aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorRaphael Kubo da Costa <rakuco@FreeBSD.org>2016-08-22 10:27:00 +0000
committerRaphael Kubo da Costa <rakuco@FreeBSD.org>2016-08-22 10:27:00 +0000
commitf191df747ed8566b751eabf82c8234f2144b4400 (patch)
treed64470f4f8ff1c365d50000f5f3605293f2e30aa
parent5d651255d44b8acb3b263199dfdf0e147714eb7d (diff)
downloadports-f191df747ed8566b751eabf82c8234f2144b4400.tar.gz
ports-f191df747ed8566b751eabf82c8234f2144b4400.zip
MFH: r417968 r418048 r420303
devel/qca: Fix building without SSLv3 and SHA-0 - Add 2 patches from upstream project - Fix building when libssl does not have SSLv3 - Fix building when libcrypto does not have SHA-0 - Replace USE_OPENSSL with USES= ssl - Rework files/patch-libressl with `make makepatch` Tested with devel/qca and devel/qca-qt5 PR: 210053 Approved by: Maintainer time-out Obtained from: KDE Differential Revision: D6885 devel/qca: Fix build failure on 9.3 / OpenSSL 0.9.7 - Re-add patch for compression to satisfy 0.9.7 PR: 210053 Adjust the SHA0 removal patch. The upstream fix was still returning "sha0" in all_hash_types() even when SHA0 support is not present. The fix has also been submitted upstream. PR: 211833 Submitted by: matthew@reztek.cz Approved by: ports-secteam (junovitch)
Notes
Notes: svn path=/branches/2016Q3/; revision=420596
-rw-r--r--devel/qca/Makefile3
-rw-r--r--devel/qca/files/patch-libressl15
-rw-r--r--devel/qca/files/patch-plugins_qca-ossl_CMakeLists.txt28
-rw-r--r--devel/qca/files/patch-plugins_qca-ossl_qca-ossl.cpp73
4 files changed, 103 insertions, 16 deletions
diff --git a/devel/qca/Makefile b/devel/qca/Makefile
index 447226a5617c..544c6e592419 100644
--- a/devel/qca/Makefile
+++ b/devel/qca/Makefile
@@ -3,6 +3,7 @@
PORTNAME= qca
PORTVERSION= 2.1.1
+PORTREVISION= 1
CATEGORIES= devel
MASTER_SITES= KDE/stable/qca/${PORTVERSION}/src
@@ -38,7 +39,7 @@ GNUPG_CMAKE_ON= -DWITH_gnupg_PLUGIN=yes
GNUPG_RUN_DEPENDS= gpg2:security/gnupg
OPENSSL_CMAKE_ON= -DWITH_ossl_PLUGIN=yes
-OPENSSL_USE= OPENSSL=yes
+OPENSSL_USES= ssl
SASL_CMAKE_ON= -DWITH_cyrus-sasl_PLUGIN=yes
SASL_LIB_DEPENDS= libsasl2.so:security/cyrus-sasl2
diff --git a/devel/qca/files/patch-libressl b/devel/qca/files/patch-libressl
deleted file mode 100644
index 2edf422f1d72..000000000000
--- a/devel/qca/files/patch-libressl
+++ /dev/null
@@ -1,15 +0,0 @@
---- plugins/qca-ossl/qca-ossl.cpp.orig 2015-10-02 09:39:21 UTC
-+++ plugins/qca-ossl/qca-ossl.cpp
-@@ -5805,7 +5805,11 @@ public:
- {
- SessionInfo sessInfo;
-
-- sessInfo.isCompressed = (0 != SSL_SESSION_get_compress_id(ssl->session));
-+#ifndef OPENSSL_NO_COMP
-+ sessInfo.isCompressed = (0 != ssl->session->compress_meth);
-+#else
-+ sessInfo.isCompressed = 0;
-+#endif
-
- if (ssl->version == TLS1_VERSION)
- sessInfo.version = TLS::TLS_v1;
diff --git a/devel/qca/files/patch-plugins_qca-ossl_CMakeLists.txt b/devel/qca/files/patch-plugins_qca-ossl_CMakeLists.txt
new file mode 100644
index 000000000000..8e9ecf0c4f86
--- /dev/null
+++ b/devel/qca/files/patch-plugins_qca-ossl_CMakeLists.txt
@@ -0,0 +1,28 @@
+qca-ossl: Fix build without support for SHA-0
+https://quickgit.kde.org/?p=qca.git&a=commit&h=0dbed8eb38afd1561907a52283091c37e7b85156
+
+LibreSSL >= 2.3.0 removed support for SHA-0, so there's no EVP_sha
+anymore.
+Wikipedia says about SHA-0: "160-bit hash function published in 1993
+under the name SHA. It was withdrawn shortly after publication due to
+an undisclosed "significant flaw" and replaced by the slightly revised
+version SHA-1.'
+
+REVIEW: 125387
+
+--- plugins/qca-ossl/CMakeLists.txt.orig
++++ plugins/qca-ossl/CMakeLists.txt
+@@ -24,6 +24,13 @@
+ else(HAVE_OPENSSL_AES_CTR)
+ message(WARNING "qca-ossl will be compiled without AES CTR mode encryption support")
+ endif(HAVE_OPENSSL_AES_CTR)
++
++ check_function_exists(EVP_sha HAVE_OPENSSL_SHA0)
++ if(HAVE_OPENSSL_SHA0)
++ add_definitions(-DHAVE_OPENSSL_SHA0)
++ else(HAVE_OPENSSL_SHA0)
++ message(WARNING "qca-ossl will be compiled without SHA-0 digest algorithm support")
++ endif(HAVE_OPENSSL_SHA0)
+
+ set(QCA_OSSL_SOURCES qca-ossl.cpp)
+
diff --git a/devel/qca/files/patch-plugins_qca-ossl_qca-ossl.cpp b/devel/qca/files/patch-plugins_qca-ossl_qca-ossl.cpp
new file mode 100644
index 000000000000..ee560f195ef5
--- /dev/null
+++ b/devel/qca/files/patch-plugins_qca-ossl_qca-ossl.cpp
@@ -0,0 +1,73 @@
+qca-ossl: Fix build without SSLv3
+http://quickgit.kde.org/?p=qca.git&a=commit&h=20a587d77636186edb044cd2b71d6d90fe98d232
+
+This fixes building with LibreSSL >= 2.3.0 which has removed support
+for SSLv3 completely. As far as I know OpenSSL can be configured to
+build without it, so it might be helpful there as well.
+
+REVIEW: 125386
+
+qca-ossl: Fix build without support for SHA-0
+https://quickgit.kde.org/?p=qca.git&a=commit&h=0dbed8eb38afd1561907a52283091c37e7b85156
+
+LibreSSL >= 2.3.0 removed support for SHA-0, so there's no EVP_sha
+anymore.
+Wikipedia says about SHA-0: "160-bit hash function published in 1993
+under the name SHA. It was withdrawn shortly after publication due to
+an undisclosed "significant flaw" and replaced by the slightly revised
+version SHA-1.'
+
+REVIEW: 125387
+
+Also includes:
+qca-ossl: Remove SHA0 from all_hash_types() when it is not available.
+https://git.reviewboard.kde.org/r/128700/
+
+--- plugins/qca-ossl/qca-ossl.cpp.orig 2015-10-02 09:39:21 UTC
++++ plugins/qca-ossl/qca-ossl.cpp
+@@ -5403,9 +5403,11 @@ public:
+ ctx = SSL_CTX_new(SSLv2_client_method());
+ break;
+ #endif
++#ifndef OPENSSL_NO_SSL3_METHOD
+ case TLS::SSL_v3:
+ ctx = SSL_CTX_new(SSLv3_client_method());
+ break;
++#endif
+ case TLS::TLS_v1:
+ ctx = SSL_CTX_new(TLSv1_client_method());
+ break;
+@@ -5805,7 +5807,11 @@ public:
+ {
+ SessionInfo sessInfo;
+
+- sessInfo.isCompressed = (0 != SSL_SESSION_get_compress_id(ssl->session));
++#ifndef OPENSSL_NO_COMP
++ sessInfo.isCompressed = (0 != ssl->session->compress_meth);
++#else
++ sessInfo.isCompressed = 0;
++#endif
+
+ if (ssl->version == TLS1_VERSION)
+ sessInfo.version = TLS::TLS_v1;
+@@ -6880,7 +6886,9 @@ static QStringList all_hash_types()
+ {
+ QStringList list;
+ list += "sha1";
++#ifdef HAVE_OPENSSL_SHA0
+ list += "sha0";
++#endif
+ list += "ripemd160";
+ #ifdef HAVE_OPENSSL_MD2
+ list += "md2";
+@@ -7133,8 +7141,10 @@ public:
+ return new opensslInfoContext(this);
+ else if ( type == "sha1" )
+ return new opensslHashContext( EVP_sha1(), this, type);
++#ifdef HAVE_OPENSSL_SHA0
+ else if ( type == "sha0" )
+ return new opensslHashContext( EVP_sha(), this, type);
++#endif
+ else if ( type == "ripemd160" )
+ return new opensslHashContext( EVP_ripemd160(), this, type);
+ #ifdef HAVE_OPENSSL_MD2