Date: Fri, 12 Apr 2019 17:11:38 +0000 (UTC) From: Mark Felder <feld@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-branches@freebsd.org Subject: svn commit: r498731 - in branches/2019Q2/security/tlswrap: . files Message-ID: <201904121711.x3CHBcp1074069@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: feld Date: Fri Apr 12 17:11:38 2019 New Revision: 498731 URL: https://svnweb.freebsd.org/changeset/ports/498731 Log: MFH: r498730 security/tlswrap: Add patch to fix support for modern OpenSSL PR: 236137 Modified: branches/2019Q2/security/tlswrap/Makefile branches/2019Q2/security/tlswrap/files/patch-tls.c Directory Properties: branches/2019Q2/ (props changed) Modified: branches/2019Q2/security/tlswrap/Makefile ============================================================================== --- branches/2019Q2/security/tlswrap/Makefile Fri Apr 12 17:10:31 2019 (r498730) +++ branches/2019Q2/security/tlswrap/Makefile Fri Apr 12 17:11:38 2019 (r498731) @@ -3,7 +3,7 @@ PORTNAME= tlswrap PORTVERSION= 1.0.4 -PORTREVISION= 1 +PORTREVISION= 2 CATEGORIES= security MASTER_SITES= http://www.tlswrap.com/ DISTNAME= ${PORTNAME}-1.04 @@ -19,11 +19,6 @@ CFLAGS+= -I${OPENSSLINC} OPTIONS_DEFINE= DOCS .include <bsd.port.pre.mk> - -.if ${SSL_DEFAULT} == base -BROKEN_FreeBSD_12= incomplete definition of type 'struct X509_extension_st' -BROKEN_FreeBSD_13= incomplete definition of type 'struct X509_extension_st' -.endif post-patch: @${REINPLACE_CMD} -E 's,^(CC|CFLAGS|LDFLAGS).*=,\1?=,g' \ Modified: branches/2019Q2/security/tlswrap/files/patch-tls.c ============================================================================== --- branches/2019Q2/security/tlswrap/files/patch-tls.c Fri Apr 12 17:10:31 2019 (r498730) +++ branches/2019Q2/security/tlswrap/files/patch-tls.c Fri Apr 12 17:11:38 2019 (r498731) @@ -1,6 +1,6 @@ ---- tls.c.orig 2006-11-25 19:52:08.000000000 +0100 -+++ tls.c 2015-04-19 15:53:43.000000000 +0200 -@@ -73,10 +73,12 @@ void tls_init(char *egd_sock) { +--- tls.c.orig 2006-11-25 18:52:08.000000000 +0000 ++++ tls.c 2019-03-22 17:37:16.971621000 +0000 +@@ -73,10 +73,12 @@ printf("egd_sock is %s\n", egd_sock); #ifdef HAVE_RAND_STATUS if (RAND_status() != 1) { @@ -13,3 +13,42 @@ if (RAND_status() != 1) sys_err("ssl_init: System without /dev/urandom, PRNG seeding must be done manually.\r\n"); } +@@ -258,7 +260,7 @@ + X509 *x509_peer; + X509_NAME *x509_subj; + X509_EXTENSION *x509_ext; +- X509V3_EXT_METHOD *x509_meth; ++ const X509V3_EXT_METHOD *x509_meth; + int ok, extcount, i, j; + char *extstr; + SSL *ssl; +@@ -294,15 +296,17 @@ + extstr = (char*)OBJ_nid2sn(OBJ_obj2nid(X509_EXTENSION_get_object(x509_ext))); + if (debug) printf("extstr = %s\n", extstr); + if (!strcmp(extstr, "subjectAltName")) { ++ ASN1_OCTET_STRING *x509_ext_data; + subjectaltname = 1; + if (!(x509_meth = X509V3_EXT_get(x509_ext))) + break; +- data1 = x509_ext->value->data; ++ x509_ext_data = X509_EXTENSION_get_data(x509_ext); ++ data1 = x509_ext_data->data; + #if (OPENSSL_VERSION_NUMBER > 0x00907000L) + if (x509_meth->it) +- ext_str = ASN1_item_d2i(NULL, &data1, x509_ext->value->length, ASN1_ITEM_ptr(x509_meth->it)); ++ ext_str = ASN1_item_d2i(NULL, &data1, x509_ext_data->length, ASN1_ITEM_ptr(x509_meth->it)); + else +- ext_str = x509_meth->d2i(NULL, &data1, x509_ext->value->length); ++ ext_str = x509_meth->d2i(NULL, &data1, x509_ext_data->length); + #else + ext_str = x509_meth->d2i(NULL, &data1, x509_ext->value->length); + #endif +@@ -341,7 +345,7 @@ + tls_auth_cont(struct user_data *ud, int data) + { + int status, sslerr, cert_ok; +- SSL_CIPHER *cipher; ++ const SSL_CIPHER *cipher; + char cipher_info[128]; + SSL *ssl; +
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201904121711.x3CHBcp1074069>