From owner-svn-ports-head@freebsd.org Mon Nov 6 20:33:14 2017 Return-Path: Delivered-To: svn-ports-head@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 3A34AE672BB; Mon, 6 Nov 2017 20:33:14 +0000 (UTC) (envelope-from tobik@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 1667510F2; Mon, 6 Nov 2017 20:33:14 +0000 (UTC) (envelope-from tobik@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id vA6KXDX9087257; Mon, 6 Nov 2017 20:33:13 GMT (envelope-from tobik@FreeBSD.org) Received: (from tobik@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id vA6KXCeE087253; Mon, 6 Nov 2017 20:33:12 GMT (envelope-from tobik@FreeBSD.org) Message-Id: <201711062033.vA6KXCeE087253@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: tobik set sender to tobik@FreeBSD.org using -f From: Tobias Kortkamp Date: Mon, 6 Nov 2017 20:33:12 +0000 (UTC) To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r453645 - in head/security/testssl.sh: . files X-SVN-Group: ports-head X-SVN-Commit-Author: tobik X-SVN-Commit-Paths: in head/security/testssl.sh: . files X-SVN-Commit-Revision: 453645 X-SVN-Commit-Repository: ports MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-ports-head@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: SVN commit messages for the ports tree for head List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 06 Nov 2017 20:33:14 -0000 Author: tobik Date: Mon Nov 6 20:33:12 2017 New Revision: 453645 URL: https://svnweb.freebsd.org/changeset/ports/453645 Log: security/testssl.sh: Use security/openssl-unsafe This greatly simplifies the port and we can stop building our own unsafe openssl version. PR: 223457 Submitted by: brnrd Added: head/security/testssl.sh/files/ head/security/testssl.sh/files/patch-testssl.sh (contents, props changed) Modified: head/security/testssl.sh/Makefile head/security/testssl.sh/distinfo head/security/testssl.sh/pkg-plist Modified: head/security/testssl.sh/Makefile ============================================================================== --- head/security/testssl.sh/Makefile Mon Nov 6 20:29:23 2017 (r453644) +++ head/security/testssl.sh/Makefile Mon Nov 6 20:33:12 2017 (r453645) @@ -3,6 +3,7 @@ PORTNAME= testssl.sh DISTVERSIONPREFIX= v DISTVERSION= 2.9.5-1 +PORTREVISION= 1 CATEGORIES= security MAINTAINER= tobik@FreeBSD.org @@ -11,73 +12,29 @@ COMMENT= Test TLS/SSL encryption anywhere on any port LICENSE= GPLv2 LICENSE_FILE= ${WRKSRC}/LICENSE -RUN_DEPENDS= bash:shells/bash +RUN_DEPENDS= bash:shells/bash \ + ${LOCALBASE}/openssl-unsafe/bin/openssl:security/openssl-unsafe -USES= perl5 shebangfix ssl:build +USES= shebangfix USE_GITHUB= yes GH_ACCOUNT= drwetter -GH_TUPLE= drwetter:openssl-pm-snapshot:a9396aaef81d5c1ed714fc625b593522d25914b1:openssl -USE_PERL5= build +NO_BUILD= yes + SHEBANG_FILES= testssl.sh utils/* -# We deliberately want to build an OpenSSL binary with the most -# insecure and obsolete ciphers available for testing purposes! See -# ${WRKSRC_testssl}/bin/Readme.md and utils/make-openssl.sh for more -# details. -HAS_CONFIGURE= yes -CONFIGURE_ARGS= --openssldir=${OPENSSLDIR} \ - enable-zlib \ - enable-ssl2 \ - enable-ssl3 \ - enable-ssl-trace \ - enable-rc5 \ - enable-rc2 \ - enable-gost \ - enable-cms \ - enable-md2 \ - enable-mdc2 \ - enable-ec \ - enable-ec2m \ - enable-ecdh \ - enable-ecdsa \ - enable-seed \ - enable-camellia \ - enable-idea \ - enable-rfc3779 \ - experimental-jpake \ - -DOPENSSL_USE_IPV6 -CONFIGURE_ENV= PERL="${PERL}" -CONFIGURE_SCRIPT= config - -BUILD_WRKSRC= ${WRKSRC_openssl} -CONFIGURE_WRKSRC= ${WRKSRC_openssl} - -# The build randomly fails sometimes when building in parallel for -# unknown reasons. -MAKE_JOBS_UNSAFE= yes - -.include - -.if ${ARCH} == "amd64" -CONFIGURE_ARGS+= enable-ec_nistp_64_gcc_128 -.else -CONFIGURE_ARGS+= no-ec_nistp_64_gcc_128 -.endif - post-patch: @${REINPLACE_CMD} -e '/elif test_openssl_suffix/d' \ - -e 's@: \# 5. we tried.*$$@else OPENSSL="${PREFIX}/libexec/openssl.testssl.sh"@' \ + -e 's@OPENSSL=PREFIX@OPENSSL=${PREFIX}@' \ -e 's@$${TESTSSL_INSTALL_DIR:-""}@$${TESTSSL_INSTALL_DIR:-"${DATADIR}"}@' \ -e '/check_bsd_mount$$/d' \ ${WRKSRC}/testssl.sh do-install: - ${INSTALL_PROGRAM} ${WRKSRC_openssl}/apps/openssl ${STAGEDIR}${PREFIX}/libexec/openssl.testssl.sh ${INSTALL_SCRIPT} ${WRKSRC}/testssl.sh ${STAGEDIR}${PREFIX}/bin ${INSTALL_MAN} ${WRKSRC}/doc/testssl.1 ${STAGEDIR}${MAN1PREFIX}/man/man1 @${MKDIR} ${STAGEDIR}${DATADIR}/etc ${STAGEDIR}${DATADIR}/utils @cd ${WRKSRC}/etc && ${COPYTREE_SHARE} . ${STAGEDIR}${DATADIR}/etc @cd ${WRKSRC}/utils && ${COPYTREE_SHARE} . ${STAGEDIR}${DATADIR}/utils -.include +.include Modified: head/security/testssl.sh/distinfo ============================================================================== --- head/security/testssl.sh/distinfo Mon Nov 6 20:29:23 2017 (r453644) +++ head/security/testssl.sh/distinfo Mon Nov 6 20:33:12 2017 (r453645) @@ -1,5 +1,3 @@ -TIMESTAMP = 1505985513 +TIMESTAMP = 1509917288 SHA256 (drwetter-testssl.sh-v2.9.5-1_GH0.tar.gz) = 505ba9400e1a49759ba84d0cf6ae79f3787f111c64a319094de69635b786c72a SIZE (drwetter-testssl.sh-v2.9.5-1_GH0.tar.gz) = 8955528 -SHA256 (drwetter-openssl-pm-snapshot-a9396aaef81d5c1ed714fc625b593522d25914b1_GH0.tar.gz) = 798230c8dc8d7723fff5f6687b1150a3165254eb65c4f6875b7b6b66a53f9c47 -SIZE (drwetter-openssl-pm-snapshot-a9396aaef81d5c1ed714fc625b593522d25914b1_GH0.tar.gz) = 5491000 Added: head/security/testssl.sh/files/patch-testssl.sh ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/security/testssl.sh/files/patch-testssl.sh Mon Nov 6 20:33:12 2017 (r453645) @@ -0,0 +1,12 @@ +--- testssl.sh.orig 2017-11-05 21:50:58 UTC ++++ testssl.sh +@@ -164,6 +164,9 @@ TERM_CURRPOS=0 + ## CONFIGURATION PART ## + # following variables make use of $ENV, e.g. OPENSSL= ./testssl.sh + # 0 means (normally) true here. Some of the variables are also accessible with a command line switch, see --help ++if [[ -z "$OPENSSL" ]] ; then ++ OPENSSL=PREFIX/openssl-unsafe/bin/openssl ++fi + declare -x OPENSSL OPENSSL_TIMEOUT + FAST_SOCKET=${FAST_SOCKET:-false} # EXPERIMENTAL feature to accelerate sockets -- DO NOT USE it for production + COLOR=${COLOR:-2} # 2: Full color, 1: b/w+positioning, 0: no ESC at all Modified: head/security/testssl.sh/pkg-plist ============================================================================== --- head/security/testssl.sh/pkg-plist Mon Nov 6 20:29:23 2017 (r453644) +++ head/security/testssl.sh/pkg-plist Mon Nov 6 20:33:12 2017 (r453645) @@ -1,5 +1,4 @@ bin/testssl.sh -libexec/openssl.testssl.sh man/man1/testssl.1.gz %%DATADIR%%/etc/Apple.pem %%DATADIR%%/etc/ca_hashes.txt