openconnect: update to 7.08, use gnutls.

configure: error: LibreSSL does not support Cisco DTLS.
Build with OpenSSL or GnuTLS instead.
This commit is contained in:
Alessio Sergi 2016-12-14 17:38:31 +01:00
parent 9afb73dc7e
commit a648103a88
2 changed files with 6 additions and 69 deletions

View file

@ -1,58 +0,0 @@
diff --git openssl-esp.c openssl-esp.c
index 8b51832..d9cde85 100644
--- openssl-esp.c
+++ openssl-esp.c
@@ -27,7 +27,7 @@
#include <openssl/evp.h>
#include <openssl/rand.h>
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
#define EVP_CIPHER_CTX_free(c) do { \
EVP_CIPHER_CTX_cleanup(c); \
@@ -85,7 +85,7 @@ static int init_esp_ciphers(struct openconnect_info *vpninfo, struct esp *esp,
}
EVP_CIPHER_CTX_set_padding(esp->cipher, 0);
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
esp->hmac = malloc(sizeof(*esp->hmac));
esp->pkt_hmac = malloc(sizeof(*esp->pkt_hmac));
if (!esp->hmac || &esp->pkt_hmac) {
diff --git openssl.c openssl.c
index 785fd2a..6007cef 100644
--- openssl.c
+++ openssl.c
@@ -36,11 +36,11 @@
#include <openssl/ui.h>
#include <openssl/rsa.h>
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
#define X509_up_ref(x) CRYPTO_add(&(x)->references, 1, CRYPTO_LOCK_X509)
#endif
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
#define EVP_MD_CTX_new EVP_MD_CTX_create
#define EVP_MD_CTX_free EVP_MD_CTX_destroy
#define X509_STORE_CTX_get0_chain(ctx) ((ctx)->chain)
@@ -991,7 +991,7 @@ static int set_peer_cert_hash(struct openconnect_info *vpninfo)
return 0;
}
-#if OPENSSL_VERSION_NUMBER < 0x10002000L
+#if OPENSSL_VERSION_NUMBER < 0x10002000L || defined(LIBRESSL_VERSION_NUMBER)
static int match_hostname_elem(const char *hostname, int helem_len,
const char *match, int melem_len)
{
@@ -1653,7 +1653,7 @@ int openconnect_open_https(struct openconnect_info *vpninfo)
* 4fcdd66fff5fea0cfa1055c6680a76a4303f28a2
* cd6bd5ffda616822b52104fee0c4c7d623fd4f53
*/
-#if OPENSSL_VERSION_NUMBER >= 0x10001070
+#if OPENSSL_VERSION_NUMBER >= 0x10001070 || defined(LIBRESSL_VERSION_NUMBER)
if (string_is_hostname(vpninfo->hostname))
SSL_set_tlsext_host_name(https_ssl, vpninfo->hostname);
#endif

View file

@ -1,27 +1,22 @@
# Template file for 'openconnect'
pkgname=openconnect
version=7.07
revision=3
version=7.08
revision=1
build_style=gnu-configure
configure_args="--sbindir=/usr/bin
--with-vpnc-script=/usr/libexec/vpnc-scripts/vpnc-script"
configure_args="--with-vpnc-script=/usr/libexec/vpnc-scripts/vpnc-script"
hostmakedepends="pkg-config"
makedepends="libressl-devel libxml2-devel zlib-devel lz4-devel"
makedepends="gnutls-devel libxml2-devel zlib-devel lz4-devel"
depends="vpnc-scripts"
short_desc="Free client for Cisco AnyConnect SSL VPN software"
maintainer="Eivind Uggedal <eivind@uggedal.com>"
license="LGPL-2.1"
homepage="http://www.infradead.org/openconnect/"
distfiles="ftp://ftp.infradead.org/pub/${pkgname}/${pkgname}-${version}.tar.gz"
checksum=f3ecfcd487dcd916748db38b4138c1e72c86347d6328b11dfe1d0af2821b8366
post_install() {
rm -f ${DESTDIR}/usr/lib/*.la
}
checksum=1c44ec1f37a6a025d1ca726b9555649417f1d31a46f747922b84099ace628a03
openconnect-devel_package() {
short_desc+=" - development files"
depends="${sourcepkg}>=${version}_${revision} zlib-devel libressl-devel libxml2-devel"
depends="${makedepends} ${sourcepkg}>=${version}_${revision}"
pkg_install() {
vmove usr/include
vmove usr/lib/*.so