summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authororbea <orbea@riseup.net>2023-05-31 07:16:46 -0700
committerSam James <sam@gentoo.org>2023-06-07 17:19:10 +0100
commit3892b973f9dabb5a5f0cd304d96475223ccbc34d (patch)
tree925e0b44a62543d1a2f4c7883285fd41019f3776 /net-vpn
parentdev-lang/python: Stabilize 3.9.17 arm64, #908016 (diff)
downloadgentoo-3892b973f9dabb5a5f0cd304d96475223ccbc34d.tar.gz
gentoo-3892b973f9dabb5a5f0cd304d96475223ccbc34d.tar.bz2
gentoo-3892b973f9dabb5a5f0cd304d96475223ccbc34d.zip
net-vpn/tor: update upstream libressl patch
With LibreSSL 3.8.0 some functions which have been deprecated in OpenSSL 3.0 were removed for security reasons. This patch which was accepted upstream by Tor disables some code that uses one of these functions with the newer LibreSSL 3.8.0 version. Bug: https://bugs.gentoo.org/903001 Upstream-PR: https://gitlab.torproject.org/tpo/core/tor/-/merge_requests/713 Upstream-Commit: https://gitlab.torproject.org/tpo/core/tor/-/commit/9850dc59c0db5cbcadc314be8d324a992880fce1 Signed-off-by: orbea <orbea@riseup.net> Closes: https://github.com/gentoo/gentoo/pull/31245 Signed-off-by: Sam James <sam@gentoo.org>
Diffstat (limited to 'net-vpn')
-rw-r--r--net-vpn/tor/files/tor-0.4.7.13-libressl.patch41
1 files changed, 41 insertions, 0 deletions
diff --git a/net-vpn/tor/files/tor-0.4.7.13-libressl.patch b/net-vpn/tor/files/tor-0.4.7.13-libressl.patch
index 76d52fd1c54e..bba0c45f3fc3 100644
--- a/net-vpn/tor/files/tor-0.4.7.13-libressl.patch
+++ b/net-vpn/tor/files/tor-0.4.7.13-libressl.patch
@@ -1,5 +1,7 @@
Upstream-MR: https://gitlab.torproject.org/tpo/core/tor/-/merge_requests/598
Upstream-Commit: https://gitlab.torproject.org/tpo/core/tor/-/commit/da52d7206a4a8e4fa8b5e80b5ed73de50fbe8692
+Upstream-MR: https://gitlab.torproject.org/tpo/core/tor/-/merge_requests/713
+Upstream-Commit: https://gitlab.torproject.org/tpo/core/tor/-/commit/9850dc59c0db5cbcadc314be8d324a992880fce1
From f3dabd705f26c56076934323f24b5b05ecdfd39c Mon Sep 17 00:00:00 2001
From: "Alex Xu (Hello71)" <alex_y_xu@yahoo.ca>
@@ -159,3 +161,42 @@ index 0000000000..faf04941b6
--
GitLab
+From 9850dc59c0db5cbcadc314be8d324a992880fce1 Mon Sep 17 00:00:00 2001
+From: orbea <orbea@riseup.net>
+Date: Mon, 29 May 2023 12:56:37 -0700
+Subject: [PATCH] tls: Disable a warning with LibreSSL >= 3.8.0
+
+Skip a warning using EC_GFp_nist_method() which was removed in LibreSSL
+3.8.
+
+Based on a patch from OpenBSD.
+
+https://github.com/openbsd/ports/commit/33fe251a08cb11f30ce6094a2e0759c3bb63ed16
+
+These functions are deprecated since OpenSSL 3.0.
+
+https://www.openssl.org/docs/man3.1/man3/EC_GFp_nist_method.html
+---
+ src/lib/tls/tortls_openssl.c | 6 ++++--
+ 1 file changed, 4 insertions(+), 2 deletions(-)
+
+diff --git a/src/lib/tls/tortls_openssl.c b/src/lib/tls/tortls_openssl.c
+index 12260c09d3..c0a89ac272 100644
+--- a/src/lib/tls/tortls_openssl.c
++++ b/src/lib/tls/tortls_openssl.c
+@@ -340,8 +340,10 @@ tor_tls_init(void)
+ SSL_load_error_strings();
+ #endif /* defined(OPENSSL_1_1_API) */
+
+-#if (SIZEOF_VOID_P >= 8 && \
+- OPENSSL_VERSION_NUMBER >= OPENSSL_V_SERIES(1,0,1))
++#if (SIZEOF_VOID_P >= 8 && \
++ OPENSSL_VERSION_NUMBER >= OPENSSL_V_SERIES(1,0,1) && \
++ (!defined(LIBRESSL_VERSION_NUMBER) || \
++ LIBRESSL_VERSION_NUMBER < 0x3080000fL))
+ long version = tor_OpenSSL_version_num();
+
+ /* LCOV_EXCL_START : we can't test these lines on the same machine */
+--
+GitLab
+