fix for new openssl from upstream; ok kili@

2010-10-03 21:24:52 +00:00 · 2010-10-03 21:24:52 +00:00 · d2c1c2a579
commit d2c1c2a579
parent 320054b099
3 changed files with 177 additions and 1 deletions
--- a/mail/nail/Makefile
+++ b/mail/nail/Makefile
@ -1,8 +1,9 @@
-# $OpenBSD: Makefile,v 1.19 2009/05/04 19:10:49 okan Exp $
+# $OpenBSD: Makefile,v 1.20 2010/10/03 21:24:52 sthen Exp $

 COMMENT=		enhanced, MIME capable Berkeley Mail

 V=			12.4
+REVISION=		0
 DISTNAME=		mailx-${V}
 PKGNAME=		nail-${V}
 CATEGORIES=		mail
--- a/mail/nail/patches/patch-makeconfig
+++ b/mail/nail/patches/patch-makeconfig
@ -0,0 +1,41 @@
+$OpenBSD: patch-makeconfig,v 1.1 2010/10/03 21:24:52 sthen Exp $
+
+work with OpenSSL 1.0, from upstream repo.
+
+--- makeconfig.orig	Sat Apr 14 16:24:28 2007
+++ makeconfig	Sun Oct  3 21:14:23 2010
+@@ -1,7 +1,7 @@
+ #!/bin/sh
+ 
+ #
+-# Sccsid @(#)makeconfig	1.43 (gritter) 4/14/07
+# Sccsid @(#)makeconfig	1.44 (gritter) 5/26/09
+ #
+ 
+ tmp=___build$$
+@@ -393,6 +393,25 @@ CERTAltNameEncodedContext	foo;
+ !
+ fi
+ 
+if test x$have_openssl = xyes
+then
+	compile_check stack_of 'for STACK_OF()' '#define HAVE_STACK_OF' <<\!
+#include <openssl/ssl.h>
+#include <openssl/err.h>
+#include <openssl/x509v3.h>
+#include <openssl/x509.h>
+#include <openssl/rand.h>
+
+int main(void)
+{
+	STACK_OF(GENERAL_NAME)	*gens = NULL;
+	printf("%p", gens);	/* to make it used */
+	SSLv23_client_method();
+	PEM_read_PrivateKey(0, 0, 0, 0);
+	return 0;
+}
+!
+fi
+ 
+ cat >$tmp2.c <<\!
+ #include <gssapi/gssapi.h>
--- a/mail/nail/patches/patch-openssl_c
+++ b/mail/nail/patches/patch-openssl_c
@ -0,0 +1,134 @@
+$OpenBSD: patch-openssl_c,v 1.1 2010/10/03 21:24:52 sthen Exp $
+
+work with OpenSSL 1.0, from upstream repo.
+
+--- openssl.c.orig	Sat Aug  4 12:38:03 2007
+++ openssl.c	Sun Oct  3 21:14:22 2010
+@@ -38,7 +38,7 @@
+ 
+ #ifndef lint
+ #ifdef	DOSCCS
+-static char sccsid[] = "@(#)openssl.c	1.25 (gritter) 8/4/07";
+static char sccsid[] = "@(#)openssl.c	1.26 (gritter) 5/26/09";
+ #endif
+ #endif /* not lint */
+ 
+@@ -101,12 +101,17 @@ static void sslcatch(int s);
+ static int ssl_rand_init(void);
+ static void ssl_init(void);
+ static int ssl_verify_cb(int success, X509_STORE_CTX *store);
+-static SSL_METHOD *ssl_select_method(const char *uhp);
+static const SSL_METHOD *ssl_select_method(const char *uhp);
+ static void ssl_load_verifications(struct sock *sp);
+ static void ssl_certificate(struct sock *sp, const char *uhp);
+ static enum okay ssl_check_host(const char *server, struct sock *sp);
+#ifdef HAVE_STACK_OF
+static int smime_verify(struct message *m, int n, STACK_OF(X509) *chain,
+		X509_STORE *store);
+#else
+ static int smime_verify(struct message *m, int n, STACK *chain,
+ 		X509_STORE *store);
+#endif
+ static EVP_CIPHER *smime_cipher(const char *name);
+ static int ssl_password_cb(char *buf, int size, int rwflag, void *userdata);
+ static FILE *smime_sign_cert(const char *xname, const char *xname2, int warn);
+@@ -203,10 +208,10 @@ ssl_verify_cb(int success, X509_STORE_CTX *store)
+ 	return 1;
+ }
+ 
+-static SSL_METHOD *
+static const SSL_METHOD *
+ ssl_select_method(const char *uhp)
+ {
+-	SSL_METHOD *method;
+	const SSL_METHOD *method;
+ 	char	*cp;
+ 
+ 	cp = ssl_method_string(uhp);
+@@ -308,7 +313,11 @@ ssl_check_host(const char *server, struct sock *sp)
+ 	X509 *cert;
+ 	X509_NAME *subj;
+ 	char data[256];
+#ifdef HAVE_STACK_OF
+	STACK_OF(GENERAL_NAME)	*gens;
+#else
+ 	/*GENERAL_NAMES*/STACK	*gens;
+#endif
+ 	GENERAL_NAME	*gen;
+ 	int	i;
+ 
+@@ -357,7 +366,8 @@ ssl_open(const char *server, struct sock *sp, const ch
+ 
+ 	ssl_init();
+ 	ssl_set_vrfy_level(uhp);
+-	if ((sp->s_ctx = SSL_CTX_new(ssl_select_method(uhp))) == NULL) {
+	if ((sp->s_ctx =
+	     SSL_CTX_new((SSL_METHOD *)ssl_select_method(uhp))) == NULL) {
+ 		ssl_gen_err(catgets(catd, CATSET, 261, "SSL_CTX_new() failed"));
+ 		return STOP;
+ 	}
+@@ -496,7 +506,11 @@ smime_sign(FILE *ip, struct header *headp)
+ }
+ 
+ static int
+#ifdef HAVE_STACK_OF
+smime_verify(struct message *m, int n, STACK_OF(X509) *chain, X509_STORE *store)
+#else
+ smime_verify(struct message *m, int n, STACK *chain, X509_STORE *store)
+#endif
+ {
+ 	struct message	*x;
+ 	char	*cp, *sender, *to, *cc, *cnttype;
+@@ -505,7 +519,12 @@ smime_verify(struct message *m, int n, STACK *chain, X
+ 	off_t	size;
+ 	BIO	*fb, *pb;
+ 	PKCS7	*pkcs7;
+#ifdef HAVE_STACK_OF
+	STACK_OF(X509)	*certs;
+	STACK_OF(GENERAL_NAME)	*gens;
+#else
+ 	STACK	*certs, *gens;
+#endif
+ 	X509	*cert;
+ 	X509_NAME	*subj;
+ 	char	data[LINESIZE];
+@@ -614,7 +633,11 @@ cverify(void *vp)
+ {
+ 	int	*msgvec = vp, *ip;
+ 	int	ec = 0;
+#ifdef HAVE_STACK_OF
+	STACK_OF(X509)	*chain = NULL;
+#else
+ 	STACK	*chain = NULL;
+#endif
+ 	X509_STORE	*store;
+ 	char	*ca_dir, *ca_file;
+ 
+@@ -687,7 +710,11 @@ smime_encrypt(FILE *ip, const char *certfile, const ch
+ 	X509	*cert;
+ 	PKCS7	*pkcs7;
+ 	BIO	*bb, *yb;
+#ifdef HAVE_STACK_OF
+	STACK_OF(X509)	*certs;
+#else
+ 	STACK	*certs;
+#endif
+ 	EVP_CIPHER	*cipher;
+ 
+ 	certfile = expand((char *)certfile);
+@@ -950,9 +977,14 @@ smime_certsave(struct message *m, int n, FILE *op)
+ 	off_t	size;
+ 	BIO	*fb, *pb;
+ 	PKCS7	*pkcs7;
+#ifdef HAVE_STACK_OF
+	STACK_OF(X509)	*certs;
+	STACK_OF(X509)	*chain = NULL;
+#else
+ 	STACK	*certs;
+-	X509	*cert;
+ 	STACK	*chain = NULL;
+#endif
+	X509	*cert;
+ 	enum okay	ok = OKAY;
+ 
+ 	message_number = n;