_ref(req->bio);
+ 		SSL_set0_rbio(req->ssl, req->bio);
+ 		SSL_set0_wbio(req->ssl, req->bio);

sys-cluster/keepalived/keepalived-2.2.7.ebuild

@@ -1,4 +1,4 @@
-# Copyright 1999-2022 Gentoo Authors
+# Copyright 1999-2023 Gentoo Authors
 # Distributed under the terms of the GNU General Public License v2
 
 EAPI=8
@@ -36,6 +36,10 @@ DOCS=(
 	doc/keepalived.conf.SYNOPSIS doc/NOTE_vrrp_vmac.txt
 )
 
+PATCHES=(
+	"${FILESDIR}"/${P}-libressl.patch #903001
+)
+
 src_prepare() {
 	default
 	eautoreconf