From f0a68f6868f5dc797a042bc76b40acc9af42c1a2 Mon Sep 17 00:00:00 2001 From: Michael Gmelin Date: Wed, 16 Sep 2015 23:38:56 +0000 Subject: Support building against LibreSSL and OpenSSL from ports. Also fixes building against iconv from ports. PR: 203163 Approved by: mentors (implicit) --- devel/ice/Makefile | 19 +++-- devel/ice/files/Make.rules.FreeBSD | 4 +- devel/ice/files/patch-cpp-config-Make.rules | 26 ++++++- devel/ice/files/patch-cpp-src-IceSSL-Makefile | 11 +++ .../files/patch-cpp-src-IceSSL-OpenSSLEngine.cpp | 12 ++++ ...atch-cpp-test-IceSSL-configuration-AllTests.cpp | 82 ++++++++++++++++++++-- .../patch-cpp-test-IceSSL-configuration-run.py | 21 +++++- 7 files changed, 162 insertions(+), 13 deletions(-) create mode 100644 devel/ice/files/patch-cpp-src-IceSSL-Makefile create mode 100644 devel/ice/files/patch-cpp-src-IceSSL-OpenSSLEngine.cpp (limited to 'devel') diff --git a/devel/ice/Makefile b/devel/ice/Makefile index fe1b74a17576..71a8c8d5043d 100644 --- a/devel/ice/Makefile +++ b/devel/ice/Makefile @@ -3,6 +3,7 @@ PORTNAME= Ice PORTVERSION= 3.6.0 +PORTREVISION= 1 DISTVERSIONPREFIX= v CATEGORIES= devel @@ -102,29 +103,37 @@ post-patch: s|%%DOCSDIR%%|${STAGEDIR}${DOCSDIR}|g; \ s|%%ICONV_LIB%%|${ICONV_LIB}|g; \ s|%%INSTALL_PROGRAM%%|${INSTALL_PROGRAM}|g; \ - s|%%INSTALL_DATA%%|${INSTALL_DATA}|g' \ + s|%%INSTALL_DATA%%|${INSTALL_DATA}|g; \ + s|%%OPENSSLLIB%%|${OPENSSLLIB}|g; \ + s|%%OPENSSLINC%%|${OPENSSLINC}|g; \ + s|%%OPENSSLRPATH%%|${OPENSSLRPATH}|g;' \ ${FILESDIR}/Make.rules.FreeBSD > ${WRKSRC}/cpp/config/Make.rules.FreeBSD @${REINPLACE_CMD} 's|%%BDB_LIB_CXX_NAME%%|${BDB_LIB_CXX_NAME}|g; \ s|%%BDB_LIB_DIR%%|${BDB_LIB_DIR}|g; \ s|%%BDB_INCLUDE_DIR%%|${BDB_INCLUDE_DIR}|g; \ + s|%%OPENSSLLIB%%|${OPENSSLLIB}|g; \ + s|%%OPENSSLINC%%|${OPENSSLINC}|g; \ + s|%%OPENSSLRPATH%%|${OPENSSLRPATH}|g; \ /install_docdir/d' \ ${WRKSRC}/cpp/config/Make.rules + @${REINPLACE_CMD} 's|%%OPENSSLBASE%%|${OPENSSLBASE}|g;' \ + ${WRKSRC}/cpp/test/IceSSL/configuration/run.py @${REINPLACE_CMD} '/install_configdir/d' \ ${WRKSRC}/cpp/config/Make.rules @${REINPLACE_CMD} '/LICENSE/s/prefix/install_slicedir/; \ - s|%%INSTALL_PROGRAM%%|${INSTALL_PROGRAM}|g; ' \ + s|%%INSTALL_PROGRAM%%|${INSTALL_PROGRAM}|g;' \ ${WRKSRC}/config/Make.common.rules @${REINPLACE_CMD} 's|%%INSTALL_PROGRAM%%|${INSTALL_PROGRAM}|g; \ s|%%INSTALL_DATA%%|${INSTALL_DATA}|g; \ s|%%ICONV_LIB%%|${ICONV_LIB}|g; \ s|%%PYTHON_CMD%%|${PYTHON_CMD}|g; \ s|%%PYTHON_SITELIBDIR%%|${STAGEDIR}${PYSITEDIR}|g; \ - s|%%PREFIX%%|${PREFIX}|g ; \ + s|%%PREFIX%%|${PREFIX}|g; \ s|%%LOCALBASE%%|${LOCALBASE}|g' ${WRKSRC}/python/config/Make.rules @${REINPLACE_CMD} 's|%%INSTALL_PROGRAM%%|${INSTALL_PROGRAM}|g; \ s|%%INSTALL_DATA%%|${INSTALL_DATA}|g; \ - s|%%PREFIX%%|${PREFIX}|g ; \ - s|%%LOCALBASE%%|${LOCALBASE}|g' ${WRKSRC}/php/config/Make.rules.php + s|%%PREFIX%%|${PREFIX}|g; \ + s|%%LOCALBASE%%|${LOCALBASE}|g;' ${WRKSRC}/php/config/Make.rules.php .if ${PORT_OPTIONS:MTESTS} TEST_CMD= @cd ${BUILD_WRKSRC} && ${PYTHON_CMD} ./allTests.py diff --git a/devel/ice/files/Make.rules.FreeBSD b/devel/ice/files/Make.rules.FreeBSD index 16d76071633a..0ae319159239 100644 --- a/devel/ice/files/Make.rules.FreeBSD +++ b/devel/ice/files/Make.rules.FreeBSD @@ -4,7 +4,8 @@ BASELIBS = -lIceUtil -pthread -L$(LOCALBASE)/lib %%ICONV_LIB%% LIBS = -lIce $(BASELIBS) CRYPT_OS_LIBS = -lcrypt -ICEUTIL_OS_LIBS = -pthread -lcrypto +ICEUTIL_OS_LIBS = -pthread $(OPENSSL_RPATH_LINK) -L%%OPENSSLLIB%% -lcrypto +ICEUTIL_FLAGS += $(OPENSSL_FLAGS) PLATFORM_HAS_READLINE := yes @@ -20,3 +21,4 @@ INSTALL = %%INSTALL_DATA%% INSTALL_PROGRAM = %%INSTALL_PROGRAM%% MCPP_HOME = $(LOCALBASE) override DESTDIR = +rpathlink = -Wl,-rpath,$(1) diff --git a/devel/ice/files/patch-cpp-config-Make.rules b/devel/ice/files/patch-cpp-config-Make.rules index c847920962dc..c1c762935266 100644 --- a/devel/ice/files/patch-cpp-config-Make.rules +++ b/devel/ice/files/patch-cpp-config-Make.rules @@ -1,5 +1,20 @@ --- cpp/config/Make.rules.orig 2015-06-23 15:30:20.000000000 +0000 -+++ cpp/config/Make.rules 2015-06-27 10:26:42.692387147 +0000 ++++ cpp/config/Make.rules 2015-09-14 21:31:28.253993994 +0000 +@@ -203,11 +201,11 @@ + ICEUTIL_FLAGS = -DICE_PRIO_INHERIT + endif + +-OPENSSL_FLAGS += $(if $(OPENSSL_HOME),-I$(OPENSSL_HOME)/include) ++OPENSSL_FLAGS += -I%%OPENSSLINC%% + ifeq ($(OPENSSL_LIBS),) +- OPENSSL_LIBS = $(if $(OPENSSL_HOME),-L$(OPENSSL_HOME)/$(libsubdir)) -lssl -lcrypto ++ OPENSSL_LIBS = -L%%OPENSSLLIB%% -lssl -lcrypto + endif +-OPENSSL_RPATH_LINK = $(if $(OPENSSL_HOME),$(call rpathlink,$(OPENSSL_HOME)/$(libsubdir))) ++OPENSSL_RPATH_LINK = $(if %%OPENSSLRPATH%%,$(call rpathlink,%%OPENSSLRPATH%%)) + + ifeq ($(SSL_OS_LIBS),) + SSL_OS_LIBS = $(OPENSSL_LIBS) @@ -240,7 +240,9 @@ DB_FLAGS = -I/usr/local/include/db53 DB_LIBS = -L/usr/local/$(libsubdir)/db53 -ldb_cxx @@ -11,3 +26,12 @@ endif endif endif +@@ -381,7 +381,7 @@ + .cpp.o: + $(CXX) -c $(CPPFLAGS) $(CXXFLAGS) $< + @mkdir -p .depend +- @$(CXX) -DMAKEDEPEND -MM $(CPPFLAGS) $< > .depend/$(*F).d ++ @$(CXX) -DMAKEDEPEND -MM $(CPPFLAGS) $(CXXFLAGS) $< > .depend/$(*F).d + + .c.o: + $(CC) -c $(CPPFLAGS) $(CFLAGS) $< diff --git a/devel/ice/files/patch-cpp-src-IceSSL-Makefile b/devel/ice/files/patch-cpp-src-IceSSL-Makefile new file mode 100644 index 000000000000..a43a202ba7be --- /dev/null +++ b/devel/ice/files/patch-cpp-src-IceSSL-Makefile @@ -0,0 +1,11 @@ +--- cpp/src/IceSSL/Makefile.orig 2015-09-14 22:49:55.236652991 +0000 ++++ cpp/src/IceSSL/Makefile 2015-09-14 22:50:11.419995991 +0000 +@@ -55,7 +55,7 @@ + CPPFLAGS := -I.. $(CPPFLAGS) -DICE_SSL_API_EXPORTS $(OPENSSL_FLAGS) + SLICE2CPPFLAGS := --ice --include-dir IceSSL --dll-export ICE_SSL_API $(SLICE2CPPFLAGS) + +-LINKWITH := $(BZIP2_RPATH_LINK) -lIce -lIceUtil $(SSL_OS_LIBS) $(CXXLIBS) ++LINKWITH := $(BZIP2_RPATH_LINK) -lIce -lIceUtil $(OPENSSL_RPATH_LINK) $(SSL_OS_LIBS) $(CXXLIBS) + + ifeq ($(STATICLIBS),yes) + $(libdir)/$(LIBNAME): $(OBJS) diff --git a/devel/ice/files/patch-cpp-src-IceSSL-OpenSSLEngine.cpp b/devel/ice/files/patch-cpp-src-IceSSL-OpenSSLEngine.cpp new file mode 100644 index 000000000000..a239d042f9e3 --- /dev/null +++ b/devel/ice/files/patch-cpp-src-IceSSL-OpenSSLEngine.cpp @@ -0,0 +1,12 @@ +--- cpp/src/IceSSL/OpenSSLEngine.cpp.orig 2015-09-14 23:12:17.842563990 +0000 ++++ cpp/src/IceSSL/OpenSSLEngine.cpp 2015-09-14 23:13:21.929560990 +0000 +@@ -267,7 +267,9 @@ + string entropyDaemon = properties->getProperty("IceSSL.EntropyDaemon"); + if(!entropyDaemon.empty()) + { ++# ifndef OPENSSL_NO_EGD + if(RAND_egd(entropyDaemon.c_str()) <= 0) ++# endif + { + throw PluginInitializationException(__FILE__, __LINE__, + "IceSSL: EGD failure using file " + entropyDaemon); diff --git a/devel/ice/files/patch-cpp-test-IceSSL-configuration-AllTests.cpp b/devel/ice/files/patch-cpp-test-IceSSL-configuration-AllTests.cpp index 8e5db73754d3..b7c516dba6cc 100644 --- a/devel/ice/files/patch-cpp-test-IceSSL-configuration-AllTests.cpp +++ b/devel/ice/files/patch-cpp-test-IceSSL-configuration-AllTests.cpp @@ -1,6 +1,80 @@ ---- cpp/test/IceSSL/configuration/AllTests.cpp.orig 2015-06-27 18:39:22.443351407 +0000 -+++ cpp/test/IceSSL/configuration/AllTests.cpp 2015-06-27 18:40:30.619349872 +0000 -@@ -3164,6 +3164,7 @@ +--- cpp/test/IceSSL/configuration/AllTests.cpp.orig 2015-06-23 15:30:20.000000000 +0000 ++++ cpp/test/IceSSL/configuration/AllTests.cpp 2015-09-15 00:15:34.865304987 +0000 +@@ -7,6 +7,7 @@ + // + // ********************************************************************** + ++#include + #include + #include + #include +@@ -1292,14 +1293,22 @@ + InitializationData initData; + initData.properties = createClientProps(defaultProps, defaultDir, defaultHost, p12, "c_rsa_ca1", "cacert1"); + initData.properties->setProperty("IceSSL.VerifyPeer", "0"); ++# ifdef SSL_TXT_TLSV1_1 ++ initData.properties->setProperty("IceSSL.Protocols", "tlsv1_1"); ++# else + initData.properties->setProperty("IceSSL.Protocols", "ssl3"); ++# endif + CommunicatorPtr comm = initialize(initData); + + Test::ServerFactoryPrx fact = Test::ServerFactoryPrx::checkedCast(comm->stringToProxy(factoryRef)); + test(fact); + Test::Properties d = createServerProps(defaultProps, defaultDir, defaultHost, p12, "s_rsa_ca1", "cacert1"); + d["IceSSL.VerifyPeer"] = "0"; ++# ifdef SSL_TXT_TLSV1_1 ++ d["IceSSL.Protocols"] = "tlsv1_0"; ++# else + d["IceSSL.Protocols"] = "tls"; ++# endif + Test::ServerPrx server = fact->createServer(d); + try + { +@@ -1329,7 +1340,11 @@ + test(fact); + d = createServerProps(defaultProps, defaultDir, defaultHost, p12, "s_rsa_ca1", "cacert1"); + d["IceSSL.VerifyPeer"] = "0"; ++# ifdef SSL_TXT_TLSV1_1 ++ d["IceSSL.Protocols"] = "tlsv1_1, tlsv1_0"; ++# else + d["IceSSL.Protocols"] = "tls, ssl3"; ++# endif + server = fact->createServer(d); + try + { +@@ -1351,6 +1362,7 @@ + InitializationData initData; + initData.properties = createClientProps(defaultProps, defaultDir, defaultHost, p12, "c_rsa_ca1", "cacert1"); + initData.properties->setProperty("IceSSL.VerifyPeer", "0"); ++ // on modern openssl this simply fails as ssl3 is not supported by the client + initData.properties->setProperty("IceSSL.Protocols", "ssl3"); + CommunicatorPtr comm = initialize(initData); + +@@ -1386,14 +1398,22 @@ + { + InitializationData initData; + initData.properties = createClientProps(defaultProps, defaultDir, defaultHost, p12, "", "cacert1"); ++# ifdef SSL_TXT_TLSV1_1 ++ initData.properties->setProperty("IceSSL.Protocols", "tlsv1_1"); ++# else + initData.properties->setProperty("IceSSL.Protocols", "ssl3"); ++# endif + CommunicatorPtr comm = initialize(initData); + + Test::ServerFactoryPrx fact = Test::ServerFactoryPrx::checkedCast(comm->stringToProxy(factoryRef)); + test(fact); + Test::Properties d = createServerProps(defaultProps, defaultDir, defaultHost, p12, "s_rsa_ca1", ""); + d["IceSSL.VerifyPeer"] = "0"; ++# ifdef SSL_TXT_TLSV1_1 ++ d["IceSSL.Protocols"] = "tls, tls1_1, tls1_2"; ++# else + d["IceSSL.Protocols"] = "ssl3, tls, tls1_1, tls1_2"; ++# endif + Test::ServerPrx server = fact->createServer(d); + try + { +@@ -3164,6 +3184,7 @@ #endif } @@ -8,7 +82,7 @@ cout << "testing system CAs... " << flush; { InitializationData initData; -@@ -3208,6 +3209,7 @@ +@@ -3208,6 +3229,7 @@ comm->destroy(); } cout << "ok" << endl; diff --git a/devel/ice/files/patch-cpp-test-IceSSL-configuration-run.py b/devel/ice/files/patch-cpp-test-IceSSL-configuration-run.py index 986c70fc845a..af0c8928de73 100644 --- a/devel/ice/files/patch-cpp-test-IceSSL-configuration-run.py +++ b/devel/ice/files/patch-cpp-test-IceSSL-configuration-run.py @@ -1,5 +1,14 @@ ---- cpp/test/IceSSL/configuration/run.py.orig 2015-06-27 13:03:48.260735765 +0000 -+++ cpp/test/IceSSL/configuration/run.py 2015-06-27 13:03:54.559736750 +0000 +--- cpp/test/IceSSL/configuration/run.py.orig 2015-06-23 15:30:20.000000000 +0000 ++++ cpp/test/IceSSL/configuration/run.py 2015-09-16 18:16:01.933879982 +0000 +@@ -33,7 +33,7 @@ + elif TestUtil.isLinux(): + for c in ["cacert1.pem", "cacert2.pem"]: + pem = os.path.join(certsPath, c) +- os.system("rm -f {dir}/`openssl x509 -subject_hash -noout -in {pem}`.0".format(pem=pem, dir=certsPath)) ++ os.system("rm -f {dir}/`%%OPENSSLBASE%%/bin/openssl x509 -subject_hash -noout -in {pem}`.0".format(pem=pem, dir=certsPath)) + + cleanup() + atexit.register(cleanup) @@ -43,7 +43,7 @@ os.system("security create-keychain -p password %s" % keychainPath) for cert in ["s_rsa_ca1.p12", "c_rsa_ca1.p12"]: @@ -9,3 +18,11 @@ # # Create copies of the CA certificates named after the subject # hash. This is used by the tests to find the CA certificates in +@@ -51,6 +51,6 @@ + # + for c in ["cacert1.pem", "cacert2.pem"]: + pem = os.path.join(certsPath, c) +- os.system("cp {pem} {dir}/`openssl x509 -subject_hash -noout -in {pem}`.0".format(pem=pem, dir=certsPath)) ++ os.system("cp {pem} {dir}/`%%OPENSSLBASE%%/bin/openssl x509 -subject_hash -noout -in {pem}`.0".format(pem=pem, dir=certsPath)) + + TestUtil.clientServerTest(additionalClientOptions = '"%s"' % os.getcwd()) -- cgit v1.2.3