Browse Source

libesmtp: Fix compile with OpenSSL 1.1.0

Also switched back to official tarball.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
lilik-openwrt-22.03
Rosen Penev 6 years ago
parent
commit
ff30d1e443
3 changed files with 133 additions and 8 deletions
  1. +5
    -8
      libs/libesmtp/Makefile
  2. +92
    -0
      libs/libesmtp/patches/100-openssl-1.1.patch
  3. +36
    -0
      libs/libesmtp/patches/200-add-TLSv1_1-TLSv1_2-support.patch

+ 5
- 8
libs/libesmtp/Makefile View File

@ -9,18 +9,15 @@ include $(TOPDIR)/rules.mk
PKG_NAME:=libesmtp
PKG_VERSION:=1.0.6
PKG_RELEASE:=3
PKG_RELEASE:=4
PKG_MAINTAINER:=Othmar Truniger <github@truniger.ch>
PKG_LICENSE:=LGPL-2.0+
PKG_LICENSE_FILES:=COPYING
PKG_SOURCE_PROTO:=git
PKG_SOURCE_URL:=https://github.com/tru7/libesmtp.git
PKG_SOURCE_VERSION=10e9a6df9f76da610941addf71b9a3cbf94f2e9f
PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION)
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_MIRROR_HASH:=6f703766be05cc0cd861790ee041d1c2910b6d6e7bb8805ed739839c7801bfcc
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
PKG_SOURCE_URL:=http://brianstafford.info/libesmtp
PKG_HASH:=d0a61a5c52d99fa7ce7d00ed0a07e341dbda67101dbed1ab0cdae3f37db4eb0b
PKG_BUILD_PARALLEL:=1
PKG_INSTALL:=1
@ -31,7 +28,7 @@ define Package/libesmtp
SECTION:=libs
CATEGORY:=Libraries
TITLE:=A Library for Posting Electronic Mail
URL:=https://github.com/tru7/libesmtp.git
URL:=http://brianstafford.info/libesmtp/
DEPENDS:=+libpthread +libopenssl
endef


+ 92
- 0
libs/libesmtp/patches/100-openssl-1.1.patch View File

@ -0,0 +1,92 @@
diff --git a/configure b/configure
index d586ca2..ee39284 100755
--- a/configure
+++ b/configure
@@ -11896,9 +11896,9 @@ fi
fi
if test x$with_openssl != xno ; then
- { $as_echo "$as_me:${as_lineno-$LINENO}: checking for SSL_library_init in -lssl" >&5
-$as_echo_n "checking for SSL_library_init in -lssl... " >&6; }
-if test "${ac_cv_lib_ssl_SSL_library_init+set}" = set; then :
+ { $as_echo "$as_me:${as_lineno-$LINENO}: checking for SSL_new in -lssl" >&5
+$as_echo_n "checking for SSL_new in -lssl... " >&6; }
+if test "${ac_cv_lib_ssl_SSL_new+set}" = set; then :
$as_echo_n "(cached) " >&6
else
ac_check_lib_save_LIBS=$LIBS
@@ -11913,27 +11913,27 @@ cat confdefs.h - <<_ACEOF >conftest.$ac_ext
#ifdef __cplusplus
extern "C"
#endif
-char SSL_library_init ();
+char SSL_new ();
int
main ()
{
-return SSL_library_init ();
+return SSL_new ();
;
return 0;
}
_ACEOF
if ac_fn_c_try_link "$LINENO"; then :
- ac_cv_lib_ssl_SSL_library_init=yes
+ ac_cv_lib_ssl_SSL_new=yes
else
- ac_cv_lib_ssl_SSL_library_init=no
+ ac_cv_lib_ssl_SSL_new=no
fi
rm -f core conftest.err conftest.$ac_objext \
conftest$ac_exeext conftest.$ac_ext
LIBS=$ac_check_lib_save_LIBS
fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_ssl_SSL_library_init" >&5
-$as_echo "$ac_cv_lib_ssl_SSL_library_init" >&6; }
-if test "x$ac_cv_lib_ssl_SSL_library_init" = x""yes; then :
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_ssl_SSL_new" >&5
+$as_echo "$ac_cv_lib_ssl_SSL_new" >&6; }
+if test "x$ac_cv_lib_ssl_SSL_new" = x""yes; then :
with_openssl=yes
LIBS="-lssl -lcrypto $LIBS"
diff --git a/smtp-tls.c b/smtp-tls.c
index 9a66806..5bdc191 100644
--- a/smtp-tls.c
+++ b/smtp-tls.c
@@ -64,10 +64,12 @@ openssl_mutexcb (int mode, int n,
const char *file __attribute__ ((unused)),
int line __attribute__ ((unused)))
{
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
if (mode & CRYPTO_LOCK)
pthread_mutex_lock (&openssl_mutex[n]);
else
pthread_mutex_unlock (&openssl_mutex[n]);
+#endif
}
#endif
@@ -76,7 +78,7 @@ starttls_init (void)
{
if (tls_init)
return 1;
-
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
#ifdef USE_PTHREADS
/* Set up mutexes for the OpenSSL library */
if (openssl_mutex == NULL)
@@ -94,9 +96,12 @@ starttls_init (void)
CRYPTO_set_locking_callback (openssl_mutexcb);
}
#endif
- tls_init = 1;
SSL_load_error_strings ();
SSL_library_init ();
+#else
+ OPENSSL_init_ssl(0, NULL);
+#endif
+ tls_init = 1;
return 1;
}

+ 36
- 0
libs/libesmtp/patches/200-add-TLSv1_1-TLSv1_2-support.patch View File

@ -0,0 +1,36 @@
Description: Add TLSv1.1 and TLSv1.2 support
Origin: vendor
Bug-Debian: https://bugs.debian.org/802658
Forwarded: yes
Author: Salvatore Bonaccorso <carnil@debian.org>
Last-Update: 2015-11-07
--- a/smtp-tls.c
+++ b/smtp-tls.c
@@ -197,11 +197,24 @@ starttls_create_ctx (smtp_session_t sess
ckf_t status;
/* The decision not to support SSL v2 and v3 but instead to use only
- TLSv1 is deliberate. This is in line with the intentions of RFC
+ TLSv1.X is deliberate. This is in line with the intentions of RFC
3207. Servers typically support SSL as well as TLS because some
versions of Netscape do not support TLS. I am assuming that all
currently deployed servers correctly support TLS. */
- ctx = SSL_CTX_new (TLSv1_client_method ());
+#if (OPENSSL_VERSION_NUMBER >= 0x10100000L) && \
+ !defined(LIBRESSL_VERSION_NUMBER) && !defined(OPENSSL_IS_BORINGSSL)
+ ctx = SSL_CTX_new (TLS_client_method ());
+#else
+ ctx = SSL_CTX_new (SSLv23_client_method ());
+#endif
+
+#ifdef OPENSSL_NO_SSL3
+ SSL_CTX_set_options(ctx, SSL_OP_NO_SSLv3);
+#endif
+
+#ifdef OPENSSL_NO_SSL2
+ SSL_CTX_set_options(ctx, SSL_OP_NO_SSLv2);
+#endif
/* Load our keys and certificates. To avoid messing with configuration
variables etc, use fixed paths for the certificate store. These are

Loading…
Cancel
Save