From 5644b696f1bb25cc85fe2f95d6d8dad2f547127f Mon Sep 17 00:00:00 2001 From: Adrien Destugues Date: Sun, 15 Nov 2020 16:20:56 +0100 Subject: [PATCH] gloox: use system SSL certificates by default unless an explicit cacert is provided, we want to use the default certificate store, which is usually enough at least for public servers. The bug has been reported upstream as well. --- net-libs/gloox/gloox-1.0.24.recipe | 4 +-- ...-1.0.23.patchset => gloox-1.0.24.patchset} | 36 +++++++++++++++---- 2 files changed, 32 insertions(+), 8 deletions(-) rename net-libs/gloox/patches/{gloox-1.0.23.patchset => gloox-1.0.24.patchset} (73%) diff --git a/net-libs/gloox/gloox-1.0.24.recipe b/net-libs/gloox/gloox-1.0.24.recipe index 91c8f6f65..8dd3356b5 100644 --- a/net-libs/gloox/gloox-1.0.24.recipe +++ b/net-libs/gloox/gloox-1.0.24.recipe @@ -3,10 +3,10 @@ DESCRIPTION="Rock-solid, full-featured Jabber/XMPP client library, written in cl HOMEPAGE="https://camaya.net/gloox/" COPYRIGHT="2002-2020 Jakob Schröter" LICENSE="GNU GPL v2" -REVISION="1" +REVISION="2" SOURCE_URI="http://camaya.net/download/gloox-$portVersion.tar.bz2" CHECKSUM_SHA256="ae1462be2a2eb8fe5cd054825143617c53c2c9c7195606cb5a5ba68c0f68f9c9" -PATCHES="gloox-1.0.23.patchset" +PATCHES="gloox-$portVersion.patchset" ARCHITECTURES="!x86_gcc2 x86 x86_64" SECONDARY_ARCHITECTURES="!x86_gcc2 x86" diff --git a/net-libs/gloox/patches/gloox-1.0.23.patchset b/net-libs/gloox/patches/gloox-1.0.24.patchset similarity index 73% rename from net-libs/gloox/patches/gloox-1.0.23.patchset rename to net-libs/gloox/patches/gloox-1.0.24.patchset index 815fcde6e..99e2da496 100644 --- a/net-libs/gloox/patches/gloox-1.0.23.patchset +++ b/net-libs/gloox/patches/gloox-1.0.24.patchset @@ -1,11 +1,11 @@ -From 783751fbeb737cfe77cc2de445c60f07fc712226 Mon Sep 17 00:00:00 2001 +From 3a38e0ace4445b72a7f6a21c2fb5e0733f26ed25 Mon Sep 17 00:00:00 2001 From: Adrien Destugues Date: Sat, 28 Mar 2020 10:17:16 +0100 Subject: Search for network functions in libnetwork diff --git a/configure.ac b/configure.ac -index 3fa8d04..2400ecb 100644 +index 69f3abd..5f6f99d 100644 --- a/configure.ac +++ b/configure.ac @@ -318,7 +318,7 @@ AC_ARG_ENABLE( getaddrinfo, @@ -26,10 +26,10 @@ index 3fa8d04..2400ecb 100644 dnl Checks for typedefs, structures, and compiler characteristics. AC_C_CONST -- -2.24.1 +2.28.0 -From 731e87b80ac50bf884c15d234dc51c91762b95ac Mon Sep 17 00:00:00 2001 +From 6bd4a36a1228bcf8652dd39c81e1bc713026fa44 Mon Sep 17 00:00:00 2001 From: Adrien Destugues Date: Sat, 28 Mar 2020 13:10:43 +0100 Subject: Hack for detecting libnetwork internal functions @@ -38,7 +38,7 @@ These functions are found indirectly through #defines in the headers. So a normal AC_SEARCH_LIBS does not work. diff --git a/configure.ac b/configure.ac -index 2400ecb..ae03ae3 100644 +index 5f6f99d..cd617f2 100644 --- a/configure.ac +++ b/configure.ac @@ -220,7 +220,7 @@ else @@ -69,5 +69,29 @@ index 2400ecb..ae03ae3 100644 [AC_MSG_RESULT(yes) AC_DEFINE(HAVE_RES_QUERY) -- -2.24.1 +2.28.0 + + +From fcd563a33e4f7e7c394270159401597ebcf52779 Mon Sep 17 00:00:00 2001 +From: Adrien Destugues +Date: Sun, 15 Nov 2020 16:18:42 +0100 +Subject: Load system certificates. + + +diff --git a/src/tlsopensslbase.cpp b/src/tlsopensslbase.cpp +index 682f758..2a1a3b7 100644 +--- a/src/tlsopensslbase.cpp ++++ b/src/tlsopensslbase.cpp +@@ -126,6 +126,9 @@ namespace gloox + { + m_cacerts = cacerts; + ++ if (m_cacerts.empty()) ++ SSL_CTX_set_default_verify_paths( m_ctx ); ++ + StringList::const_iterator it = m_cacerts.begin(); + for( ; it != m_cacerts.end(); ++it ) + SSL_CTX_load_verify_locations( m_ctx, (*it).c_str(), 0 ); +-- +2.28.0