Skip site navigation (1)Skip section navigation (2)
Date:      Mon, 22 Aug 2016 10:27:01 +0000 (UTC)
From:      Raphael Kubo da Costa <rakuco@FreeBSD.org>
To:        ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-branches@freebsd.org
Subject:   svn commit: r420596 - in branches/2016Q3/devel/qca: . files
Message-ID:  <201608221027.u7MAR1FE073459@repo.freebsd.org>

next in thread | raw e-mail | index | archive | help
Author: rakuco
Date: Mon Aug 22 10:27:00 2016
New Revision: 420596
URL: https://svnweb.freebsd.org/changeset/ports/420596

Log:
  MFH: r417968 r418048 r420303
  
  devel/qca: Fix building without SSLv3 and SHA-0
  
    - Add 2 patches from upstream project
      - Fix building when libssl does not have SSLv3
      - Fix building when libcrypto does not have SHA-0
    - Replace USE_OPENSSL with USES= ssl
    - Rework files/patch-libressl with `make makepatch`
  
  Tested with devel/qca and devel/qca-qt5
  
  PR:		210053
  Approved by:	Maintainer time-out
  Obtained from:	KDE
  Differential Revision:	D6885
  
  devel/qca: Fix build failure on 9.3 / OpenSSL 0.9.7
  
    - Re-add patch for compression to satisfy 0.9.7
  
  PR:		210053
  
  Adjust the SHA0 removal patch.
  
  The upstream fix was still returning "sha0" in all_hash_types() even when SHA0
  support is not present. The fix has also been submitted upstream.
  
  PR:		211833
  Submitted by:	matthew@reztek.cz
  
  Approved by:	ports-secteam (junovitch)

Added:
  branches/2016Q3/devel/qca/files/patch-plugins_qca-ossl_CMakeLists.txt
     - copied unchanged from r417968, head/devel/qca/files/patch-plugins_qca-ossl_CMakeLists.txt
  branches/2016Q3/devel/qca/files/patch-plugins_qca-ossl_qca-ossl.cpp
     - copied, changed from r417968, head/devel/qca/files/patch-plugins_qca-ossl_qca-ossl.cpp
Deleted:
  branches/2016Q3/devel/qca/files/patch-libressl
Modified:
  branches/2016Q3/devel/qca/Makefile
Directory Properties:
  branches/2016Q3/   (props changed)

Modified: branches/2016Q3/devel/qca/Makefile
==============================================================================
--- branches/2016Q3/devel/qca/Makefile	Mon Aug 22 10:05:42 2016	(r420595)
+++ branches/2016Q3/devel/qca/Makefile	Mon Aug 22 10:27:00 2016	(r420596)
@@ -3,6 +3,7 @@
 
 PORTNAME=	qca
 PORTVERSION=	2.1.1
+PORTREVISION=	1
 CATEGORIES=	devel
 MASTER_SITES=	KDE/stable/qca/${PORTVERSION}/src
 
@@ -38,7 +39,7 @@ GNUPG_CMAKE_ON=		-DWITH_gnupg_PLUGIN=yes
 GNUPG_RUN_DEPENDS=	gpg2:security/gnupg
 
 OPENSSL_CMAKE_ON=	-DWITH_ossl_PLUGIN=yes
-OPENSSL_USE=		OPENSSL=yes
+OPENSSL_USES=		ssl
 
 SASL_CMAKE_ON=		-DWITH_cyrus-sasl_PLUGIN=yes
 SASL_LIB_DEPENDS=	libsasl2.so:security/cyrus-sasl2

Copied: branches/2016Q3/devel/qca/files/patch-plugins_qca-ossl_CMakeLists.txt (from r417968, head/devel/qca/files/patch-plugins_qca-ossl_CMakeLists.txt)
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ branches/2016Q3/devel/qca/files/patch-plugins_qca-ossl_CMakeLists.txt	Mon Aug 22 10:27:00 2016	(r420596, copy of r417968, head/devel/qca/files/patch-plugins_qca-ossl_CMakeLists.txt)
@@ -0,0 +1,28 @@
+qca-ossl: Fix build without support for SHA-0 
+https://quickgit.kde.org/?p=qca.git&a=commit&h=0dbed8eb38afd1561907a52283091c37e7b85156
+
+LibreSSL >= 2.3.0 removed support for SHA-0, so there's no EVP_sha 
+anymore. 
+Wikipedia says about SHA-0: "160-bit hash function published in 1993 
+under the name SHA. It was withdrawn shortly after publication due to 
+an undisclosed "significant flaw" and replaced by the slightly revised 
+version SHA-1.' 
+
+REVIEW: 125387 
+
+--- plugins/qca-ossl/CMakeLists.txt.orig
++++ plugins/qca-ossl/CMakeLists.txt
+@@ -24,6 +24,13 @@
+   else(HAVE_OPENSSL_AES_CTR)
+     message(WARNING "qca-ossl will be compiled without AES CTR mode encryption support")
+   endif(HAVE_OPENSSL_AES_CTR)
++
++  check_function_exists(EVP_sha HAVE_OPENSSL_SHA0)
++  if(HAVE_OPENSSL_SHA0)
++    add_definitions(-DHAVE_OPENSSL_SHA0)
++  else(HAVE_OPENSSL_SHA0)
++    message(WARNING "qca-ossl will be compiled without SHA-0 digest algorithm support")
++  endif(HAVE_OPENSSL_SHA0)
+ 
+   set(QCA_OSSL_SOURCES qca-ossl.cpp)
+ 

Copied and modified: branches/2016Q3/devel/qca/files/patch-plugins_qca-ossl_qca-ossl.cpp (from r417968, head/devel/qca/files/patch-plugins_qca-ossl_qca-ossl.cpp)
==============================================================================
--- head/devel/qca/files/patch-plugins_qca-ossl_qca-ossl.cpp	Sun Jul  3 12:10:18 2016	(r417968, copy source)
+++ branches/2016Q3/devel/qca/files/patch-plugins_qca-ossl_qca-ossl.cpp	Mon Aug 22 10:27:00 2016	(r420596)
@@ -1,27 +1,31 @@
-qca-ossl: Fix build without SSLv3 
+qca-ossl: Fix build without SSLv3
 http://quickgit.kde.org/?p=qca.git&a=commit&h=20a587d77636186edb044cd2b71d6d90fe98d232
 
-This fixes building with LibreSSL >= 2.3.0 which has removed support 
-for SSLv3 completely. As far as I know OpenSSL can be configured to 
-build without it, so it might be helpful there as well. 
+This fixes building with LibreSSL >= 2.3.0 which has removed support
+for SSLv3 completely. As far as I know OpenSSL can be configured to
+build without it, so it might be helpful there as well.
 
-REVIEW: 125386 
+REVIEW: 125386
 
-qca-ossl: Fix build without support for SHA-0 
+qca-ossl: Fix build without support for SHA-0
 https://quickgit.kde.org/?p=qca.git&a=commit&h=0dbed8eb38afd1561907a52283091c37e7b85156
 
-LibreSSL >= 2.3.0 removed support for SHA-0, so there's no EVP_sha 
-anymore. 
-Wikipedia says about SHA-0: "160-bit hash function published in 1993 
-under the name SHA. It was withdrawn shortly after publication due to 
-an undisclosed "significant flaw" and replaced by the slightly revised 
-version SHA-1.' 
+LibreSSL >= 2.3.0 removed support for SHA-0, so there's no EVP_sha
+anymore.
+Wikipedia says about SHA-0: "160-bit hash function published in 1993
+under the name SHA. It was withdrawn shortly after publication due to
+an undisclosed "significant flaw" and replaced by the slightly revised
+version SHA-1.'
+
+REVIEW: 125387
+
+Also includes:
+qca-ossl: Remove SHA0 from all_hash_types() when it is not available.
+https://git.reviewboard.kde.org/r/128700/
 
-REVIEW: 125387 
-
---- plugins/qca-ossl/qca-ossl.cpp.orig	2016-07-03 11:34:48 UTC
+--- plugins/qca-ossl/qca-ossl.cpp.orig	2015-10-02 09:39:21 UTC
 +++ plugins/qca-ossl/qca-ossl.cpp
-@@ -5403,9 +5403,11 @@
+@@ -5403,9 +5403,11 @@ public:
  			ctx = SSL_CTX_new(SSLv2_client_method());
  			break;
  #endif
@@ -33,7 +37,30 @@ REVIEW: 125387 
  		case TLS::TLS_v1:
  			ctx = SSL_CTX_new(TLSv1_client_method());
  			break;
-@@ -7135,8 +7135,10 @@
+@@ -5805,7 +5807,11 @@ public:
+ 	{
+ 		SessionInfo sessInfo;
+ 
+-		sessInfo.isCompressed = (0 != SSL_SESSION_get_compress_id(ssl->session));
++#ifndef OPENSSL_NO_COMP
++		sessInfo.isCompressed = (0 != ssl->session->compress_meth);
++#else
++		sessInfo.isCompressed = 0;
++#endif
+ 
+ 		if (ssl->version == TLS1_VERSION)
+ 			sessInfo.version = TLS::TLS_v1;
+@@ -6880,7 +6886,9 @@ static QStringList all_hash_types()
+ {
+ 	QStringList list;
+ 	list += "sha1";
++#ifdef HAVE_OPENSSL_SHA0
+ 	list += "sha0";
++#endif
+ 	list += "ripemd160";
+ #ifdef HAVE_OPENSSL_MD2
+ 	list += "md2";
+@@ -7133,8 +7141,10 @@ public:
  			return new opensslInfoContext(this);
  		else if ( type == "sha1" )
  			return new opensslHashContext( EVP_sha1(), this, type);



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201608221027.u7MAR1FE073459>