diff options
author | Yishen Miao | 2016-03-07 23:25:09 +0000 |
---|---|---|
committer | Yishen Miao | 2016-03-07 23:25:09 +0000 |
commit | 5eff8157c66c91e6af45a8d5f880b8d54efd46ac (patch) | |
tree | acc7c0e3d1af4e0c77472fe0c635f8f03297ee25 | |
parent | 48c734cb44031029eb7c18407f6107d844e12108 (diff) | |
download | aur-5eff8157c66c91e6af45a8d5f880b8d54efd46ac.tar.gz |
Add ssl3-test-failure.patch
Add ssl3-test-failure.patch from the official PKGBUILD.
modified: .SRCINFO
modified: PKGBUILD
new file: ssl3-test-failure.patch
-rw-r--r-- | .SRCINFO | 7 | ||||
-rw-r--r-- | PKGBUILD | 17 | ||||
-rw-r--r-- | ssl3-test-failure.patch | 26 |
3 files changed, 42 insertions, 8 deletions
@@ -1,14 +1,13 @@ # Generated by mksrcinfo v8 -# Fri Mar 4 00:48:57 UTC 2016 +# Mon Mar 7 23:18:34 UTC 2016 pkgbase = openssl-chacha20 pkgdesc = The Open Source toolkit for Secure Sockets Layer and Transport Layer Security with Chacha20 cipher pkgver = 1.0.2.g - pkgrel = 1 + pkgrel = 3 url = https://www.openssl.org arch = i686 arch = x86_64 license = custom:BSD - depends = zlib depends = perl optdepends = ca-certificates provides = openssl=1.0.2.g @@ -18,11 +17,13 @@ pkgbase = openssl-chacha20 source = https://www.openssl.org/source/openssl-1.0.2g.tar.gz source = https://www.openssl.org/source/openssl-1.0.2g.tar.gz.asc source = no-rpath.patch + source = ssl3-test-failure.patch source = ca-dir.patch source = openssl__chacha20_poly1305_draft_and_rfc_ossl102g.patch sha256sums = b784b1b3907ce39abf4098702dade6365522a253ad1552e267a9a0e89594aa33 sha256sums = SKIP sha256sums = 754d6107a306311e15a1db6a1cc031b81691c8b9865e8809ac60ca6f184c957c + sha256sums = c54ae87c602eaa1530a336ab7c6e22e12898e1941012349c153e52553df64a13 sha256sums = 9e8126f3a748f4c1d6fe34d4436de72b16a40e97a6d18234d2e88caa179d50c4 sha256sums = 09a2e88f95d8cd12bd9c23cd87554ab700fb1625a848c0502951849fb1d564fc @@ -7,25 +7,27 @@ _ver=1.0.2g # use a pacman compatible version scheme pkgver=${_ver/[a-z]/.${_ver//[0-9.]/}} #pkgver=$_ver -pkgrel=1 +pkgrel=3 pkgdesc='The Open Source toolkit for Secure Sockets Layer and Transport Layer Security with Chacha20 cipher' arch=('i686' 'x86_64') url='https://www.openssl.org' license=('custom:BSD') -depends=('zlib' 'perl') -conflicts=('openssl') -provides=("openssl=${pkgver}") +depends=('perl') optdepends=('ca-certificates') options=('!makeflags') backup=('etc/ssl/openssl.cnf') +conflicts=('openssl') +provides=("openssl=${pkgver}") source=("https://www.openssl.org/source/${_pkgname}-${_ver}.tar.gz" "https://www.openssl.org/source/${_pkgname}-${_ver}.tar.gz.asc" 'no-rpath.patch' + 'ssl3-test-failure.patch' 'ca-dir.patch' 'openssl__chacha20_poly1305_draft_and_rfc_ossl102g.patch') sha256sums=('b784b1b3907ce39abf4098702dade6365522a253ad1552e267a9a0e89594aa33' 'SKIP' '754d6107a306311e15a1db6a1cc031b81691c8b9865e8809ac60ca6f184c957c' + 'c54ae87c602eaa1530a336ab7c6e22e12898e1941012349c153e52553df64a13' '9e8126f3a748f4c1d6fe34d4436de72b16a40e97a6d18234d2e88caa179d50c4' '09a2e88f95d8cd12bd9c23cd87554ab700fb1625a848c0502951849fb1d564fc') validpgpkeys=('8657ABB260F056B1E5190839D9C4D26D0E604491') @@ -35,8 +37,13 @@ prepare() { # remove rpath: http://bugs.archlinux.org/task/14367 patch -p0 -i $srcdir/no-rpath.patch + + # disable a test that fails when ssl3 is disabled + patch -p1 -i $srcdir/ssl3-test-failure.patch + # set ca dir to /etc/ssl by default patch -p0 -i $srcdir/ca-dir.patch + # Cloudflare patch # https://github.com/cloudflare/sslconfig/blob/master/patches/openssl__chacha20_poly1305_draft_and_rfc_ossl102g.patch patch -p1 -i $srcdir/openssl__chacha20_poly1305_draft_and_rfc_ossl102g.patch @@ -55,7 +62,7 @@ build() { # mark stack as non-executable: http://bugs.archlinux.org/task/12434 ./Configure --prefix=/usr --openssldir=/etc/ssl --libdir=lib \ - shared zlib ${optflags} \ + shared no-ssl3-method ${optflags} \ "${openssltarget}" \ "-Wa,--noexecstack ${CPPFLAGS} ${CFLAGS} ${LDFLAGS}" diff --git a/ssl3-test-failure.patch b/ssl3-test-failure.patch new file mode 100644 index 000000000000..d161c3d4a593 --- /dev/null +++ b/ssl3-test-failure.patch @@ -0,0 +1,26 @@ +From: Kurt Roeckx <kurt@roeckx.be> +Date: Sun, 6 Sep 2015 16:04:11 +0200 +Subject: Disable SSLv3 test in test suite + +When testing SSLv3 the test program returns 0 for skip. The test for weak DH +expects a failure, but gets success. + +It should probably be changed to return something other than 0 for a skipped +test. +--- + test/testssl | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/test/testssl b/test/testssl +index 747e4ba..1e4370b 100644 +--- a/test/testssl ++++ b/test/testssl +@@ -160,7 +160,7 @@ test_cipher() { + } + + echo "Testing ciphersuites" +-for protocol in TLSv1.2 SSLv3; do ++for protocol in TLSv1.2; do + echo "Testing ciphersuites for $protocol" + for cipher in `../util/shlib_wrap.sh ../apps/openssl ciphers "RSA+$protocol" | tr ':' ' '`; do + test_cipher $cipher $protocol |