From nobody Sat Oct 16 13:35:51 2021 X-Original-To: dev-commits-ports-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id DDD5B17F3F1E; Sat, 16 Oct 2021 13:35:51 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4HWkfv4QCYz3hb9; Sat, 16 Oct 2021 13:35:51 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 78D701AD90; Sat, 16 Oct 2021 13:35:51 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 19GDZp0s076862; Sat, 16 Oct 2021 13:35:51 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 19GDZp2i076861; Sat, 16 Oct 2021 13:35:51 GMT (envelope-from git) Date: Sat, 16 Oct 2021 13:35:51 GMT Message-Id: <202110161335.19GDZp2i076861@gitrepo.freebsd.org> To: ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-main@FreeBSD.org From: Alexey Dokuchaev Subject: git: 994cdbddbc18 - main - comms/kermit: the port had been updated and cleaned up (+) List-Id: Commit messages for all branches of the ports repository List-Archive: https://lists.freebsd.org/archives/dev-commits-ports-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-ports-all@freebsd.org X-BeenThere: dev-commits-ports-all@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: danfe X-Git-Repository: ports X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 994cdbddbc1823fe9ba62db697ec19548d6383c9 Auto-Submitted: auto-generated X-ThisMailContainsUnwantedMimeParts: N The branch main has been updated by danfe: URL: https://cgit.FreeBSD.org/ports/commit/?id=994cdbddbc1823fe9ba62db697ec19548d6383c9 commit 994cdbddbc1823fe9ba62db697ec19548d6383c9 Author: Alexey Dokuchaev AuthorDate: 2021-10-16 13:34:52 +0000 Commit: Alexey Dokuchaev CommitDate: 2021-10-16 13:34:52 +0000 comms/kermit: the port had been updated and cleaned up (+) - Update C-Kermit to version 9.0.305 Alpha.04 which integrates both modern and legacy OpenSSL support (thus drop our local patch) - Do not install essentially empty dot-files as examples; they also contain references to full *.ini files which are no longer shipped as part of the C-Kermit distribution - The only useful documentation now is README.TXT, install it in the dedicated option helper target --- comms/kermit/Makefile | 18 +- comms/kermit/distinfo | 6 +- comms/kermit/files/ckermit.ini | 8 - comms/kermit/files/ckermod.ini | 8 - comms/kermit/files/patch-ck__ssl.c | 379 ------------------------------------- 5 files changed, 10 insertions(+), 409 deletions(-) diff --git a/comms/kermit/Makefile b/comms/kermit/Makefile index 4bd00f510809..1d0ddb57db24 100644 --- a/comms/kermit/Makefile +++ b/comms/kermit/Makefile @@ -1,16 +1,17 @@ # Created by: Paul Traina PORTNAME= kermit -PORTVERSION= 9.0.304.24 +PORTVERSION= 9.0.305.04 CATEGORIES= comms ftp net MASTER_SITES= http://www.kermitproject.org/ftp/kermit/test/tar/ \ ftp://ftp.kermitproject.org/kermit/test/tar/ -DISTNAME= cku${PORTVERSION:R:E}-dev${PORTVERSION:E} +DISTNAME= cku${PORTVERSION:R:E}-alpha${PORTVERSION:E} MAINTAINER= danfe@FreeBSD.org COMMENT= Portable scriptable network and serial communication program LICENSE= BSD3CLAUSE +LICENSE_FILE= ${WRKSRC}/COPYING.TXT USES= ssl NO_WRKSUBDIR= yes @@ -20,9 +21,8 @@ MAKE_ARGS= CC2="${CC}" SSLINC="-I${OPENSSLINC}" SSLLIB="-L${OPENSSLLIB}" PLIST_FILES= bin/kermit man/man1/kermit.1.gz PORTDOCS= * -PORTEXAMPLES= * -OPTIONS_DEFINE= DOCS EXAMPLES +OPTIONS_DEFINE= DOCS post-patch: @${REINPLACE_CMD} -e 's,-O2 -pipe,${CFLAGS},' ${WRKSRC}/${MAKEFILE} @@ -31,13 +31,9 @@ do-install: ${INSTALL_PROGRAM} ${WRKSRC}/wermit ${STAGEDIR}${PREFIX}/bin/kermit ${INSTALL_MAN} ${WRKSRC}/ckuker.nr \ ${STAGEDIR}${MANPREFIX}/man/man1/kermit.1 + +do-install-DOCS-on: @${MKDIR} ${STAGEDIR}${DOCSDIR} - ${INSTALL_DATA} ${WRKSRC}/*.txt ${STAGEDIR}${DOCSDIR} - ${LN} -sf ckaaaa.txt ${STAGEDIR}${DOCSDIR}/READ.ME - @${MKDIR} ${STAGEDIR}${EXAMPLESDIR} - ${INSTALL_DATA} ${PATCHDIR}/ckermit.ini \ - ${STAGEDIR}${EXAMPLESDIR}/dot.kermrc - ${INSTALL_DATA} ${PATCHDIR}/ckermod.ini \ - ${STAGEDIR}${EXAMPLESDIR}/dot.mykermrc + ${INSTALL_DATA} ${WRKSRC}/README.TXT ${STAGEDIR}${DOCSDIR} .include diff --git a/comms/kermit/distinfo b/comms/kermit/distinfo index e105a2423bed..021e2e1f8e4a 100644 --- a/comms/kermit/distinfo +++ b/comms/kermit/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1588857229 -SHA256 (cku304-dev24.tar.gz) = b7abde063e25013cfd85279c78a39270d331fd231d4724c158fe5399ef6c62a5 -SIZE (cku304-dev24.tar.gz) = 2480314 +TIMESTAMP = 1631718979 +SHA256 (cku305-alpha04.tar.gz) = 72a0b55f30dea3dcbca5d486396ec432c57d23fb618f2010fda746b6acb3c35c +SIZE (cku305-alpha04.tar.gz) = 2551405 diff --git a/comms/kermit/files/ckermit.ini b/comms/kermit/files/ckermit.ini deleted file mode 100644 index b30f3892ff5f..000000000000 --- a/comms/kermit/files/ckermit.ini +++ /dev/null @@ -1,8 +0,0 @@ -COMMENT - Standard C-Kermit initialization file -; -echo -echo The very long standard initialization file that was distributed -echo with C-Kermit 6, 7, and 8 is no longer recommended as "standard", -echo since its features were little used. It is still available in -echo the C-Kermit distribution as ockermit.ini. -echo diff --git a/comms/kermit/files/ckermod.ini b/comms/kermit/files/ckermod.ini deleted file mode 100644 index 6b13c85b64d6..000000000000 --- a/comms/kermit/files/ckermod.ini +++ /dev/null @@ -1,8 +0,0 @@ -; File CKERMOD.INI, Sample C-Kermit 7.0 customization file. -; -echo -echo The very long standard initialization file that was distributed -echo with C-Kermit 6, 7, and 8 is no longer recommended as "standard", -echo since its features were little used. It is still available in -echo the C-Kermit distribution as ockermod.ini. -echo diff --git a/comms/kermit/files/patch-ck__ssl.c b/comms/kermit/files/patch-ck__ssl.c deleted file mode 100644 index 4af8ac9d6b21..000000000000 --- a/comms/kermit/files/patch-ck__ssl.c +++ /dev/null @@ -1,379 +0,0 @@ ---- ck_ssl.c.orig 2017-04-26 15:56:23 UTC -+++ ck_ssl.c -@@ -303,7 +303,7 @@ X509_STORE_CTX *ctx; - break; - default: - printf("Error %d while verifying certificate.\r\n", -- ctx->error); -+ error); - break; - } - } -@@ -935,13 +935,32 @@ static DH * - get_dh512() - { - DH *dh=NULL; -+#if OPENSSL_VERSION_NUMBER >= 0x10100005L -+ BIGNUM *p, *g; -+#endif - - if ((dh=DH_new()) == NULL) - return(NULL); -+#if OPENSSL_VERSION_NUMBER >= 0x10100005L -+ p=BN_bin2bn(dh512_p,sizeof(dh512_p),NULL); -+ g=BN_bin2bn(dh512_g,sizeof(dh512_g),NULL); -+ if (p == NULL || g == NULL) { -+ BN_free(g); -+ BN_free(p); -+ DH_free(dh); -+ return(NULL); -+ } else -+ DH_set0_pqg(dh, p, NULL, g); -+#else - dh->p=BN_bin2bn(dh512_p,sizeof(dh512_p),NULL); - dh->g=BN_bin2bn(dh512_g,sizeof(dh512_g),NULL); -- if ((dh->p == NULL) || (dh->g == NULL)) -+ if ((dh->p == NULL) || (dh->g == NULL)) { -+ BN_free(dh->g); -+ BN_free(dh->p); -+ DH_free(dh); - return(NULL); -+ } -+#endif - return(dh); - } - -@@ -949,13 +968,32 @@ static DH * - get_dh768() - { - DH *dh=NULL; -+#if OPENSSL_VERSION_NUMBER >= 0x10100005L -+ BIGNUM *p, *g; -+#endif - - if ((dh=DH_new()) == NULL) - return(NULL); -+#if OPENSSL_VERSION_NUMBER >= 0x10100005L -+ p=BN_bin2bn(dh768_p,sizeof(dh768_p),NULL); -+ g=BN_bin2bn(dh768_g,sizeof(dh768_g),NULL); -+ if (p == NULL || g == NULL) { -+ BN_free(g); -+ BN_free(p); -+ DH_free(dh); -+ return(NULL); -+ } else -+ DH_set0_pqg(dh, p, NULL, g); -+#else - dh->p=BN_bin2bn(dh768_p,sizeof(dh768_p),NULL); - dh->g=BN_bin2bn(dh768_g,sizeof(dh768_g),NULL); -- if ((dh->p == NULL) || (dh->g == NULL)) -+ if ((dh->p == NULL) || (dh->g == NULL)) { -+ BN_free(dh->g); -+ BN_free(dh->p); -+ DH_free(dh); - return(NULL); -+ } -+#endif - return(dh); - } - -@@ -963,13 +1001,32 @@ static DH * - get_dh1024() - { - DH *dh=NULL; -+#if OPENSSL_VERSION_NUMBER >= 0x10100005L -+ BIGNUM *p, *g; -+#endif - - if ((dh=DH_new()) == NULL) - return(NULL); -+#if OPENSSL_VERSION_NUMBER >= 0x10100005L -+ p=BN_bin2bn(dh1024_p,sizeof(dh1024_p),NULL); -+ g=BN_bin2bn(dh1024_g,sizeof(dh1024_g),NULL); -+ if (p == NULL || g == NULL) { -+ BN_free(g); -+ BN_free(p); -+ DH_free(dh); -+ return(NULL); -+ } else -+ DH_set0_pqg(dh, p, NULL, g); -+#else - dh->p=BN_bin2bn(dh1024_p,sizeof(dh1024_p),NULL); - dh->g=BN_bin2bn(dh1024_g,sizeof(dh1024_g),NULL); -- if ((dh->p == NULL) || (dh->g == NULL)) -+ if ((dh->p == NULL) || (dh->g == NULL)) { -+ BN_free(dh->g); -+ BN_free(dh->p); -+ DH_free(dh); - return(NULL); -+ } -+#endif - return(dh); - } - -@@ -977,13 +1034,32 @@ static DH * - get_dh1536() - { - DH *dh=NULL; -+#if OPENSSL_VERSION_NUMBER >= 0x10100005L -+ BIGNUM *p, *g; -+#endif - - if ((dh=DH_new()) == NULL) - return(NULL); -+#if OPENSSL_VERSION_NUMBER >= 0x10100005L -+ p=BN_bin2bn(dh1536_p,sizeof(dh1536_p),NULL); -+ g=BN_bin2bn(dh1536_g,sizeof(dh1536_g),NULL); -+ if (p == NULL || g == NULL) { -+ BN_free(g); -+ BN_free(p); -+ DH_free(dh); -+ return(NULL); -+ } else -+ DH_set0_pqg(dh, p, NULL, g); -+#else - dh->p=BN_bin2bn(dh1536_p,sizeof(dh1536_p),NULL); - dh->g=BN_bin2bn(dh1536_g,sizeof(dh1536_g),NULL); -- if ((dh->p == NULL) || (dh->g == NULL)) -+ if ((dh->p == NULL) || (dh->g == NULL)) { -+ BN_free(dh->g); -+ BN_free(dh->p); -+ DH_free(dh); - return(NULL); -+ } -+#endif - return(dh); - } - -@@ -991,13 +1067,32 @@ static DH * - get_dh2048() - { - DH *dh=NULL; -+#if OPENSSL_VERSION_NUMBER >= 0x10100005L -+ BIGNUM *p, *g; -+#endif - - if ((dh=DH_new()) == NULL) - return(NULL); -+#if OPENSSL_VERSION_NUMBER >= 0x10100005L -+ p=BN_bin2bn(dh2048_p,sizeof(dh2048_p),NULL); -+ g=BN_bin2bn(dh2048_g,sizeof(dh2048_g),NULL); -+ if (p == NULL || g == NULL) { -+ BN_free(g); -+ BN_free(p); -+ DH_free(dh); -+ return(NULL); -+ } else -+ DH_set0_pqg(dh, p, NULL, g); -+#else - dh->p=BN_bin2bn(dh2048_p,sizeof(dh2048_p),NULL); - dh->g=BN_bin2bn(dh2048_g,sizeof(dh2048_g),NULL); -- if ((dh->p == NULL) || (dh->g == NULL)) -+ if ((dh->p == NULL) || (dh->g == NULL)) { -+ BN_free(dh->g); -+ BN_free(dh->p); -+ DH_free(dh); - return(NULL); -+ } -+#endif - return(dh); - } - #endif /* NO_DH */ -@@ -1057,13 +1152,13 @@ ssl_display_comp(SSL * ssl) - return; - - #ifndef OPENSSL_NO_COMP /* ifdefs Bernard Spil 12/2015 */ -- if (ssl->expand == NULL || ssl->expand->meth == NULL) -+ if (SSL_get_current_expansion(ssl) == NULL) - #endif /* OPENSSL_NO_COMP */ - printf("Compression: None\r\n"); - - #ifndef OPENSSL_NO_COMP /* ifdefs Bernard Spil 12/2015 */ - else { -- printf("Compression: %s\r\n",ssl->expand->meth->name); -+ printf("Compression: %s\r\n", SSL_COMP_get_name(SSL_get_current_expansion(ssl))); - } - #endif /* OPENSSL_NO_COMP */ - } -@@ -1489,13 +1584,23 @@ the build.\r\n\r\n"); - - #ifdef ZLIB - cm = COMP_zlib(); -+#if OPENSSL_VERSION_NUMBER >= 0x10100005L -+ if (cm != NULL && COMP_get_type(cm) != NID_undef) { -+#else - if (cm != NULL && cm->type != NID_undef) { -+#endif - SSL_COMP_add_compression_method(0xe0, cm); /* EAY's ZLIB ID */ - } - #endif /* ZLIB */ -+#ifdef NID_rle_compression - cm = COMP_rle(); -+#if OPENSSL_VERSION_NUMBER >= 0x10100005L -+ if (cm != NULL && COMP_get_type(cm) != NID_undef) -+#else - if (cm != NULL && cm->type != NID_undef) -+#endif - SSL_COMP_add_compression_method(0xe1, cm); /* EAY's RLE ID */ -+#endif /* NID_rle_compression */ - - /* Ensure the Random number generator has enough entropy */ - if ( !RAND_status() ) { -@@ -2623,7 +2728,11 @@ ssl_anonymous_cipher(ssl) SSL * ssl; - int - ssl_verify_crl(int ok, X509_STORE_CTX *ctx) - { -+#if OPENSSL_VERSION_NUMBER >= 0x10100005L -+ X509_OBJECT *obj; -+#else - X509_OBJECT obj; -+#endif - X509_NAME *subject = NULL; - X509_NAME *issuer = NULL; - X509 *xs = NULL; -@@ -2643,6 +2752,12 @@ ssl_verify_crl(int ok, X509_STORE_CTX *ctx) - if (!crl_store) - return ok; - -+#if OPENSSL_VERSION_NUMBER >= 0x10100005L -+ obj = X509_OBJECT_new(); -+ if (!obj) -+ return(ok); -+#endif -+ - store_ctx = X509_STORE_CTX_new(); - if ( !store_ctx ) - return(ok); -@@ -2689,11 +2804,19 @@ ssl_verify_crl(int ok, X509_STORE_CTX *ctx) - * Try to retrieve a CRL corresponding to the _subject_ of - * the current certificate in order to verify it's integrity. - */ -+#if OPENSSL_VERSION_NUMBER < 0x10100005L - memset((char *)&obj, 0, sizeof(obj)); -+#endif - X509_STORE_CTX_init(store_ctx, crl_store, NULL, NULL); -+#if OPENSSL_VERSION_NUMBER >= 0x10100005L -+ rc = X509_STORE_get_by_subject(store_ctx, X509_LU_CRL, subject, obj); -+ X509_STORE_CTX_cleanup(store_ctx); -+ crl = X509_OBJECT_get0_X509_CRL(obj); -+#else - rc = X509_STORE_get_by_subject(store_ctx, X509_LU_CRL, subject, &obj); - X509_STORE_CTX_cleanup(store_ctx); - crl = obj.data.crl; -+#endif - if (rc > 0 && crl != NULL) { - /* - * Verify the signature on this CRL -@@ -2701,7 +2824,11 @@ ssl_verify_crl(int ok, X509_STORE_CTX *ctx) - if (X509_CRL_verify(crl, X509_get_pubkey(xs)) <= 0) { - fprintf(stderr, "Invalid signature on CRL!\n"); - X509_STORE_CTX_set_error(ctx, X509_V_ERR_CRL_SIGNATURE_FAILURE); -+#if OPENSSL_VERSION_NUMBER >= 0x10100005L -+ X509_OBJECT_free(obj); -+#else - X509_OBJECT_free_contents(&obj); -+#endif - X509_STORE_CTX_free(store_ctx); - return 0; - } -@@ -2714,7 +2841,11 @@ ssl_verify_crl(int ok, X509_STORE_CTX *ctx) - fprintf(stderr, "Found CRL has invalid nextUpdate field.\n"); - X509_STORE_CTX_set_error(ctx, - X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD); -+#if OPENSSL_VERSION_NUMBER >= 0x10100005L -+ X509_OBJECT_free(obj); -+#else - X509_OBJECT_free_contents(&obj); -+#endif - X509_STORE_CTX_free(store_ctx); - return 0; - } -@@ -2723,22 +2854,38 @@ ssl_verify_crl(int ok, X509_STORE_CTX *ctx) - "Found CRL is expired - revoking all certificates until you get updated CRL.\n" - ); - X509_STORE_CTX_set_error(ctx, X509_V_ERR_CRL_HAS_EXPIRED); -+#if OPENSSL_VERSION_NUMBER >= 0x10100005L -+ X509_OBJECT_free(obj); -+#else - X509_OBJECT_free_contents(&obj); -+#endif - X509_STORE_CTX_free(store_ctx); - return 0; - } -+#if OPENSSL_VERSION_NUMBER >= 0x10100005L -+ X509_OBJECT_free(obj); -+#else - X509_OBJECT_free_contents(&obj); -+#endif - } - - /* - * Try to retrieve a CRL corresponding to the _issuer_ of - * the current certificate in order to check for revocation. - */ -+#if OPENSSL_VERSION_NUMBER < 0x10100005L - memset((char *)&obj, 0, sizeof(obj)); -+#endif - X509_STORE_CTX_init(store_ctx, crl_store, NULL, NULL); -+#if OPENSSL_VERSION_NUMBER >= 0x10100005L -+ rc = X509_STORE_get_by_subject(store_ctx, X509_LU_CRL, issuer, obj); -+ X509_STORE_CTX_free(store_ctx); /* calls X509_STORE_CTX_cleanup() */ -+ crl = X509_OBJECT_get0_X509_CRL(obj); -+#else - rc = X509_STORE_get_by_subject(store_ctx, X509_LU_CRL, issuer, &obj); - X509_STORE_CTX_free(store_ctx); /* calls X509_STORE_CTX_cleanup() */ - crl = obj.data.crl; -+#endif - if (rc > 0 && crl != NULL) { - /* - * Check if the current certificate is revoked by this CRL -@@ -2746,19 +2893,34 @@ ssl_verify_crl(int ok, X509_STORE_CTX *ctx) - n = sk_X509_REVOKED_num(X509_CRL_get_REVOKED(crl)); - for (i = 0; i < n; i++) { - revoked = sk_X509_REVOKED_value(X509_CRL_get_REVOKED(crl), i); -+#if OPENSSL_VERSION_NUMBER >= 0x10100005L -+ if (ASN1_INTEGER_cmp(X509_REVOKED_get0_serialNumber(revoked), -+ X509_get_serialNumber(xs)) == 0) { -+ -+ serial = ASN1_INTEGER_get(X509_REVOKED_get0_serialNumber(revoked)); -+#else - if (ASN1_INTEGER_cmp(revoked->serialNumber, - X509_get_serialNumber(xs)) == 0) { - - serial = ASN1_INTEGER_get(revoked->serialNumber); -+#endif - cp = X509_NAME_oneline(issuer, NULL, 0); - free(cp); - - X509_STORE_CTX_set_error(ctx, X509_V_ERR_CERT_REVOKED); -+#if OPENSSL_VERSION_NUMBER >= 0x10100005L -+ X509_OBJECT_free(obj); -+#else - X509_OBJECT_free_contents(&obj); -+#endif - return 0; - } - } -+#if OPENSSL_VERSION_NUMBER >= 0x10100005L -+ X509_OBJECT_free(obj); -+#else - X509_OBJECT_free_contents(&obj); -+#endif - } - return ok; - } -@@ -4399,7 +4561,14 @@ X509_userok(X509 * peer_cert, const char * userid) - if (!(fp = fopen(buf, "r"))) - return 0; - while (!r && (file_cert = PEM_read_X509(fp, NULL, NULL, NULL))) { -+#if OPENSSL_VERSION_NUMBER >= 0x10100005L -+ ASN1_BIT_STRING *peer_cert_sig, *file_cert_sig; -+ X509_get0_signature(&peer_cert_sig, NULL, peer_cert); -+ X509_get0_signature(&file_cert_sig, NULL, file_cert); -+ if (!ASN1_STRING_cmp(peer_cert_sig, file_cert_sig)) -+#else - if (!ASN1_STRING_cmp(peer_cert->signature, file_cert->signature)) -+#endif - r = 1; - X509_free(file_cert); - }