Current-Users archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: openssl breakage: apache2, kdelibs3, mutt-devel



On Wed, Aug 26, 2009 at 12:30:54AM +0900, Takahiro Kambe wrote:
> More patches which I coudn't test completly.
> 
> www/apache2:
> 
> --- modules/ssl/ssl_engine_init.c.orig        2007-12-29 00:07:53.000000000 
> +0900
> +++ modules/ssl/ssl_engine_init.c     2009-08-26 00:25:10.000000000 +0900
> @@ -531,7 +531,7 @@
>              ssl_die();
>          }
>  
> -        SSL_CTX_set_client_CA_list(ctx, (STACK *)ca_list);
> +        SSL_CTX_set_client_CA_list(ctx, (STACK_OF(X509_NAME) *)ca_list);
>      }
>  
>      /*
> 
> --- modules/ssl/ssl_engine_kernel.c.orig      2007-05-09 08:08:47.000000000 
> +0900
> +++ modules/ssl/ssl_engine_kernel.c   2009-08-26 00:28:39.000000000 +0900
> @@ -550,7 +550,7 @@
>                   * sk_X509_shift-ed the peer cert out of the chain.
>                   * we put it back here for the purpose of 
> quick_renegotiation.
>                   */
> -                cert_stack = sk_new_null();
> +                cert_stack = sk_X509_new_null();
>                  sk_X509_push(cert_stack, MODSSL_PCHAR_CAST cert);
>              }

Thank you.

The attached patch makes www/apache2 compile. Ok to commit?
 Thomas
Index: distinfo
===================================================================
RCS file: /cvsroot/pkgsrc/www/apache2/distinfo,v
retrieving revision 1.54
diff -u -r1.54 distinfo
--- distinfo    9 Aug 2008 20:33:38 -0000       1.54
+++ distinfo    26 Aug 2009 22:45:41 -0000
@@ -7,7 +7,10 @@
 SHA1 (patch-ab) = 387892276efd49fd081a187c1123de26fb6486ba
 SHA1 (patch-ac) = 515043b5c215d49fe8f6d3191b502c978e2a2dad
 SHA1 (patch-ad) = 088d6ff0e7a8acfe70b4f85a6ce58d42c935fd13
+SHA1 (patch-ae) = dda7fbd2561486b15b8436c47ccf1d4f9afa5df0
+SHA1 (patch-af) = 8400ae084e31026e9d8143a0246aa3e65166f380
 SHA1 (patch-ag) = 78dcb023f524ef65928b529320932c9664ec0d01
+SHA1 (patch-ah) = 98ddcd204363d62bdb0ba78065d24ee893bea568
 SHA1 (patch-ai) = 4dc88c15b0525a5aabc80d5c2a0720cd260629de
 SHA1 (patch-ak) = f11a86b1235d5c595fa381bbb474db4fe8448215
 SHA1 (patch-al) = 9af7b6c56177d971e135f0a00b3ab9ded5d1b6dd
Index: patches/patch-ae
===================================================================
RCS file: patches/patch-ae
diff -N patches/patch-ae
--- /dev/null   1 Jan 1970 00:00:00 -0000
+++ patches/patch-ae    26 Aug 2009 22:45:41 -0000
@@ -0,0 +1,13 @@
+$NetBSD$
+
+--- modules/ssl/ssl_engine_init.c.orig 2007-12-28 15:07:53.000000000 +0000
++++ modules/ssl/ssl_engine_init.c
+@@ -531,7 +531,7 @@ static void ssl_init_ctx_verify(server_r
+             ssl_die();
+         }
+ 
+-        SSL_CTX_set_client_CA_list(ctx, (STACK *)ca_list);
++        SSL_CTX_set_client_CA_list(ctx, (STACK_OF(X509_NAME) *)ca_list);
+     }
+ 
+     /*
Index: patches/patch-af
===================================================================
RCS file: patches/patch-af
diff -N patches/patch-af
--- /dev/null   1 Jan 1970 00:00:00 -0000
+++ patches/patch-af    26 Aug 2009 22:45:41 -0000
@@ -0,0 +1,13 @@
+$NetBSD$
+
+--- modules/ssl/ssl_util_ssl.c.orig    2006-07-12 07:40:55.000000000 +0000
++++ modules/ssl/ssl_util_ssl.c
+@@ -466,7 +466,7 @@ int SSL_CTX_use_certificate_chain(
+     X509 *x509;
+     unsigned long err;
+     int n;
+-    STACK *extra_certs;
++    STACK_OF(X509) *extra_certs;
+ 
+     if ((bio = BIO_new(BIO_s_file_internal())) == NULL)
+         return -1;
Index: patches/patch-ah
===================================================================
RCS file: patches/patch-ah
diff -N patches/patch-ah
--- /dev/null   1 Jan 1970 00:00:00 -0000
+++ patches/patch-ah    26 Aug 2009 22:45:41 -0000
@@ -0,0 +1,13 @@
+$NetBSD$
+
+--- modules/ssl/ssl_engine_kernel.c.orig       2007-05-08 23:08:47.000000000 
+0000
++++ modules/ssl/ssl_engine_kernel.c
+@@ -550,7 +550,7 @@ int ssl_hook_Access(request_rec *r)
+                  * sk_X509_shift-ed the peer cert out of the chain.
+                  * we put it back here for the purpose of quick_renegotiation.
+                  */
+-                cert_stack = sk_new_null();
++                cert_stack = sk_X509_new_null();
+                 sk_X509_push(cert_stack, MODSSL_PCHAR_CAST cert);
+             }
+ 


Home | Main Index | Thread Index | Old Index