openpkg-packages/nail/nail.patch

Upstream vendor fixes for building against OpenSSL 1.0

Index: makeconfig
--- makeconfig.orig	2007-04-14 17:24:28.000000000 +0200
+++ makeconfig	2010-04-18 12:52:05.000000000 +0200
@@ -393,6 +393,25 @@
 !
 fi
 
+if test x$have_openssl = xyes
+then
+	compile_check stack_of 'for STACK_OF()' '#define HAVE_STACK_OF' <<\!
+#include <openssl/ssl.h>
+#include <openssl/err.h>
+#include <openssl/x509v3.h>
+#include <openssl/x509.h>
+#include <openssl/rand.h>
+
+int main(void)
+{
+	STACK_OF(GENERAL_NAME)	*gens = NULL;
+	printf("%p", gens);	/* to make it used */
+	SSLv23_client_method();
+	PEM_read_PrivateKey(0, 0, 0, 0);
+	return 0;
+}
+!
+fi
 
 cat >$tmp2.c <<\!
 #include <gssapi/gssapi.h>
Index: openssl.c
--- openssl.c.orig	2007-08-04 13:38:03.000000000 +0200
+++ openssl.c	2010-04-18 12:52:05.000000000 +0200
@@ -38,7 +38,7 @@
 
 #ifndef lint
 #ifdef	DOSCCS
-static char sccsid[] = "@(#)openssl.c	1.25 (gritter) 8/4/07";
+static char sccsid[] = "@(#)openssl.c	1.26 (gritter) 5/26/09";
 #endif
 #endif /* not lint */
 
@@ -101,12 +101,17 @@
 static int ssl_rand_init(void);
 static void ssl_init(void);
 static int ssl_verify_cb(int success, X509_STORE_CTX *store);
-static SSL_METHOD *ssl_select_method(const char *uhp);
+static const SSL_METHOD *ssl_select_method(const char *uhp);
 static void ssl_load_verifications(struct sock *sp);
 static void ssl_certificate(struct sock *sp, const char *uhp);
 static enum okay ssl_check_host(const char *server, struct sock *sp);
+#ifdef HAVE_STACK_OF
+static int smime_verify(struct message *m, int n, STACK_OF(X509) *chain,
+		X509_STORE *store);
+#else
 static int smime_verify(struct message *m, int n, STACK *chain,
 		X509_STORE *store);
+#endif
 static EVP_CIPHER *smime_cipher(const char *name);
 static int ssl_password_cb(char *buf, int size, int rwflag, void *userdata);
 static FILE *smime_sign_cert(const char *xname, const char *xname2, int warn);
@@ -203,10 +208,10 @@
 	return 1;
 }
 
-static SSL_METHOD *
+static const SSL_METHOD *
 ssl_select_method(const char *uhp)
 {
-	SSL_METHOD *method;
+	const SSL_METHOD *method;
 	char	*cp;
 
 	cp = ssl_method_string(uhp);
@@ -308,7 +313,11 @@
 	X509 *cert;
 	X509_NAME *subj;
 	char data[256];
+#ifdef HAVE_STACK_OF
+	STACK_OF(GENERAL_NAME)	*gens;
+#else
 	/*GENERAL_NAMES*/STACK	*gens;
+#endif
 	GENERAL_NAME	*gen;
 	int	i;
 
@@ -357,7 +366,8 @@
 
 	ssl_init();
 	ssl_set_vrfy_level(uhp);
-	if ((sp->s_ctx = SSL_CTX_new(ssl_select_method(uhp))) == NULL) {
+	if ((sp->s_ctx =
+	     SSL_CTX_new((SSL_METHOD *)ssl_select_method(uhp))) == NULL) {
 		ssl_gen_err(catgets(catd, CATSET, 261, "SSL_CTX_new() failed"));
 		return STOP;
 	}
@@ -496,7 +506,11 @@
 }
 
 static int
+#ifdef HAVE_STACK_OF
+smime_verify(struct message *m, int n, STACK_OF(X509) *chain, X509_STORE *store)
+#else
 smime_verify(struct message *m, int n, STACK *chain, X509_STORE *store)
+#endif
 {
 	struct message	*x;
 	char	*cp, *sender, *to, *cc, *cnttype;
@@ -505,7 +519,12 @@
 	off_t	size;
 	BIO	*fb, *pb;
 	PKCS7	*pkcs7;
+#ifdef HAVE_STACK_OF
+	STACK_OF(X509)	*certs;
+	STACK_OF(GENERAL_NAME)	*gens;
+#else
 	STACK	*certs, *gens;
+#endif
 	X509	*cert;
 	X509_NAME	*subj;
 	char	data[LINESIZE];
@@ -614,7 +633,11 @@
 {
 	int	*msgvec = vp, *ip;
 	int	ec = 0;
+#ifdef HAVE_STACK_OF
+	STACK_OF(X509)	*chain = NULL;
+#else
 	STACK	*chain = NULL;
+#endif
 	X509_STORE	*store;
 	char	*ca_dir, *ca_file;
 
@@ -687,7 +710,11 @@
 	X509	*cert;
 	PKCS7	*pkcs7;
 	BIO	*bb, *yb;
+#ifdef HAVE_STACK_OF
+	STACK_OF(X509)	*certs;
+#else
 	STACK	*certs;
+#endif
 	EVP_CIPHER	*cipher;
 
 	certfile = expand((char *)certfile);
@@ -950,9 +977,14 @@
 	off_t	size;
 	BIO	*fb, *pb;
 	PKCS7	*pkcs7;
+#ifdef HAVE_STACK_OF
+	STACK_OF(X509)	*certs;
+	STACK_OF(X509)	*chain = NULL;
+#else
 	STACK	*certs;
-	X509	*cert;
 	STACK	*chain = NULL;
+#endif
+	X509	*cert;
 	enum okay	ok = OKAY;
 
 	message_number = n;