Resolves: #1985231 - squid: FTBFS because of OpenSSL 3.0 preprocessor macro

changes
2021-08-05 22:33:36 +02:00 · 2021-08-05 22:33:36 +02:00 · c8148443e5
commit c8148443e5
parent 29551f1dea
2 changed files with 170 additions and 0 deletions
--- a/squid-5.0.6-openssl3.patch
+++ b/squid-5.0.6-openssl3.patch
@ -15,3 +15,171 @@ index 3ad135d..73912ce 100644
 static int
 ssl_dupAclChecklist(CRYPTO_EX_DATA *, const CRYPTO_EX_DATA *, void *,
                     int, long, void *)
+diff --git a/src/security/PeerOptions.cc b/src/security/PeerOptions.cc
+index cf1d4ba..4346ba5 100644
+--- a/src/security/PeerOptions.cc
+++ b/src/security/PeerOptions.cc
+@@ -297,130 +297,130 @@ static struct ssl_option {
+ 
+ } ssl_options[] = {
+ 
+-#if SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG
+#ifdef SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG
+     {
+         "NETSCAPE_REUSE_CIPHER_CHANGE_BUG", SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG
+     },
+ #endif
+-#if SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG
+#ifdef SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG
+     {
+         "SSLREF2_REUSE_CERT_TYPE_BUG", SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG
+     },
+ #endif
+-#if SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER
+#ifdef SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER
+     {
+         "MICROSOFT_BIG_SSLV3_BUFFER", SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER
+     },
+ #endif
+-#if SSL_OP_SSLEAY_080_CLIENT_DH_BUG
+#ifdef SSL_OP_SSLEAY_080_CLIENT_DH_BUG
+     {
+         "SSLEAY_080_CLIENT_DH_BUG", SSL_OP_SSLEAY_080_CLIENT_DH_BUG
+     },
+ #endif
+-#if SSL_OP_TLS_D5_BUG
+#ifdef SSL_OP_TLS_D5_BUG
+     {
+         "TLS_D5_BUG", SSL_OP_TLS_D5_BUG
+     },
+ #endif
+-#if SSL_OP_TLS_BLOCK_PADDING_BUG
+#ifdef SSL_OP_TLS_BLOCK_PADDING_BUG
+     {
+         "TLS_BLOCK_PADDING_BUG", SSL_OP_TLS_BLOCK_PADDING_BUG
+     },
+ #endif
+-#if SSL_OP_TLS_ROLLBACK_BUG
+#ifdef SSL_OP_TLS_ROLLBACK_BUG
+     {
+         "TLS_ROLLBACK_BUG", SSL_OP_TLS_ROLLBACK_BUG
+     },
+ #endif
+-#if SSL_OP_ALL
+#ifdef SSL_OP_ALL
+     {
+         "ALL", (long)SSL_OP_ALL
+     },
+ #endif
+-#if SSL_OP_SINGLE_DH_USE
+#ifdef SSL_OP_SINGLE_DH_USE
+     {
+         "SINGLE_DH_USE", SSL_OP_SINGLE_DH_USE
+     },
+ #endif
+-#if SSL_OP_EPHEMERAL_RSA
+#ifdef SSL_OP_EPHEMERAL_RSA
+     {
+         "EPHEMERAL_RSA", SSL_OP_EPHEMERAL_RSA
+     },
+ #endif
+-#if SSL_OP_PKCS1_CHECK_1
+#ifdef SSL_OP_PKCS1_CHECK_1
+     {
+         "PKCS1_CHECK_1", SSL_OP_PKCS1_CHECK_1
+     },
+ #endif
+-#if SSL_OP_PKCS1_CHECK_2
+#ifdef SSL_OP_PKCS1_CHECK_2
+     {
+         "PKCS1_CHECK_2", SSL_OP_PKCS1_CHECK_2
+     },
+ #endif
+-#if SSL_OP_NETSCAPE_CA_DN_BUG
+#ifdef SSL_OP_NETSCAPE_CA_DN_BUG
+     {
+         "NETSCAPE_CA_DN_BUG", SSL_OP_NETSCAPE_CA_DN_BUG
+     },
+ #endif
+-#if SSL_OP_NON_EXPORT_FIRST
+#ifdef SSL_OP_NON_EXPORT_FIRST
+     {
+         "NON_EXPORT_FIRST", SSL_OP_NON_EXPORT_FIRST
+     },
+ #endif
+-#if SSL_OP_CIPHER_SERVER_PREFERENCE
+#ifdef SSL_OP_CIPHER_SERVER_PREFERENCE
+     {
+         "CIPHER_SERVER_PREFERENCE", SSL_OP_CIPHER_SERVER_PREFERENCE
+     },
+ #endif
+-#if SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG
+#ifdef SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG
+     {
+         "NETSCAPE_DEMO_CIPHER_CHANGE_BUG", SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG
+     },
+ #endif
+-#if SSL_OP_NO_SSLv3
+#ifdef SSL_OP_NO_SSLv3
+     {
+         "NO_SSLv3", SSL_OP_NO_SSLv3
+     },
+ #endif
+-#if SSL_OP_NO_TLSv1
+#ifdef SSL_OP_NO_TLSv1
+     {
+         "NO_TLSv1", SSL_OP_NO_TLSv1
+     },
+ #else
+     { "NO_TLSv1", 0 },
+ #endif
+-#if SSL_OP_NO_TLSv1_1
+#ifdef SSL_OP_NO_TLSv1_1
+     {
+         "NO_TLSv1_1", SSL_OP_NO_TLSv1_1
+     },
+ #else
+     { "NO_TLSv1_1", 0 },
+ #endif
+-#if SSL_OP_NO_TLSv1_2
+#ifdef SSL_OP_NO_TLSv1_2
+     {
+         "NO_TLSv1_2", SSL_OP_NO_TLSv1_2
+     },
+ #else
+     { "NO_TLSv1_2", 0 },
+ #endif
+-#if SSL_OP_NO_TLSv1_3
+#ifdef SSL_OP_NO_TLSv1_3
+     {
+         "NO_TLSv1_3", SSL_OP_NO_TLSv1_3
+     },
+ #else
+     { "NO_TLSv1_3", 0 },
+ #endif
+-#if SSL_OP_NO_COMPRESSION
+#ifdef SSL_OP_NO_COMPRESSION
+     {
+         "No_Compression", SSL_OP_NO_COMPRESSION
+     },
+ #endif
+-#if SSL_OP_NO_TICKET
+#ifdef SSL_OP_NO_TICKET
+     {
+         "NO_TICKET", SSL_OP_NO_TICKET
+     },
+ #endif
+-#if SSL_OP_SINGLE_ECDH_USE
+#ifdef SSL_OP_SINGLE_ECDH_USE
+     {
+         "SINGLE_ECDH_USE", SSL_OP_SINGLE_ECDH_USE
+     },
+@@ -512,7 +512,7 @@ Security::PeerOptions::parseOptions()
+ 
+     }
+ 
+-#if SSL_OP_NO_SSLv2
+#ifdef SSL_OP_NO_SSLv2
+     // compliance with RFC 6176: Prohibiting Secure Sockets Layer (SSL) Version 2.0
+     op = op | SSL_OP_NO_SSLv2;
+ #endif
--- a/squid.spec
+++ b/squid.spec
@ -348,6 +348,8 @@ fi
 * Thu Aug 05 2021 Luboš Uhliarik <luhliari@redhat.com> - 7:5.1-1
 - new version 5.1
 - Resolves: #1990517 - Rebase squid to 5.1
+- Resolves: #1985231 - squid: FTBFS because of OpenSSL 3.0 preprocessor macro
+  changes

 * Wed Jun 16 2021 Mohan Boddu <mboddu@redhat.com> - 7:5.0.6-4
 - Rebuilt for RHEL 9 BETA for openssl 3.0