Add ssl3-test-failure.patch

Add ssl3-test-failure.patch from the official PKGBUILD. modified: .SRCINFO modified: PKGBUILD new file: ssl3-test-failure.patch
author: Yishen Miao 2016-03-07 23:25:09 +0000
committer: Yishen Miao 2016-03-07 23:25:09 +0000
commit: 5eff8157c66c91e6af45a8d5f880b8d54efd46ac (patch)
tree: acc7c0e3d1af4e0c77472fe0c635f8f03297ee25
parent: 48c734cb44031029eb7c18407f6107d844e12108 (diff)
download: aur-5eff8157c66c91e6af45a8d5f880b8d54efd46ac.tar.gz
3 files changed, 42 insertions, 8 deletions
diff --git a/.SRCINFO b/.SRCINFO
index 34211f492e9e..6433fe6c86ea 100644
--- a/.SRCINFO
+++ b/.SRCINFO
@@ -1,14 +1,13 @@
 # Generated by mksrcinfo v8
-# Fri Mar  4 00:48:57 UTC 2016
+# Mon Mar  7 23:18:34 UTC 2016
 pkgbase = openssl-chacha20
 	pkgdesc = The Open Source toolkit for Secure Sockets Layer and Transport Layer Security with Chacha20 cipher
 	pkgver = 1.0.2.g
-	pkgrel = 1
+	pkgrel = 3
 	url = https://www.openssl.org
 	arch = i686
 	arch = x86_64
 	license = custom:BSD
-	depends = zlib
 	depends = perl
 	optdepends = ca-certificates
 	provides = openssl=1.0.2.g
@@ -18,11 +17,13 @@ pkgbase = openssl-chacha20
 	source = https://www.openssl.org/source/openssl-1.0.2g.tar.gz
 	source = https://www.openssl.org/source/openssl-1.0.2g.tar.gz.asc
 	source = no-rpath.patch
+	source = ssl3-test-failure.patch
 	source = ca-dir.patch
 	source = openssl__chacha20_poly1305_draft_and_rfc_ossl102g.patch
 	sha256sums = b784b1b3907ce39abf4098702dade6365522a253ad1552e267a9a0e89594aa33
 	sha256sums = SKIP
 	sha256sums = 754d6107a306311e15a1db6a1cc031b81691c8b9865e8809ac60ca6f184c957c
+	sha256sums = c54ae87c602eaa1530a336ab7c6e22e12898e1941012349c153e52553df64a13
 	sha256sums = 9e8126f3a748f4c1d6fe34d4436de72b16a40e97a6d18234d2e88caa179d50c4
 	sha256sums = 09a2e88f95d8cd12bd9c23cd87554ab700fb1625a848c0502951849fb1d564fc
 
diff --git a/PKGBUILD b/PKGBUILD
index d86200fcecc5..8f9bf612b1c5 100644
--- a/PKGBUILD
+++ b/PKGBUILD
@@ -7,25 +7,27 @@ _ver=1.0.2g
 # use a pacman compatible version scheme
 pkgver=${_ver/[a-z]/.${_ver//[0-9.]/}}
 #pkgver=$_ver
-pkgrel=1
+pkgrel=3
 pkgdesc='The Open Source toolkit for Secure Sockets Layer and Transport Layer Security with Chacha20 cipher'
 arch=('i686' 'x86_64')
 url='https://www.openssl.org'
 license=('custom:BSD')
-depends=('zlib' 'perl')
-conflicts=('openssl')
-provides=("openssl=${pkgver}")
+depends=('perl')
 optdepends=('ca-certificates')
 options=('!makeflags')
 backup=('etc/ssl/openssl.cnf')
+conflicts=('openssl')
+provides=("openssl=${pkgver}")
 source=("https://www.openssl.org/source/${_pkgname}-${_ver}.tar.gz"
 	"https://www.openssl.org/source/${_pkgname}-${_ver}.tar.gz.asc"
 	'no-rpath.patch'
+	'ssl3-test-failure.patch'
 	'ca-dir.patch'
 	'openssl__chacha20_poly1305_draft_and_rfc_ossl102g.patch')
 sha256sums=('b784b1b3907ce39abf4098702dade6365522a253ad1552e267a9a0e89594aa33'
 	'SKIP'
 	'754d6107a306311e15a1db6a1cc031b81691c8b9865e8809ac60ca6f184c957c'
+	'c54ae87c602eaa1530a336ab7c6e22e12898e1941012349c153e52553df64a13'
 	'9e8126f3a748f4c1d6fe34d4436de72b16a40e97a6d18234d2e88caa179d50c4'
 	'09a2e88f95d8cd12bd9c23cd87554ab700fb1625a848c0502951849fb1d564fc')
 validpgpkeys=('8657ABB260F056B1E5190839D9C4D26D0E604491')
@@ -35,8 +37,13 @@ prepare() {
 
 	# remove rpath: http://bugs.archlinux.org/task/14367
 	patch -p0 -i $srcdir/no-rpath.patch
+
+	# disable a test that fails when ssl3 is disabled
+	patch -p1 -i $srcdir/ssl3-test-failure.patch
+
 	# set ca dir to /etc/ssl by default
 	patch -p0 -i $srcdir/ca-dir.patch
+
 	# Cloudflare patch
 	# https://github.com/cloudflare/sslconfig/blob/master/patches/openssl__chacha20_poly1305_draft_and_rfc_ossl102g.patch
 	patch -p1 -i $srcdir/openssl__chacha20_poly1305_draft_and_rfc_ossl102g.patch
@@ -55,7 +62,7 @@ build() {
 
 	# mark stack as non-executable: http://bugs.archlinux.org/task/12434
 	./Configure --prefix=/usr --openssldir=/etc/ssl --libdir=lib \
-		shared zlib ${optflags} \
+		shared no-ssl3-method ${optflags} \
 		"${openssltarget}" \
 		"-Wa,--noexecstack ${CPPFLAGS} ${CFLAGS} ${LDFLAGS}"
 
diff --git a/ssl3-test-failure.patch b/ssl3-test-failure.patch
new file mode 100644
index 000000000000..d161c3d4a593
--- /dev/null
+++ b/ssl3-test-failure.patch
@@ -0,0 +1,26 @@
+From: Kurt Roeckx <kurt@roeckx.be>
+Date: Sun, 6 Sep 2015 16:04:11 +0200
+Subject: Disable SSLv3 test in test suite
+
+When testing SSLv3 the test program returns 0 for skip.  The test for weak DH
+expects a failure, but gets success.
+
+It should probably be changed to return something other than 0 for a skipped
+test.
+---
+ test/testssl | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/test/testssl b/test/testssl
+index 747e4ba..1e4370b 100644
+--- a/test/testssl
++++ b/test/testssl
+@@ -160,7 +160,7 @@ test_cipher() {
+ }
+ 
+ echo "Testing ciphersuites"
+-for protocol in TLSv1.2 SSLv3; do
++for protocol in TLSv1.2; do
+   echo "Testing ciphersuites for $protocol"
+   for cipher in `../util/shlib_wrap.sh ../apps/openssl ciphers "RSA+$protocol" | tr ':' ' '`; do
+     test_cipher $cipher $protocol
author	Yishen Miao	2016-03-07 23:25:09 +0000
committer	Yishen Miao	2016-03-07 23:25:09 +0000
commit	5eff8157c66c91e6af45a8d5f880b8d54efd46ac (patch)
tree	acc7c0e3d1af4e0c77472fe0c635f8f03297ee25
parent	48c734cb44031029eb7c18407f6107d844e12108 (diff)
download	aur-5eff8157c66c91e6af45a8d5f880b8d54efd46ac.tar.gz