svn commit: r420596 - in branches/2016Q3/devel/qca: . files
Raphael Kubo da Costa
rakuco at FreeBSD.org
Mon Aug 22 10:27:02 UTC 2016
Author: rakuco
Date: Mon Aug 22 10:27:00 2016
New Revision: 420596
URL: https://svnweb.freebsd.org/changeset/ports/420596
Log:
MFH: r417968 r418048 r420303
devel/qca: Fix building without SSLv3 and SHA-0
- Add 2 patches from upstream project
- Fix building when libssl does not have SSLv3
- Fix building when libcrypto does not have SHA-0
- Replace USE_OPENSSL with USES= ssl
- Rework files/patch-libressl with `make makepatch`
Tested with devel/qca and devel/qca-qt5
PR: 210053
Approved by: Maintainer time-out
Obtained from: KDE
Differential Revision: D6885
devel/qca: Fix build failure on 9.3 / OpenSSL 0.9.7
- Re-add patch for compression to satisfy 0.9.7
PR: 210053
Adjust the SHA0 removal patch.
The upstream fix was still returning "sha0" in all_hash_types() even when SHA0
support is not present. The fix has also been submitted upstream.
PR: 211833
Submitted by: matthew at reztek.cz
Approved by: ports-secteam (junovitch)
Added:
branches/2016Q3/devel/qca/files/patch-plugins_qca-ossl_CMakeLists.txt
- copied unchanged from r417968, head/devel/qca/files/patch-plugins_qca-ossl_CMakeLists.txt
branches/2016Q3/devel/qca/files/patch-plugins_qca-ossl_qca-ossl.cpp
- copied, changed from r417968, head/devel/qca/files/patch-plugins_qca-ossl_qca-ossl.cpp
Deleted:
branches/2016Q3/devel/qca/files/patch-libressl
Modified:
branches/2016Q3/devel/qca/Makefile
Directory Properties:
branches/2016Q3/ (props changed)
Modified: branches/2016Q3/devel/qca/Makefile
==============================================================================
--- branches/2016Q3/devel/qca/Makefile Mon Aug 22 10:05:42 2016 (r420595)
+++ branches/2016Q3/devel/qca/Makefile Mon Aug 22 10:27:00 2016 (r420596)
@@ -3,6 +3,7 @@
PORTNAME= qca
PORTVERSION= 2.1.1
+PORTREVISION= 1
CATEGORIES= devel
MASTER_SITES= KDE/stable/qca/${PORTVERSION}/src
@@ -38,7 +39,7 @@ GNUPG_CMAKE_ON= -DWITH_gnupg_PLUGIN=yes
GNUPG_RUN_DEPENDS= gpg2:security/gnupg
OPENSSL_CMAKE_ON= -DWITH_ossl_PLUGIN=yes
-OPENSSL_USE= OPENSSL=yes
+OPENSSL_USES= ssl
SASL_CMAKE_ON= -DWITH_cyrus-sasl_PLUGIN=yes
SASL_LIB_DEPENDS= libsasl2.so:security/cyrus-sasl2
Copied: branches/2016Q3/devel/qca/files/patch-plugins_qca-ossl_CMakeLists.txt (from r417968, head/devel/qca/files/patch-plugins_qca-ossl_CMakeLists.txt)
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ branches/2016Q3/devel/qca/files/patch-plugins_qca-ossl_CMakeLists.txt Mon Aug 22 10:27:00 2016 (r420596, copy of r417968, head/devel/qca/files/patch-plugins_qca-ossl_CMakeLists.txt)
@@ -0,0 +1,28 @@
+qca-ossl: Fix build without support for SHA-0
+https://quickgit.kde.org/?p=qca.git&a=commit&h=0dbed8eb38afd1561907a52283091c37e7b85156
+
+LibreSSL >= 2.3.0 removed support for SHA-0, so there's no EVP_sha
+anymore.
+Wikipedia says about SHA-0: "160-bit hash function published in 1993
+under the name SHA. It was withdrawn shortly after publication due to
+an undisclosed "significant flaw" and replaced by the slightly revised
+version SHA-1.'
+
+REVIEW: 125387
+
+--- plugins/qca-ossl/CMakeLists.txt.orig
++++ plugins/qca-ossl/CMakeLists.txt
+@@ -24,6 +24,13 @@
+ else(HAVE_OPENSSL_AES_CTR)
+ message(WARNING "qca-ossl will be compiled without AES CTR mode encryption support")
+ endif(HAVE_OPENSSL_AES_CTR)
++
++ check_function_exists(EVP_sha HAVE_OPENSSL_SHA0)
++ if(HAVE_OPENSSL_SHA0)
++ add_definitions(-DHAVE_OPENSSL_SHA0)
++ else(HAVE_OPENSSL_SHA0)
++ message(WARNING "qca-ossl will be compiled without SHA-0 digest algorithm support")
++ endif(HAVE_OPENSSL_SHA0)
+
+ set(QCA_OSSL_SOURCES qca-ossl.cpp)
+
Copied and modified: branches/2016Q3/devel/qca/files/patch-plugins_qca-ossl_qca-ossl.cpp (from r417968, head/devel/qca/files/patch-plugins_qca-ossl_qca-ossl.cpp)
==============================================================================
--- head/devel/qca/files/patch-plugins_qca-ossl_qca-ossl.cpp Sun Jul 3 12:10:18 2016 (r417968, copy source)
+++ branches/2016Q3/devel/qca/files/patch-plugins_qca-ossl_qca-ossl.cpp Mon Aug 22 10:27:00 2016 (r420596)
@@ -1,27 +1,31 @@
-qca-ossl: Fix build without SSLv3
+qca-ossl: Fix build without SSLv3
http://quickgit.kde.org/?p=qca.git&a=commit&h=20a587d77636186edb044cd2b71d6d90fe98d232
-This fixes building with LibreSSL >= 2.3.0 which has removed support
-for SSLv3 completely. As far as I know OpenSSL can be configured to
-build without it, so it might be helpful there as well.
+This fixes building with LibreSSL >= 2.3.0 which has removed support
+for SSLv3 completely. As far as I know OpenSSL can be configured to
+build without it, so it might be helpful there as well.
-REVIEW: 125386
+REVIEW: 125386
-qca-ossl: Fix build without support for SHA-0
+qca-ossl: Fix build without support for SHA-0
https://quickgit.kde.org/?p=qca.git&a=commit&h=0dbed8eb38afd1561907a52283091c37e7b85156
-LibreSSL >= 2.3.0 removed support for SHA-0, so there's no EVP_sha
-anymore.
-Wikipedia says about SHA-0: "160-bit hash function published in 1993
-under the name SHA. It was withdrawn shortly after publication due to
-an undisclosed "significant flaw" and replaced by the slightly revised
-version SHA-1.'
+LibreSSL >= 2.3.0 removed support for SHA-0, so there's no EVP_sha
+anymore.
+Wikipedia says about SHA-0: "160-bit hash function published in 1993
+under the name SHA. It was withdrawn shortly after publication due to
+an undisclosed "significant flaw" and replaced by the slightly revised
+version SHA-1.'
+
+REVIEW: 125387
+
+Also includes:
+qca-ossl: Remove SHA0 from all_hash_types() when it is not available.
+https://git.reviewboard.kde.org/r/128700/
-REVIEW: 125387
-
---- plugins/qca-ossl/qca-ossl.cpp.orig 2016-07-03 11:34:48 UTC
+--- plugins/qca-ossl/qca-ossl.cpp.orig 2015-10-02 09:39:21 UTC
+++ plugins/qca-ossl/qca-ossl.cpp
-@@ -5403,9 +5403,11 @@
+@@ -5403,9 +5403,11 @@ public:
ctx = SSL_CTX_new(SSLv2_client_method());
break;
#endif
@@ -33,7 +37,30 @@ REVIEW: 125387
case TLS::TLS_v1:
ctx = SSL_CTX_new(TLSv1_client_method());
break;
-@@ -7135,8 +7135,10 @@
+@@ -5805,7 +5807,11 @@ public:
+ {
+ SessionInfo sessInfo;
+
+- sessInfo.isCompressed = (0 != SSL_SESSION_get_compress_id(ssl->session));
++#ifndef OPENSSL_NO_COMP
++ sessInfo.isCompressed = (0 != ssl->session->compress_meth);
++#else
++ sessInfo.isCompressed = 0;
++#endif
+
+ if (ssl->version == TLS1_VERSION)
+ sessInfo.version = TLS::TLS_v1;
+@@ -6880,7 +6886,9 @@ static QStringList all_hash_types()
+ {
+ QStringList list;
+ list += "sha1";
++#ifdef HAVE_OPENSSL_SHA0
+ list += "sha0";
++#endif
+ list += "ripemd160";
+ #ifdef HAVE_OPENSSL_MD2
+ list += "md2";
+@@ -7133,8 +7141,10 @@ public:
return new opensslInfoContext(this);
else if ( type == "sha1" )
return new opensslHashContext( EVP_sha1(), this, type);
More information about the svn-ports-all
mailing list