forked from gentoo/gentoo
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
sys-cluster/keepalived: add upstream libressl patch
This patch was accepted upstream and fixes the build with LibreSSL which doesn't yet have the SSL_set0_wbio() function and this is solved by adding a configure check. Bug: https://bugs.gentoo.org/903001 Upstream-PR: acassen/keepalived#2124 Upstream-Commit: acassen/keepalived@bbec15d Upstream-PR: acassen/keepalived#2130 Upstream-Commit: acassen/keepalived@5cb4030 Upstream-Issue: libressl/portable#838 Signed-off-by: orbea <orbea@riseup.net>
- Loading branch information
Showing
2 changed files
with
72 additions
and
1 deletion.
There are no files selected for viewing
67 changes: 67 additions & 0 deletions
67
sys-cluster/keepalived/files/keepalived-2.2.7-libressl.patch
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,67 @@ | ||
https://bugs.gentoo.org/903001 | ||
https://github.com/acassen/keepalived/pull/2124 | ||
https://github.com/acassen/keepalived/commit/bbec15d4781670ac1be5e543cb04543f79200e69 | ||
https://github.com/acassen/keepalived/pull/2130 | ||
https://github.com/acassen/keepalived/commit/5cb40301f5cd8fbedbb756cd3d838def7293e0bd | ||
|
||
From bbec15d4781670ac1be5e543cb04543f79200e69 Mon Sep 17 00:00:00 2001 | ||
From: Fabrice Fontaine <fontaine.fabrice@gmail.com> | ||
Date: Tue, 12 Apr 2022 20:30:57 +0200 | ||
Subject: [PATCH] fix build with libressl | ||
|
||
SSL_set0_rbio is provided by libressl since version 3.4.0 and | ||
https://github.com/libressl-portable/openbsd/commit/c99939f9665a9c3c648682b4987df46600b70efc | ||
but SSL_set0_wbio is not provided resulting in the following build | ||
failure: | ||
|
||
/nvmedata/autobuild/instance-9/output-1/host/lib/gcc/s390x-buildroot-linux-gnu/10.3.0/../../../../s390x-buildroot-linux-gnu/bin/ld: check/libcheck.a(check_ssl.o): in function `ssl_connect': | ||
check_ssl.c:(.text+0x7da): undefined reference to `SSL_set0_wbio' | ||
|
||
Fixes: | ||
- http://autobuild.buildroot.org/results/76f72a3c7350ea265e2277c89d68e5256410e94c | ||
|
||
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> | ||
--- | ||
configure.ac | 2 +- | ||
keepalived/check/check_ssl.c | 2 +- | ||
2 files changed, 2 insertions(+), 2 deletions(-) | ||
|
||
From 5cb40301f5cd8fbedbb756cd3d838def7293e0bd Mon Sep 17 00:00:00 2001 | ||
From: Quentin Armitage <quentin@armitage.org.uk> | ||
Date: Mon, 18 Apr 2022 09:52:47 +0100 | ||
Subject: [PATCH] Check for both SSL_set0_rbio and SSL_set0_wbio | ||
|
||
This updates commit bbec15d - "fix build with libressl" | ||
|
||
Signed-off-by: Quentin Armitage <quentin@armitage.org.uk> | ||
--- | ||
configure.ac | 2 +- | ||
keepalived/check/check_ssl.c | 2 +- | ||
2 files changed, 2 insertions(+), 2 deletions(-) | ||
|
||
diff --git a/configure.ac b/configure.ac | ||
index 350a9f4e..91f90afe 100644 | ||
--- a/configure.ac | ||
+++ b/configure.ac | ||
@@ -1327,7 +1327,7 @@ AC_COMPILE_IFELSE([AC_LANG_SOURCE([[ | ||
AC_CHECK_FUNCS([SSL_CTX_set_verify_depth]) | ||
|
||
# SSL_set0_rbio(), SSL_set0_wbio() OPENSSL_init_crypto() and TLS_method() introduced OpenSSL v1.1.0 | ||
-AC_CHECK_FUNCS([SSL_set0_rbio OPENSSL_init_crypto TLS_method]) | ||
+AC_CHECK_FUNCS([SSL_set0_rbio SSL_set0_wbio OPENSSL_init_crypto TLS_method]) | ||
|
||
# In OpenSSL v1.1.1 the call to SSL_CTX_new() fails if OPENSSL_init_crypto() has been called with | ||
# OPENSSL_INIT_NO_LOAD_CONFIG. It does not fail in v1.1.0h and v1.1.1b. | ||
diff --git a/keepalived/check/check_ssl.c b/keepalived/check/check_ssl.c | ||
index 0155fce5..1a5c2acb 100644 | ||
--- a/keepalived/check/check_ssl.c | ||
+++ b/keepalived/check/check_ssl.c | ||
@@ -234,7 +234,7 @@ ssl_connect(thread_ref_t thread, int new_req) | ||
BIO_get_fd(req->bio, &bio_fd); | ||
if (fcntl(bio_fd, F_SETFD, fcntl(bio_fd, F_GETFD) | FD_CLOEXEC) == -1) | ||
log_message(LOG_INFO, "Setting CLOEXEC failed on ssl socket - errno %d", errno); | ||
-#ifdef HAVE_SSL_SET0_RBIO | ||
+#if defined HAVE_SSL_SET0_RBIO && defined HAVE_SSL_SET0_WBIO | ||
BIO_up_ref(req->bio); | ||
SSL_set0_rbio(req->ssl, req->bio); | ||
SSL_set0_wbio(req->ssl, req->bio); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters