sys-cluster/csync2: remove unused patch

Closes: https://github.com/gentoo/gentoo/pull/3900
author: Michael Mair-Keimberger (asterix) <m.mairkeimberger@gmail.com> 2017-02-10 16:45:57 +0100
committer: David Seifert <soap@gentoo.org> 2017-02-10 23:33:00 +0100
commit: ba4f45b4c9be98b45f7e9ae4e35ed967f56d4236 (patch)
tree: eb0f4e952eebd01e11773bf200151c9c9c42f5c9
parent: sys-cluster/cman: remove unused file (diff)
download: gentoo-ba4f45b4c9be98b45f7e9ae4e35ed967f56d4236.tar.gz
gentoo-ba4f45b4c9be98b45f7e9ae4e35ed967f56d4236.tar.bz2
gentoo-ba4f45b4c9be98b45f7e9ae4e35ed967f56d4236.zip
1 files changed, 0 insertions, 279 deletions
diff --git a/sys-cluster/csync2/files/csync2-1.34-gnutls.patch b/sys-cluster/csync2/files/csync2-1.34-gnutls.patch
deleted file mode 100644
index 64af5229be74..000000000000
--- a/sys-cluster/csync2/files/csync2-1.34-gnutls.patch
+++ /dev/null
@@ -1,279 +0,0 @@
-Fixes build with >=net-libs/gnutls-2.7.1
-
-http://bugs.gentoo.org/show_bug.cgi?id=274213
-
---- conn.c
-+++ conn.c
-@@ -32,7 +32,7 @@
- 
- #ifdef HAVE_LIBGNUTLS_OPENSSL
- #  include <gnutls/gnutls.h>
--#  include <gnutls/openssl.h>
-+#  include <gnutls/x509.h>
- #endif
- 
- int conn_fd_in  = -1;
-@@ -42,9 +42,8 @@
- #ifdef HAVE_LIBGNUTLS_OPENSSL
- int csync_conn_usessl = 0;
- 
--SSL_METHOD *conn_ssl_meth;
--SSL_CTX *conn_ssl_ctx;
--SSL *conn_ssl;
-+static gnutls_session_t conn_tls_session;
-+static gnutls_certificate_credentials_t conn_x509_cred;
- #endif
- 
- int conn_open(const char *peername)
-@@ -112,41 +111,104 @@
- 
- #ifdef HAVE_LIBGNUTLS_OPENSSL
- 
--char *ssl_keyfile = ETCDIR "/csync2_ssl_key.pem";
--char *ssl_certfile = ETCDIR "/csync2_ssl_cert.pem";
-+static void ssl_log(int level, const char* msg)
-+{ csync_debug(level, "%s", msg); }
-+
-+static const char *ssl_keyfile = ETCDIR "/csync2_ssl_key.pem";
-+static const char *ssl_certfile = ETCDIR "/csync2_ssl_cert.pem";
- 
- int conn_activate_ssl(int server_role)
- {
--	static int sslinit = 0;
-+	gnutls_alert_description_t alrt;
-+	int err;
- 
- 	if (csync_conn_usessl)
- 		return 0;
- 
--	if (!sslinit) {
--		SSL_load_error_strings();
--		SSL_library_init();
--		sslinit=1;
-+	gnutls_global_init();
-+	gnutls_global_set_log_function(ssl_log);
-+	gnutls_global_set_log_level(10);
-+
-+	gnutls_certificate_allocate_credentials(&conn_x509_cred);
-+
-+	err = gnutls_certificate_set_x509_key_file(conn_x509_cred, ssl_certfile, ssl_keyfile, GNUTLS_X509_FMT_PEM);
-+	if(err != GNUTLS_E_SUCCESS) {
-+		gnutls_certificate_free_credentials(conn_x509_cred);
-+		gnutls_global_deinit();
-+
-+		csync_fatal(
-+			"SSL: failed to use key file %s and/or certificate file %s: %s (%s)\n",
-+			ssl_keyfile,
-+			ssl_certfile,
-+			gnutls_strerror(err),
-+			gnutls_strerror_name(err)
-+		);
- 	}
- 
--	conn_ssl_meth = (server_role ? SSLv23_server_method : SSLv23_client_method)();
--	conn_ssl_ctx = SSL_CTX_new(conn_ssl_meth);
--
--	if (SSL_CTX_use_PrivateKey_file(conn_ssl_ctx, ssl_keyfile, SSL_FILETYPE_PEM) <= 0)
--		csync_fatal("SSL: failed to use key file %s.\n", ssl_keyfile);
--
--	if (SSL_CTX_use_certificate_file(conn_ssl_ctx, ssl_certfile, SSL_FILETYPE_PEM) <= 0)
--		csync_fatal("SSL: failed to use certificate file %s.\n", ssl_certfile);
-+	if(server_role) {
-+		gnutls_certificate_free_cas(conn_x509_cred);
- 
--	if (! (conn_ssl = SSL_new(conn_ssl_ctx)) )
--		csync_fatal("Creating a new SSL handle failed.\n");
--
--	gnutls_certificate_server_set_request(conn_ssl->gnutls_state, GNUTLS_CERT_REQUIRE);
-+		if(gnutls_certificate_set_x509_trust_file(conn_x509_cred, ssl_certfile, GNUTLS_X509_FMT_PEM) < 1) {
-+			gnutls_certificate_free_credentials(conn_x509_cred);
-+			gnutls_global_deinit();
-+
-+			csync_fatal(
-+				"SSL: failed to use certificate file %s as CA.\n",
-+				ssl_certfile
-+			);
-+		}
-+	} else
-+		gnutls_certificate_free_ca_names(conn_x509_cred);
- 
--	SSL_set_rfd(conn_ssl, conn_fd_in);
--	SSL_set_wfd(conn_ssl, conn_fd_out);
-+	gnutls_init(&conn_tls_session, (server_role ? GNUTLS_SERVER : GNUTLS_CLIENT));
-+	gnutls_priority_set_direct(conn_tls_session, "PERFORMANCE", NULL);
-+	gnutls_credentials_set(conn_tls_session, GNUTLS_CRD_CERTIFICATE, conn_x509_cred);
-+
-+	if(server_role) {
-+		gnutls_certificate_send_x509_rdn_sequence(conn_tls_session, 0);
-+		gnutls_certificate_server_set_request(conn_tls_session, GNUTLS_CERT_REQUIRE);
-+	}
- 
--	if ( (server_role ? SSL_accept : SSL_connect)(conn_ssl) < 1 )
--		csync_fatal("Establishing SSL connection failed.\n");
-+	gnutls_transport_set_ptr2(
-+		conn_tls_session,
-+		(gnutls_transport_ptr_t)conn_fd_in,
-+		(gnutls_transport_ptr_t)conn_fd_out
-+	);
-+
-+	err = gnutls_handshake(conn_tls_session);
-+	switch(err) {
-+	case GNUTLS_E_SUCCESS:
-+		break;
-+
-+	case GNUTLS_E_WARNING_ALERT_RECEIVED:
-+		alrt = gnutls_alert_get(conn_tls_session);
-+		fprintf(
-+			csync_debug_out,
-+			"SSL: warning alert received from peer: %d (%s).\n",
-+			alrt, gnutls_alert_get_name(alrt)
-+		);
-+		break;
-+
-+	case GNUTLS_E_FATAL_ALERT_RECEIVED:
-+		alrt = gnutls_alert_get(conn_tls_session);
-+		fprintf(
-+			csync_debug_out,
-+			"SSL: fatal alert received from peer: %d (%s).\n",
-+			alrt, gnutls_alert_get_name(alrt)
-+		);
-+
-+	default:
-+		gnutls_bye(conn_tls_session, GNUTLS_SHUT_RDWR);
-+		gnutls_deinit(conn_tls_session);
-+		gnutls_certificate_free_credentials(conn_x509_cred);
-+		gnutls_global_deinit();
-+
-+		csync_fatal(
-+			"SSL: handshake failed: %s (%s)\n",
-+			gnutls_strerror(err),
-+			gnutls_strerror_name(err)
-+		);
-+	}
- 
- 	csync_conn_usessl = 1;
- 
-@@ -155,15 +217,15 @@
- 
- int conn_check_peer_cert(const char *peername, int callfatal)
- {
--	const X509 *peercert;
-+	const gnutls_datum_t *peercerts;
-+	unsigned npeercerts;
- 	int i, cert_is_ok = -1;
- 
- 	if (!csync_conn_usessl)
- 		return 1;
- 
--	peercert = SSL_get_peer_certificate(conn_ssl);
--
--	if (!peercert || peercert->size <= 0) {
-+	peercerts = gnutls_certificate_get_peers(conn_tls_session, &npeercerts);
-+	if(peercerts == NULL || npeercerts == 0) {
- 		if (callfatal)
- 			csync_fatal("Peer did not provide an SSL X509 cetrificate.\n");
- 		csync_debug(1, "Peer did not provide an SSL X509 cetrificate.\n");
-@@ -171,11 +233,11 @@
- 	}
- 
- 	{
--		char certdata[peercert->size*2 + 1];
-+		char certdata[2*peercerts[0].size + 1];
- 
--		for (i=0; i<peercert->size; i++)
--			sprintf(certdata+i*2, "%02X", peercert->data[i]);
--		certdata[peercert->size*2] = 0;
-+		for (i=0; i<peercerts[0].size; i++)
-+			sprintf(&certdata[2*i], "%02X", peercerts[0].data[i]);
-+		certdata[2*i] = 0;
- 
- 		SQL_BEGIN("Checking peer x509 certificate.",
- 			"SELECT certdata FROM x509_cert WHERE peername = '%s'",
-@@ -222,7 +284,12 @@
- 	if ( !conn_clisok ) return -1;
- 
- #ifdef HAVE_LIBGNUTLS_OPENSSL
--	if ( csync_conn_usessl ) SSL_free(conn_ssl);
-+	if ( csync_conn_usessl ) {
-+		gnutls_bye(conn_tls_session, GNUTLS_SHUT_RDWR);
-+		gnutls_deinit(conn_tls_session);
-+		gnutls_certificate_free_credentials(conn_x509_cred);
-+		gnutls_global_deinit();
-+	}
- #endif
- 
- 	if ( conn_fd_in != conn_fd_out) close(conn_fd_in);
-@@ -239,7 +306,7 @@
- {
- #ifdef HAVE_LIBGNUTLS_OPENSSL
- 	if (csync_conn_usessl)
--		return SSL_read(conn_ssl, buf, count);
-+		return gnutls_record_recv(conn_tls_session, buf, count);
- 	else
- #endif
- 		return read(conn_fd_in, buf, count);
-@@ -251,7 +318,7 @@
- 
- #ifdef HAVE_LIBGNUTLS_OPENSSL
- 	if (csync_conn_usessl)
--		return SSL_write(conn_ssl, buf, count);
-+		return gnutls_record_send(conn_tls_session, buf, count);
- 	else
- #endif
- 	{
---- configure.ac
-+++ configure.ac
-@@ -17,11 +17,10 @@
- # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
- 
- # Process this file with autoconf to produce a configure script.
--AC_INIT(csync2, 1.34, clifford@clifford.at)
-+AC_INIT([csync2], [1.34], clifford@clifford.at)
- AM_INIT_AUTOMAKE
- 
- AC_CONFIG_SRCDIR(csync2.c)
--AM_CONFIG_HEADER(config.h)
- 
- # Use /etc and /var instead of $prefix/...
- test "$localstatedir" = '${prefix}/var' && localstatedir=/var
-@@ -32,6 +31,7 @@
- AC_PROG_INSTALL
- AC_PROG_YACC
- AM_PROG_LEX
-+PKG_PROG_PKG_CONFIG
- 
- # Check for librsync.
- AC_ARG_WITH([librsync-source],
-@@ -58,19 +58,10 @@
- 
- if test "$enable_gnutls" != no
- then
--
--	# Check for gnuTLS.
--	AM_PATH_LIBGNUTLS(1.0.0, , [ AC_MSG_ERROR([[gnutls not found; install gnutls, gnutls-openssl and libtasn1 packages for your system or run configure with --disable-gnutls]]) ])
--
--	# This is a bloody hack for fedora core
--	CFLAGS="$CFLAGS $LIBGNUTLS_CFLAGS"
--	LIBS="$LIBS $LIBGNUTLS_LIBS -ltasn1"
--
--	# Check gnuTLS SSL compatibility lib.
--	AC_CHECK_LIB([gnutls-openssl], [SSL_new], , [AC_MSG_ERROR([[gnutls-openssl not found; install gnutls, gnutls-openssl and libtasn1 packages for your system or run configure with --disable-gnutls]])])
--
-+  PKG_CHECK_MODULES([LIBGNUTLS], [gnutls] , [AC_DEFINE(HAVE_LIBGNUTLS_OPENSSL, 1, [Define to 1 if GnuTLS is available])])
- fi
- 
-+AM_CONFIG_HEADER([config.h])
- AC_CONFIG_FILES([Makefile])
- AC_OUTPUT
- 
---- Makefile.am
-+++ Makefile.am
-@@ -24,6 +24,8 @@
- csync2_SOURCES = action.c cfgfile_parser.y cfgfile_scanner.l check.c	\
-                  checktxt.c csync2.c daemon.c db.c error.c getrealfn.c	\
-                  groups.c rsync.c update.c urlencode.c conn.c prefixsubst.c
-+csync2_LDADD = @LIBGNUTLS_LIBS@
-+csync2_CFLAGS = @LIBGNUTLS_CFLAGS@
- 
- AM_YFLAGS = -d
- BUILT_SOURCES = cfgfile_parser.h
author	Michael Mair-Keimberger (asterix) <m.mairkeimberger@gmail.com>	2017-02-10 16:45:57 +0100
committer	David Seifert <soap@gentoo.org>	2017-02-10 23:33:00 +0100
commit	ba4f45b4c9be98b45f7e9ae4e35ed967f56d4236 (patch)
tree	eb0f4e952eebd01e11773bf200151c9c9c42f5c9
parent	sys-cluster/cman: remove unused file (diff)
download	gentoo-ba4f45b4c9be98b45f7e9ae4e35ed967f56d4236.tar.gz gentoo-ba4f45b4c9be98b45f7e9ae4e35ed967f56d4236.tar.bz2 gentoo-ba4f45b4c9be98b45f7e9ae4e35ed967f56d4236.zip