dev-libs/Ice/files/Ice-3.6.3-libressl.patch


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164

From cbbac2c31a04e956261489ce75c962be7e2454ae Mon Sep 17 00:00:00 2001
From: Joe George <joe@zeroc.com>
Date: Mon, 12 Dec 2016 11:51:41 -0500
Subject: [PATCH] ICE-7445 - Add libressl build support

---
 cpp/src/IceSSL/OpenSSLEngine.cpp       | 20 ++++++++++----------
 cpp/src/IceSSL/OpenSSLTransceiverI.cpp |  6 +++---
 cpp/src/IceSSL/Util.cpp                |  8 ++++----
 3 files changed, 17 insertions(+), 17 deletions(-)

diff --git a/cpp/src/IceSSL/OpenSSLEngine.cpp b/cpp/src/IceSSL/OpenSSLEngine.cpp
index 8c45950..7360d06 100644
--- a/cpp/src/IceSSL/OpenSSLEngine.cpp
+++ b/cpp/src/IceSSL/OpenSSLEngine.cpp
@@ -43,7 +43,7 @@ IceUtil::Mutex* staticMutex = 0;
 int instanceCount = 0;
 bool initOpenSSL = false;
 
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
 IceUtil::Mutex* locks = 0;
 #endif
 
@@ -59,10 +59,10 @@ class Init
     ~Init()
     {
         //
-        // OpenSSL 1.1.0 introduces a new thread API and removes 
+        // OpenSSL 1.1.0 introduces a new thread API and removes
         // the need to use a custom thread callback.
         //
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
         CRYPTO_set_locking_callback(0);
         CRYPTO_set_id_callback(0);
 
@@ -84,10 +84,10 @@ extern "C"
 {
 
 //
-// OpenSSL 1.1.0 introduces a new thread API and removes 
+// OpenSSL 1.1.0 introduces a new thread API and removes
 // the need to use a custom thread callback.
 //
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
 //
 // OpenSSL mutex callback.
 //
@@ -158,7 +158,7 @@ IceSSL_opensslPasswordCallback(char* buf, int size, int flag, void* userData)
 DH*
 IceSSL_opensslDHCallback(SSL* ssl, int /*isExport*/, int keyLength)
 {
-#  if OPENSSL_VERSION_NUMBER >= 0x10100000L
+#  if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
     SSL_CTX* ctx = SSL_get_SSL_CTX(ssl);
 #  else
     SSL_CTX* ctx = ssl->ctx;
@@ -219,7 +219,7 @@ OpenSSLEngine::OpenSSLEngine(const CommunicatorPtr& communicator) :
             //
             // OpenSSL 1.1.0 remove the need for library initialization and cleanup.
             //
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
             //
             // Create the mutexes and set the callbacks.
             //
@@ -326,7 +326,7 @@ OpenSSLEngine::~OpenSSLEngine()
 //
 // OpenSSL 1.1.0 remove the need for library initialization and cleanup.
 //
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
     //
     // Clean up OpenSSL resources.
     //
@@ -399,7 +399,7 @@ OpenSSLEngine::initialize()
                                                     "IceSSL: unable to create SSL context:\n" + sslErrors());
             }
 
-#if OPENSSL_VERSION_NUMBER >= 0x10100000L
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
             int securityLevel = properties->getPropertyAsIntWithDefault(propPrefix + "SecurityLevel", -1);
             if(securityLevel != -1)
             {
@@ -954,7 +954,7 @@ OpenSSLEngine::parseProtocols(const StringSeq& protocols) const
 SSL_METHOD*
 OpenSSLEngine::getMethod(int /*protocols*/)
 {
-#if OPENSSL_VERSION_NUMBER >= 0x10100000L
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
     SSL_METHOD* meth = const_cast<SSL_METHOD*>(TLS_method());
 #else
     //
diff --git a/cpp/src/IceSSL/OpenSSLTransceiverI.cpp b/cpp/src/IceSSL/OpenSSLTransceiverI.cpp
index d66c5eb..9f07044 100644
--- a/cpp/src/IceSSL/OpenSSLTransceiverI.cpp
+++ b/cpp/src/IceSSL/OpenSSLTransceiverI.cpp
@@ -36,7 +36,7 @@ using namespace IceSSL;
 //
 // See: http://cvs.openssl.org/chngview?cn=22569
 //
-#if defined(OPENSSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER < 0x100000bfL
+#if defined(OPENSSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER < 0x100000bfL && !defined(LIBRESSL_VERSION_NUMBER)
 namespace
 {
 
@@ -156,13 +156,13 @@ IceSSL::TransceiverI::initialize(IceInternal::Buffer& readBuffer, IceInternal::B
         //
         // See: http://cvs.openssl.org/chngview?cn=22569
         //
-#if defined(OPENSSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER < 0x100000bfL
+#if defined(OPENSSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER < 0x100000bfL && !defined(LIBRESSL_VERSION_NUMBER)
         IceUtilInternal::MutexPtrLock<IceUtil::Mutex> sync(sslMutex);
 #endif
 
         int ret = _incoming ? SSL_accept(_ssl) : SSL_connect(_ssl);
 
-#if defined(OPENSSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER < 0x100000bfL
+#if defined(OPENSSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER < 0x100000bfL && !defined(LIBRESSL_VERSION_NUMBER)
         sync.release();
 #endif
         if(ret <= 0)
diff --git a/cpp/src/IceSSL/Util.cpp b/cpp/src/IceSSL/Util.cpp
index a60ee4c..50c47f3 100644
--- a/cpp/src/IceSSL/Util.cpp
+++ b/cpp/src/IceSSL/Util.cpp
@@ -110,7 +110,7 @@ namespace
 {
 
 #  ifndef OPENSSL_NO_DH
-#    if OPENSSL_VERSION_NUMBER < 0x10100000L
+#    if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
 
 // The following arrays are predefined Diffie Hellman group parameters.
 // These are known strong primes, distributed with the OpenSSL library
@@ -228,7 +228,7 @@ unsigned char dh4096_g[] = { 0x02 };
 //
 // With OpenSSL 1.1.0 is no longer possible to acess the DH p and g
 // data members to set the DH params. We still use the same default
-// parameters but they were converted to DER format using 
+// parameters but they were converted to DER format using
 // i2d_DHparams and can be restored using d2i_DHparams
 
 unsigned char dh512[] =
@@ -338,7 +338,7 @@ unsigned char dh4096[] =
 //
 // Convert a predefined parameter set into a DH value.
 //
-#    if OPENSSL_VERSION_NUMBER >= 0x10100000L
+#    if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
 static DH*
 convertDH(const unsigned char* buf, int len)
 {
@@ -428,7 +428,7 @@ IceSSL::DHParams::get(int keyLength)
     // No match found. Use one of the predefined parameter sets instead.
     //
     IceUtil::Mutex::Lock sync(*this);
-#    if OPENSSL_VERSION_NUMBER >= 0x10100000L
+#    if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
     if(keyLength >= 4096)
     {
         if(!_dh4096)