Date: Mon, 22 Aug 2016 10:27:01 +0000 (UTC) From: Raphael Kubo da Costa <rakuco@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-branches@freebsd.org Subject: svn commit: r420596 - in branches/2016Q3/devel/qca: . files Message-ID: <201608221027.u7MAR1FE073459@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: rakuco Date: Mon Aug 22 10:27:00 2016 New Revision: 420596 URL: https://svnweb.freebsd.org/changeset/ports/420596 Log: MFH: r417968 r418048 r420303 devel/qca: Fix building without SSLv3 and SHA-0 - Add 2 patches from upstream project - Fix building when libssl does not have SSLv3 - Fix building when libcrypto does not have SHA-0 - Replace USE_OPENSSL with USES= ssl - Rework files/patch-libressl with `make makepatch` Tested with devel/qca and devel/qca-qt5 PR: 210053 Approved by: Maintainer time-out Obtained from: KDE Differential Revision: D6885 devel/qca: Fix build failure on 9.3 / OpenSSL 0.9.7 - Re-add patch for compression to satisfy 0.9.7 PR: 210053 Adjust the SHA0 removal patch. The upstream fix was still returning "sha0" in all_hash_types() even when SHA0 support is not present. The fix has also been submitted upstream. PR: 211833 Submitted by: matthew@reztek.cz Approved by: ports-secteam (junovitch) Added: branches/2016Q3/devel/qca/files/patch-plugins_qca-ossl_CMakeLists.txt - copied unchanged from r417968, head/devel/qca/files/patch-plugins_qca-ossl_CMakeLists.txt branches/2016Q3/devel/qca/files/patch-plugins_qca-ossl_qca-ossl.cpp - copied, changed from r417968, head/devel/qca/files/patch-plugins_qca-ossl_qca-ossl.cpp Deleted: branches/2016Q3/devel/qca/files/patch-libressl Modified: branches/2016Q3/devel/qca/Makefile Directory Properties: branches/2016Q3/ (props changed) Modified: branches/2016Q3/devel/qca/Makefile ============================================================================== --- branches/2016Q3/devel/qca/Makefile Mon Aug 22 10:05:42 2016 (r420595) +++ branches/2016Q3/devel/qca/Makefile Mon Aug 22 10:27:00 2016 (r420596) @@ -3,6 +3,7 @@ PORTNAME= qca PORTVERSION= 2.1.1 +PORTREVISION= 1 CATEGORIES= devel MASTER_SITES= KDE/stable/qca/${PORTVERSION}/src @@ -38,7 +39,7 @@ GNUPG_CMAKE_ON= -DWITH_gnupg_PLUGIN=yes GNUPG_RUN_DEPENDS= gpg2:security/gnupg OPENSSL_CMAKE_ON= -DWITH_ossl_PLUGIN=yes -OPENSSL_USE= OPENSSL=yes +OPENSSL_USES= ssl SASL_CMAKE_ON= -DWITH_cyrus-sasl_PLUGIN=yes SASL_LIB_DEPENDS= libsasl2.so:security/cyrus-sasl2 Copied: branches/2016Q3/devel/qca/files/patch-plugins_qca-ossl_CMakeLists.txt (from r417968, head/devel/qca/files/patch-plugins_qca-ossl_CMakeLists.txt) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ branches/2016Q3/devel/qca/files/patch-plugins_qca-ossl_CMakeLists.txt Mon Aug 22 10:27:00 2016 (r420596, copy of r417968, head/devel/qca/files/patch-plugins_qca-ossl_CMakeLists.txt) @@ -0,0 +1,28 @@ +qca-ossl: Fix build without support for SHA-0 +https://quickgit.kde.org/?p=qca.git&a=commit&h=0dbed8eb38afd1561907a52283091c37e7b85156 + +LibreSSL >= 2.3.0 removed support for SHA-0, so there's no EVP_sha +anymore. +Wikipedia says about SHA-0: "160-bit hash function published in 1993 +under the name SHA. It was withdrawn shortly after publication due to +an undisclosed "significant flaw" and replaced by the slightly revised +version SHA-1.' + +REVIEW: 125387 + +--- plugins/qca-ossl/CMakeLists.txt.orig ++++ plugins/qca-ossl/CMakeLists.txt +@@ -24,6 +24,13 @@ + else(HAVE_OPENSSL_AES_CTR) + message(WARNING "qca-ossl will be compiled without AES CTR mode encryption support") + endif(HAVE_OPENSSL_AES_CTR) ++ ++ check_function_exists(EVP_sha HAVE_OPENSSL_SHA0) ++ if(HAVE_OPENSSL_SHA0) ++ add_definitions(-DHAVE_OPENSSL_SHA0) ++ else(HAVE_OPENSSL_SHA0) ++ message(WARNING "qca-ossl will be compiled without SHA-0 digest algorithm support") ++ endif(HAVE_OPENSSL_SHA0) + + set(QCA_OSSL_SOURCES qca-ossl.cpp) + Copied and modified: branches/2016Q3/devel/qca/files/patch-plugins_qca-ossl_qca-ossl.cpp (from r417968, head/devel/qca/files/patch-plugins_qca-ossl_qca-ossl.cpp) ============================================================================== --- head/devel/qca/files/patch-plugins_qca-ossl_qca-ossl.cpp Sun Jul 3 12:10:18 2016 (r417968, copy source) +++ branches/2016Q3/devel/qca/files/patch-plugins_qca-ossl_qca-ossl.cpp Mon Aug 22 10:27:00 2016 (r420596) @@ -1,27 +1,31 @@ -qca-ossl: Fix build without SSLv3 +qca-ossl: Fix build without SSLv3 http://quickgit.kde.org/?p=qca.git&a=commit&h=20a587d77636186edb044cd2b71d6d90fe98d232 -This fixes building with LibreSSL >= 2.3.0 which has removed support -for SSLv3 completely. As far as I know OpenSSL can be configured to -build without it, so it might be helpful there as well. +This fixes building with LibreSSL >= 2.3.0 which has removed support +for SSLv3 completely. As far as I know OpenSSL can be configured to +build without it, so it might be helpful there as well. -REVIEW: 125386 +REVIEW: 125386 -qca-ossl: Fix build without support for SHA-0 +qca-ossl: Fix build without support for SHA-0 https://quickgit.kde.org/?p=qca.git&a=commit&h=0dbed8eb38afd1561907a52283091c37e7b85156 -LibreSSL >= 2.3.0 removed support for SHA-0, so there's no EVP_sha -anymore. -Wikipedia says about SHA-0: "160-bit hash function published in 1993 -under the name SHA. It was withdrawn shortly after publication due to -an undisclosed "significant flaw" and replaced by the slightly revised -version SHA-1.' +LibreSSL >= 2.3.0 removed support for SHA-0, so there's no EVP_sha +anymore. +Wikipedia says about SHA-0: "160-bit hash function published in 1993 +under the name SHA. It was withdrawn shortly after publication due to +an undisclosed "significant flaw" and replaced by the slightly revised +version SHA-1.' + +REVIEW: 125387 + +Also includes: +qca-ossl: Remove SHA0 from all_hash_types() when it is not available. +https://git.reviewboard.kde.org/r/128700/ -REVIEW: 125387 - ---- plugins/qca-ossl/qca-ossl.cpp.orig 2016-07-03 11:34:48 UTC +--- plugins/qca-ossl/qca-ossl.cpp.orig 2015-10-02 09:39:21 UTC +++ plugins/qca-ossl/qca-ossl.cpp -@@ -5403,9 +5403,11 @@ +@@ -5403,9 +5403,11 @@ public: ctx = SSL_CTX_new(SSLv2_client_method()); break; #endif @@ -33,7 +37,30 @@ REVIEW: 125387 case TLS::TLS_v1: ctx = SSL_CTX_new(TLSv1_client_method()); break; -@@ -7135,8 +7135,10 @@ +@@ -5805,7 +5807,11 @@ public: + { + SessionInfo sessInfo; + +- sessInfo.isCompressed = (0 != SSL_SESSION_get_compress_id(ssl->session)); ++#ifndef OPENSSL_NO_COMP ++ sessInfo.isCompressed = (0 != ssl->session->compress_meth); ++#else ++ sessInfo.isCompressed = 0; ++#endif + + if (ssl->version == TLS1_VERSION) + sessInfo.version = TLS::TLS_v1; +@@ -6880,7 +6886,9 @@ static QStringList all_hash_types() + { + QStringList list; + list += "sha1"; ++#ifdef HAVE_OPENSSL_SHA0 + list += "sha0"; ++#endif + list += "ripemd160"; + #ifdef HAVE_OPENSSL_MD2 + list += "md2"; +@@ -7133,8 +7141,10 @@ public: return new opensslInfoContext(this); else if ( type == "sha1" ) return new opensslHashContext( EVP_sha1(), this, type);
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201608221027.u7MAR1FE073459>