Date: Mon, 23 Apr 2018 18:24:25 +0000 (UTC) From: Bernard Spil <brnrd@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r468125 - head/security/xmlsec1/files Message-ID: <201804231824.w3NIOPFU043066@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: brnrd Date: Mon Apr 23 18:24:25 2018 New Revision: 468125 URL: https://svnweb.freebsd.org/changeset/ports/468125 Log: security/xmlsec1: Fix build with LibreSSL 2.7 - LibreSSL 2.7 implements most of OpenSSL 1.1 API PR: D14851 Submitted by: Charlie Li <ml+freebsd vishwin info> Approved by: maintainer time-out Obtained from: https://github.com/lsh123/xmlsec/pull/167 Differential Revision: https://reviews.freebsd.org/D14851 Added: head/security/xmlsec1/files/patch-configure.ac (contents, props changed) head/security/xmlsec1/files/patch-include_xmlsec_openssl_crypto.h (contents, props changed) head/security/xmlsec1/files/patch-src_openssl_openssl__compat.h (contents, props changed) Modified: head/security/xmlsec1/files/patch-configure Modified: head/security/xmlsec1/files/patch-configure ============================================================================== --- head/security/xmlsec1/files/patch-configure Mon Apr 23 18:18:20 2018 (r468124) +++ head/security/xmlsec1/files/patch-configure Mon Apr 23 18:24:25 2018 (r468125) @@ -1,6 +1,6 @@ ---- configure.orig 2016-10-17 07:49:05.000000000 +0900 -+++ configure 2017-01-05 18:09:44.486857000 +0900 -@@ -12141,7 +12141,7 @@ +--- configure.orig 2017-09-12 13:21:59 UTC ++++ configure +@@ -12661,7 +12649,7 @@ CC=$lt_save_CC @@ -9,16 +9,16 @@ # Extract the first word of "rm", so it can be a program name with args. set dummy rm; ac_word=$2 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -@@ -13143,7 +13143,7 @@ - fi +@@ -13648,7 +13636,7 @@ case "${host}" in + ;; + esac - -if test "z$shrext" == "z" ; then +if test "z$shrext" = "z" ; then shrext=$shrext_cmds fi -@@ -13858,6 +13858,7 @@ +@@ -14384,6 +14372,7 @@ elif test "z$with_openssl" != "z" ; then *-*-osf5*) openssl_exlibs=;; *-*-openbsd*) openssl_exlibs=;; *-*-netbsd*) openssl_exlibs=;; @@ -26,7 +26,7 @@ #FIXME: check if lib "dl" is required *) openssl_exlibs=-ldl;; esac -@@ -14189,9 +14190,9 @@ +@@ -14641,9 +14630,9 @@ if test "z$OPENSSL_FOUND" = "zno" ; then for dir in $ac_openssl_lib_dir ; do if test -f $dir/libcrypto.a ; then if test "z$dir" = "z/usr/lib" ; then @@ -38,18 +38,60 @@ fi OPENSSL_LIBS_FOUND="yes" ac_found_openssl_lib_dir=$dir -@@ -14240,7 +14241,7 @@ +@@ -14668,7 +14669,7 @@ $as_echo_n "checking for openssl librari /* end confdefs.h. */ + + #include <openssl/opensslv.h> +- #if OPENSSL_VERSION_NUMBER == 0x20000000L && defined(LIBRESSL_VERSION_NUMBER) ++ #if defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x20700000L + yes + #endif + +@@ -14676,7 +14665,7 @@ _ACEOF + if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | + $EGREP "yes" >/dev/null 2>&1; then : - #include <openssl/opensslv.h> -- #if OPENSSL_VERSION_NUMBER >= 0x10000000L -+ #if OPENSSL_VERSION_NUMBER >= 0x10000000L || defined(LIBRESSL_VERSION_NUMBER) - yes - #endif +- OPENSSL_VERSION="1.0.0 (libressl)" ++ OPENSSL_VERSION="1.0.0 (LibreSSL < 2.7)" -@@ -14330,12 +14331,12 @@ - OPENSSL_CFLAGS="$OPENSSL_CFLAGS -DXMLSEC_OPENSSL_110=1" - fi + else + +@@ -14692,7 +14681,31 @@ rm -f conftest* + /* end confdefs.h. */ + + #include <openssl/opensslv.h> +- #if OPENSSL_VERSION_NUMBER >= 0x10100000L ++ #if defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER >= 0x20700000L ++ yes ++ #endif ++ ++_ACEOF ++if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | ++ $EGREP "yes" >/dev/null 2>&1; then : ++ ++ OPENSSL_VERSION="1.1.0 (LibreSSL >= 2.7)" ++ ++else ++ ++ OPENSSL_VERSION="" ++ ++fi ++rm -f conftest* ++ ++ fi ++ ++ if test "z$OPENSSL_VERSION" = "z" ; then ++ cat confdefs.h - <<_ACEOF >conftest.$ac_ext ++/* end confdefs.h. */ ++ ++ #include <openssl/opensslv.h> ++ #if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) + yes + #endif + +@@ -14749,12 +14762,12 @@ fi + if test "z$OPENSSL_FOUND" = "zyes" ; then + XMLSEC_NO_OPENSSL="0" OPENSSL_CFLAGS="$OPENSSL_CFLAGS -DXMLSEC_CRYPTO_OPENSSL=1" - XMLSEC_CRYPTO_LIST="$XMLSEC_CRYPTO_LIST openssl" + XMLSEC_CRYPTO_LIST="$XMLSEC_CRYPTO_LIST openssl"; CPPFLAGS="$CPPFLAGS $OPENSSL_CFLAGS" @@ -62,7 +104,7 @@ XMLSEC_NO_OPENSSL_TRUE= XMLSEC_NO_OPENSSL_FALSE='#' else -@@ -14357,7 +14358,7 @@ +@@ -14776,7 +14789,7 @@ NSPR_MIN_VERSION="4.4.1" NSS_CFLAGS="" NSS_LIBS="" NSS_LIBS_LIST="-lnss3 -lsmime3" @@ -71,7 +113,7 @@ NSS_CRYPTO_LIB="$XMLSEC_PACKAGE-nss" NSS_FOUND="no" NSPR_PACKAGE=mozilla-nspr -@@ -14792,15 +14793,15 @@ +@@ -15211,15 +15224,15 @@ $as_echo_n "checking for nss libraries > NSS_NSS_H="" if test "z$with_nss" != "z" ; then Added: head/security/xmlsec1/files/patch-configure.ac ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/security/xmlsec1/files/patch-configure.ac Mon Apr 23 18:24:25 2018 (r468125) @@ -0,0 +1,33 @@ +--- configure.ac.orig 2017-09-12 13:21:09 UTC ++++ configure.ac +@@ -493,7 +493,7 @@ if test "z$OPENSSL_FOUND" = "zyes" -a "z + yes + #endif + ],[ +- OPENSSL_VERSION="1.0.0 (libressl)" ++ OPENSSL_VERSION="1.0.0 (libressl < 2.7)" + ],[ + OPENSSL_VERSION="" + ]) +@@ -502,7 +502,20 @@ if test "z$OPENSSL_FOUND" = "zyes" -a "z + if test "z$OPENSSL_VERSION" = "z" ; then + AC_EGREP_CPP(yes,[ + #include <openssl/opensslv.h> +- #if OPENSSL_VERSION_NUMBER >= 0x10100000L ++ #if defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER >= 0x20700000L ++ yes ++ #endif ++ ],[ ++ OPENSSL_VERSION="1.1.0 (libressl >= 2.7)" ++ ],[ ++ OPENSSL_VERSION="" ++ ]) ++ fi ++ ++ if test "z$OPENSSL_VERSION" = "z" ; then ++ AC_EGREP_CPP(yes,[ ++ #include <openssl/opensslv.h> ++ #if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) + yes + #endif + ],[ Added: head/security/xmlsec1/files/patch-include_xmlsec_openssl_crypto.h ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/security/xmlsec1/files/patch-include_xmlsec_openssl_crypto.h Mon Apr 23 18:24:25 2018 (r468125) @@ -0,0 +1,19 @@ +--- include/xmlsec/openssl/crypto.h.orig 2017-09-12 13:21:09 UTC ++++ include/xmlsec/openssl/crypto.h +@@ -43,11 +43,14 @@ XMLSEC_CRYPTO_EXPORT const xmlChar* + * What version of the openssl API do we have? (also see configure.ac) + * + *******************************************************************/ +-#if OPENSSL_VERSION_NUMBER == 0x20000000L && defined(LIBRESSL_VERSION_NUMBER) +-/* Libressl decided to take over OpenSSL version 2.0.0, likely will create ++#if defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x20700000L ++/* LibreSSL decided to take over OpenSSL version 2.0.0, likely will create + * issues down the road... + */ + #define XMLSEC_OPENSSL_API_100 1 ++#elif defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER >= 0x20700000L ++/* LibreSSL 2.7 implements OpenSSL 1.1 API */ ++#define XMLSEC_OPENSSL_API_110 1 + #elif OPENSSL_VERSION_NUMBER >= 0x10100000L + #define XMLSEC_OPENSSL_API_110 1 + #elif OPENSSL_VERSION_NUMBER >= 0x10000000L Added: head/security/xmlsec1/files/patch-src_openssl_openssl__compat.h ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/security/xmlsec1/files/patch-src_openssl_openssl__compat.h Mon Apr 23 18:24:25 2018 (r468125) @@ -0,0 +1,22 @@ +--- src/openssl/openssl_compat.h.orig 2017-09-12 13:21:09 UTC ++++ src/openssl/openssl_compat.h +@@ -49,4 +49,19 @@ + + #endif /* !defined(XMLSEC_OPENSSL_API_110) */ + ++/****************************************************************************** ++ * ++ * LibreSSL 2.7+ compatibility (implements most of OpenSSL 1.1 API) ++ * ++ *****************************************************************************/ ++#if defined(XMLSEC_OPENSSL_API_110) && defined(LIBRESSL_VERSION_NUMBER) ++/* EVP_CIPHER_CTX stuff */ ++#define EVP_CIPHER_CTX_encrypting(x) ((x)->encrypt) ++ ++/* X509 stuff */ ++#define X509_STORE_CTX_get_by_subject X509_STORE_get_by_subject ++#define X509_OBJECT_new() (calloc(1, sizeof(X509_OBJECT))) ++#define X509_OBJECT_free(x) { X509_OBJECT_free_contents(x); free(x); } ++#endif ++ + #endif /* __XMLSEC_OPENSSL_OPENSSL_COMPAT_H__ */
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201804231824.w3NIOPFU043066>