Skip site navigation (1)Skip section navigation (2) 
Date:      Sat, 1 Jul 2023 13:25:28 GMT
From:      Dirk Meyer <dinoex@FreeBSD.org>
To:        ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-main@FreeBSD.org
Subject:   git: 1c9f850369e7 - main - ftp/vsftpd: fix build with openssl30
Message-ID:  <202307011325.361DPSPH070943@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help 
The branch main has been updated by dinoex:

URL: https://cgit.FreeBSD.org/ports/commit/?id=1c9f850369e7dc17b7f0dd692f95f80989d58a3a

commit 1c9f850369e7dc17b7f0dd692f95f80989d58a3a
Author:     Dirk Meyer <dinoex@FreeBSD.org>
AuthorDate: 2023-07-01 13:24:45 +0000
Commit:     Dirk Meyer <dinoex@FreeBSD.org>
CommitDate: 2023-07-01 13:24:45 +0000

    ftp/vsftpd: fix build with openssl30
---
 ftp/vsftpd/Makefile          |  3 +--
 ftp/vsftpd/files/patch-ssl.c | 18 +++++++++++++++++-
 2 files changed, 18 insertions(+), 3 deletions(-)

diff --git a/ftp/vsftpd/Makefile b/ftp/vsftpd/Makefile
index 51aa1d50cb5f..0da3fa86f3b4 100644
--- a/ftp/vsftpd/Makefile
+++ b/ftp/vsftpd/Makefile
@@ -35,10 +35,9 @@ STACKPROTECTOR_DESC=	Build with stack-protector
 
 .if ${PORT_OPTIONS:MVSFTPD_SSL} && !defined(WITHOUT_SSL)
 USES+=		ssl
-BROKEN_SSL=	openssl30 openssl31
-BROKEN_SSL_REASON=	Requires OpenSSL 3.0.0 deprecated EC_* routines
 SSL_SUFFIX=	-ssl
 CFLAGS+=	-I${OPENSSLINC}
+CFLAGS+=	-Wno-deprecated-declarations
 LDFLAGS+=	-L${OPENSSLLIB}
 .endif
 
diff --git a/ftp/vsftpd/files/patch-ssl.c b/ftp/vsftpd/files/patch-ssl.c
index 5ff044dab8d5..3b8f49288292 100644
--- a/ftp/vsftpd/files/patch-ssl.c
+++ b/ftp/vsftpd/files/patch-ssl.c
@@ -26,7 +26,23 @@
      SSL_CTX_set_options(p_ctx, options);
      if (tunable_rsa_cert_file)
      {
-@@ -683,7 +685,7 @@ ssl_cert_digest(SSL* p_ssl, struct vsf_session* p_sess
+@@ -139,6 +141,7 @@ ssl_init(struct vsf_session* p_sess)
+     {
+       die("SSL: RNG is not seeded");
+     }
++#if OPENSSL_VERSION_NUMBER < 0x10200000L
+     {
+       EC_KEY* key = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1);
+       if (key == NULL)
+@@ -148,6 +151,7 @@ ssl_init(struct vsf_session* p_sess)
+       SSL_CTX_set_tmp_ecdh(p_ctx, key);
+       EC_KEY_free(key);
+     }
++#endif
+     if (tunable_ssl_request_cert)
+     {
+       verify_option |= SSL_VERIFY_PEER;
+@@ -683,7 +687,7 @@ ssl_cert_digest(SSL* p_ssl, struct vsf_session* p_sess
  }
  
  static char*

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202307011325.361DPSPH070943>