svn commit: r426920 - in head/security/trousers: . files

Ben Woods woodsb02 at FreeBSD.org
Wed Nov 23 13:16:55 UTC 2016 

Author: woodsb02
Date: Wed Nov 23 13:16:53 2016
New Revision: 426920
URL: https://svnweb.freebsd.org/changeset/ports/426920

Log:
  security/trousers: Fix compilation with LibreSSL
  
  This was causing the build of security/gnutls to fail when the
  TPM option was enabled and make.conf contained
  DEFAULT_VERSIONS+=ssl=libressl. The gnutls configure script failed to
  successfully link against the libtspi.so library, and therefore
  determined the tss library was not suitable and disabled TPM.
  /usr/local/lib/libtspi.so: undefined reference to `RSA_set0_key'
  This caused the gnutls build to fail during staging due to an incorrect
  PLIST (missing bin/tpmtool).
  
  As of version 0.3.14, TrouSerS utilises the new OpenSSL function
  RSA_set0_key, which was only introduced in OpenSSL 1.1.0 and is not in
  LibreSSL (yet).
  
  The TrouSerS code utilises the OPENSSL_VERSION_NUMBER preprocessor macro
  to determine the version of OpenSSL which is it compiling against,
  and defines the RSA_set0_key function if the version of OpenSSL is older
  than 1.1.0. This causes an issue with LibreSSL, because it sets the
  OPENSSL_VERSION_NUMBER preprocessor macro to impersonate OpenSSL 2.0.0.
  
  The new patch-src_trspi_crypto_openssl_rsa.c causes TrouSerS to define
  the RSA_set0_key function on LibreSSL also.
  
  PR:		214660
  Submitted by:	David Z <daz at hyperchronos.org>
  Reported by:	Walter Schwarzenfeld <w.schwarzenfeld at utanet.at>
  Approved by:	adamw (mentor, implicit)
  Approved by:	portmgr (just-fix-it blanket)

Added:
  head/security/trousers/files/patch-src_trspi_crypto_openssl_rsa.c   (contents, props changed)
Modified:
  head/security/trousers/Makefile

Modified: head/security/trousers/Makefile
==============================================================================
--- head/security/trousers/Makefile	Wed Nov 23 13:04:21 2016	(r426919)
+++ head/security/trousers/Makefile	Wed Nov 23 13:16:53 2016	(r426920)
@@ -3,6 +3,7 @@
 
 PORTNAME=	trousers
 PORTVERSION=	0.3.14
+PORTREVISION=	1
 CATEGORIES=	security
 MASTER_SITES=	SF
 

Added: head/security/trousers/files/patch-src_trspi_crypto_openssl_rsa.c
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/security/trousers/files/patch-src_trspi_crypto_openssl_rsa.c	Wed Nov 23 13:16:53 2016	(r426920)
@@ -0,0 +1,11 @@
+--- src/trspi/crypto/openssl/rsa.c.orig	2016-11-23 12:26:19 UTC
++++ src/trspi/crypto/openssl/rsa.c
+@@ -38,7 +38,7 @@
+ #define DEBUG_print_openssl_errors()
+ #endif
+ 
+-#if OPENSSL_VERSION_NUMBER < 0x10100001L
++#if OPENSSL_VERSION_NUMBER < 0x10100001L || defined(LIBRESSL_VERSION_NUMBER)
+ static int
+ RSA_set0_key(RSA *r, BIGNUM *n, BIGNUM *e, BIGNUM *d)
+ {

More information about the svn-ports-all mailing list