From c737fb227929d5b0d5f01d61464d965bd9d2b0fc Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Karel=20Ko=C4=8D=C3=AD?= <cynerd@email.cz>
Date: Mon, 5 Feb 2018 18:35:20 +0100
Subject: Try to fix vde compilation

---
 net-misc/vde/files/vde-2.3.2-format-security.patch | 18 +++++
 net-misc/vde/files/vde-2.3.2-openssl-1.1.0.patch   | 92 ++++++++++++++++++++++
 net-misc/vde/files/vde.conf-r1                     | 15 ++++
 net-misc/vde/files/vde.init-r1                     | 44 +++++++++++
 4 files changed, 169 insertions(+)
 create mode 100644 net-misc/vde/files/vde-2.3.2-format-security.patch
 create mode 100644 net-misc/vde/files/vde-2.3.2-openssl-1.1.0.patch
 create mode 100644 net-misc/vde/files/vde.conf-r1
 create mode 100644 net-misc/vde/files/vde.init-r1

(limited to 'net-misc/vde/files')

diff --git a/net-misc/vde/files/vde-2.3.2-format-security.patch b/net-misc/vde/files/vde-2.3.2-format-security.patch
new file mode 100644
index 0000000..d1cfaa5
--- /dev/null
+++ b/net-misc/vde/files/vde-2.3.2-format-security.patch
@@ -0,0 +1,18 @@
+--- a/src/common/cmdparse.c	2017-09-20 18:47:31.662856695 -0400
++++ b/src/common/cmdparse.c	2017-09-20 18:48:54.008852141 -0400
+@@ -284,13 +284,13 @@
+ 								int i;
+ 								for (i=0;i<argc;i++) {
+ 									if (i) fprintf(mf," ");
+-									fprintf(mf,argv[i]);
++									fprintf(mf,"%s",argv[i]);
+ 								}
+ 							} else {
+ 								int num=atoi(t);
+ 								while (*t >='0' && *t <= '9') t++;
+ 								if (num < argc) 
+-									fprintf(mf,argv[num]);
++									fprintf(mf,"%s",argv[num]);
+ 							}
+ 						} else
+ 							fprintf(mf,"%c",*t);
diff --git a/net-misc/vde/files/vde-2.3.2-openssl-1.1.0.patch b/net-misc/vde/files/vde-2.3.2-openssl-1.1.0.patch
new file mode 100644
index 0000000..227312e
--- /dev/null
+++ b/net-misc/vde/files/vde-2.3.2-openssl-1.1.0.patch
@@ -0,0 +1,92 @@
+--- a/src/vde_cryptcab/cryptcab.c	2011-11-23 16:41:17.000000000 +0000
++++ b/src/vde_cryptcab/cryptcab.c	2017-03-20 22:54:20.452975075 +0000
+@@ -22,7 +22,7 @@
+ 	exit(1);
+ }
+ 	
+-static EVP_CIPHER_CTX ctx;
++static EVP_CIPHER_CTX *ctx;
+ static int ctx_initialized = 0;
+ static int encryption_disabled = 0;
+ static int nfd;
+@@ -30,6 +30,10 @@
+ static struct vde_open_args open_args={.port=0,.group=NULL,.mode=0700};
+ static int verbose = 0;
+ 
++#if OPENSSL_VERSION_NUMBER < 0x10100000
++#define EVP_CIPHER_CTX_reset(x)	EVP_CIPHER_CTX_cleanup(x)
++#endif
++
+ void vc_printlog(int priority, const char *format, ...)
+ {
+ 	va_list arg;
+@@ -103,19 +107,21 @@
+ 	}
+ 
+ 	if (!ctx_initialized) {
+-		EVP_CIPHER_CTX_init (&ctx);
++		ctx = EVP_CIPHER_CTX_new ();
++		if (!ctx)
++			return -1;
+ 		ctx_initialized = 1;
+ 	}
+ 	
+-	EVP_EncryptInit (&ctx, EVP_bf_cbc (), p->key, p->iv);
+-	if (EVP_EncryptUpdate (&ctx, dst, &olen, src, len) != 1)
++	EVP_EncryptInit (ctx, EVP_bf_cbc (), p->key, p->iv);
++	if (EVP_EncryptUpdate (ctx, dst, &olen, src, len) != 1)
+ 	{
+ 		fprintf (stderr,"error in encrypt update\n");
+ 		olen = -1;
+ 		goto cleanup;
+ 	}
+ 
+-	if (EVP_EncryptFinal (&ctx, dst + olen, &tlen) != 1)
++	if (EVP_EncryptFinal (ctx, dst + olen, &tlen) != 1)
+ 	{
+ 		fprintf (stderr,"error in encrypt final\n");
+ 		olen = -1;
+@@ -124,7 +130,7 @@
+ 	olen += tlen;
+ 
+ cleanup:
+-	EVP_CIPHER_CTX_cleanup(&ctx);	
++	EVP_CIPHER_CTX_reset(ctx);
+ 	return olen;
+ }
+ 
+@@ -138,19 +144,21 @@
+ 	}
+ 	
+ 	if (!ctx_initialized) {
+-		EVP_CIPHER_CTX_init (&ctx);
++		ctx = EVP_CIPHER_CTX_new ();
++		if (!ctx)
++			return -1;
+ 		ctx_initialized = 1;
+ 	}
+ 
+-	EVP_DecryptInit (&ctx, EVP_bf_cbc (), p->key, p->iv);
+-	if (EVP_DecryptUpdate (&ctx, dst, &olen, src, len) != 1)
++	EVP_DecryptInit (ctx, EVP_bf_cbc (), p->key, p->iv);
++	if (EVP_DecryptUpdate (ctx, dst, &olen, src, len) != 1)
+ 	{
+ 		fprintf (stderr,"error in decrypt update\n");
+ 		olen = -1;
+ 		goto cleanup;
+ 	}
+ 
+-	if (EVP_DecryptFinal (&ctx, dst + olen, &tlen) != 1)
++	if (EVP_DecryptFinal (ctx, dst + olen, &tlen) != 1)
+ 	{
+ 		fprintf (stderr,"error in decrypt final\n");
+ 		olen = -1;
+@@ -159,7 +167,7 @@
+ 	olen += tlen;
+ 
+ cleanup:
+-	EVP_CIPHER_CTX_cleanup(&ctx);	
++	EVP_CIPHER_CTX_reset (ctx);
+ 	return olen;
+ }
+ 
diff --git a/net-misc/vde/files/vde.conf-r1 b/net-misc/vde/files/vde.conf-r1
new file mode 100644
index 0000000..856bde8
--- /dev/null
+++ b/net-misc/vde/files/vde.conf-r1
@@ -0,0 +1,15 @@
+# load the tun module
+VDE_MODPROBE_TUN="yes"
+
+# virtual tap networking device to be used for vde
+VDE_TAP="tap0"
+
+# The group that will have access to the VDE control socket.
+VDE_GROUP="qemu"
+
+# VDE socket location (default: /run/${RC_SVCNAME}.ctl)
+VDE_SOCKET=""
+
+# Additional options passed to the vde_switch daemon.
+#VDE_OPTS=""
+VDE_OPTS=""
\ No newline at end of file
diff --git a/net-misc/vde/files/vde.init-r1 b/net-misc/vde/files/vde.init-r1
new file mode 100644
index 0000000..0934c51
--- /dev/null
+++ b/net-misc/vde/files/vde.init-r1
@@ -0,0 +1,44 @@
+#!/sbin/openrc-run
+# Copyright 1999-2017 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+command="/usr/bin/vde_switch"
+pidfile="/run/${RC_SVCNAME}.pid"
+
+depend() {
+	after net.${VDE_TAP}
+}
+
+start_pre() {
+	[ "${VDE_MODPROBE_TUN}" = "yes" ] || return 0
+	modprobe tun
+}
+
+# We have to use start() because the shortform uses --pidfile for s-s-d --start
+# which causes s-s-d to check the pid file before it exists
+start() {
+	VDE_SOCKET="${VDE_SOCKET:-/run/${RC_SVCNAME}.ctl}"
+
+	ebegin "Starting ${SVC_NAME}"
+
+	start-stop-daemon --start --exec ${command} -- \
+		--pidfile=${pidfile} \
+		--tap=${VDE_TAP} \
+		--group=${VDE_GROUP} \
+		--mode=660 \
+		--dirmode=770 \
+		--sock=${VDE_SOCKET} \
+		--daemon \
+	${VDE_OPTS}
+	ewaitfile 10 "${VDE_SOCKET}"
+
+	eend $? "Failed to start ${RC_SVCNAME}"
+}
+
+stop_post() {
+	[ "${VDE_MODPROBE_TUN}" = "yes" ] && modprobe --quiet --remove tun
+
+	# Don't fail to stop the service if the "tun" module in use
+	# and the above "modprobe -r" command fails.
+	return 0
+}
-- 
cgit v1.2.3