Date: Tue, 27 Oct 2020 22:09:43 +0000 (UTC) From: Mark Felder <feld@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-branches@freebsd.org Subject: svn commit: r553503 - in branches/2020Q4/security/titus: . files Message-ID: <202010272209.09RM9h6F087175@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: feld Date: Tue Oct 27 22:09:43 2020 New Revision: 553503 URL: https://svnweb.freebsd.org/changeset/ports/553503 Log: MFH: r553502 security/titus: Support OpenSSL 1.1.0+ Backported patch fixes builds on FreeBSD 12 and 13 Approved by: ports-secteam (blanket) Added: branches/2020Q4/security/titus/files/patch-dh.cpp - copied unchanged from r553502, head/security/titus/files/patch-dh.cpp branches/2020Q4/security/titus/files/patch-rsa__client.cpp - copied unchanged from r553502, head/security/titus/files/patch-rsa__client.cpp Modified: branches/2020Q4/security/titus/Makefile Directory Properties: branches/2020Q4/ (props changed) Modified: branches/2020Q4/security/titus/Makefile ============================================================================== --- branches/2020Q4/security/titus/Makefile Tue Oct 27 22:08:35 2020 (r553502) +++ branches/2020Q4/security/titus/Makefile Tue Oct 27 22:09:43 2020 (r553503) @@ -3,7 +3,7 @@ PORTNAME= titus PORTVERSION= 0.3 -PORTREVISION= 5 +PORTREVISION= 6 CATEGORIES= security MAINTAINER= feld@FreeBSD.org @@ -25,11 +25,6 @@ CFLAGS+= -I${OPENSSLINC} LDFLAGS+= -L${OPENSSLLIB} .include <bsd.port.pre.mk> - -.if ${SSL_DEFAULT} == base -BROKEN_FreeBSD_12= member access into incomplete type 'dh_st' -BROKEN_FreeBSD_13= member access into incomplete type 'dh_st' -.endif post-patch: ${REINPLACE_CMD} 's|/var/lib/titus/empty|/var/empty|' ${WRKSRC}/titus.conf.example Copied: branches/2020Q4/security/titus/files/patch-dh.cpp (from r553502, head/security/titus/files/patch-dh.cpp) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ branches/2020Q4/security/titus/files/patch-dh.cpp Tue Oct 27 22:09:43 2020 (r553503, copy of r553502, head/security/titus/files/patch-dh.cpp) @@ -0,0 +1,15 @@ +--- dh.cpp.orig 2015-11-28 22:51:00 UTC ++++ dh.cpp +@@ -148,11 +148,7 @@ openssl_unique_ptr<DH> make_dh (const unsigned char* p + throw Openssl_error(ERR_get_error()); + } + +- if ((dh->p = BN_bin2bn(prime, prime_len, NULL)) == NULL) { +- throw Openssl_error(ERR_get_error()); +- } +- +- if ((dh->g = BN_bin2bn(generator, generator_len, NULL)) == NULL) { ++ if (!DH_set0_pqg(dh.get(), BN_bin2bn(prime, prime_len, NULL), NULL, BN_bin2bn(generator, generator_len, NULL))) { + throw Openssl_error(ERR_get_error()); + } + Copied: branches/2020Q4/security/titus/files/patch-rsa__client.cpp (from r553502, head/security/titus/files/patch-rsa__client.cpp) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ branches/2020Q4/security/titus/files/patch-rsa__client.cpp Tue Oct 27 22:09:43 2020 (r553503, copy of r553502, head/security/titus/files/patch-rsa__client.cpp) @@ -0,0 +1,50 @@ +--- rsa_client.cpp.orig 2015-11-28 22:51:00 UTC ++++ rsa_client.cpp +@@ -85,7 +85,7 @@ int Rsa_client::rsa_private_encrypt (int flen, const u + int Rsa_client::rsa_finish (RSA* rsa) + { + delete reinterpret_cast<Rsa_client_data*>(RSA_get_app_data(rsa)); +- if (const auto default_finish = RSA_get_default_method()->finish) { ++ if (const auto default_finish = RSA_meth_get_finish(RSA_get_default_method())) { + return (*default_finish)(rsa); + } else { + return 1; +@@ -94,14 +94,14 @@ int Rsa_client::rsa_finish (RSA* rsa) + + const RSA_METHOD* Rsa_client::get_rsa_method () + { +- static RSA_METHOD ops; +- if (!ops.rsa_priv_enc) { +- ops = *RSA_get_default_method(); +- ops.rsa_priv_enc = rsa_private_encrypt; +- ops.rsa_priv_dec = rsa_private_decrypt; +- ops.finish = rsa_finish; ++ static RSA_METHOD* ops = NULL; ++ if (ops == NULL) { ++ ops = RSA_meth_dup(RSA_get_default_method()); ++ RSA_meth_set_priv_enc(ops, rsa_private_encrypt); ++ RSA_meth_set_priv_dec(ops, rsa_private_decrypt); ++ RSA_meth_set_finish(ops, rsa_finish); + } +- return &ops; ++ return ops; + } + + openssl_unique_ptr<EVP_PKEY> Rsa_client::load_private_key (uintptr_t key_id, RSA* public_rsa) +@@ -111,12 +111,10 @@ openssl_unique_ptr<EVP_PKEY> Rsa_client::load_private_ + throw Openssl_error(ERR_get_error()); + } + +- rsa->n = BN_dup(public_rsa->n); +- if (!rsa->n) { +- throw Openssl_error(ERR_get_error()); +- } +- rsa->e = BN_dup(public_rsa->e); +- if (!rsa->e) { ++ const BIGNUM* n; ++ const BIGNUM* e; ++ RSA_get0_key(public_rsa, &n, &e, NULL); ++ if (!RSA_set0_key(rsa.get(), BN_dup(n), BN_dup(e), NULL)) { + throw Openssl_error(ERR_get_error()); + } +
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202010272209.09RM9h6F087175>