svn commit: r426920 - in head/security/trousers: . files
Ben Woods
woodsb02 at FreeBSD.org
Wed Nov 23 13:16:55 UTC 2016
Author: woodsb02
Date: Wed Nov 23 13:16:53 2016
New Revision: 426920
URL: https://svnweb.freebsd.org/changeset/ports/426920
Log:
security/trousers: Fix compilation with LibreSSL
This was causing the build of security/gnutls to fail when the
TPM option was enabled and make.conf contained
DEFAULT_VERSIONS+=ssl=libressl. The gnutls configure script failed to
successfully link against the libtspi.so library, and therefore
determined the tss library was not suitable and disabled TPM.
/usr/local/lib/libtspi.so: undefined reference to `RSA_set0_key'
This caused the gnutls build to fail during staging due to an incorrect
PLIST (missing bin/tpmtool).
As of version 0.3.14, TrouSerS utilises the new OpenSSL function
RSA_set0_key, which was only introduced in OpenSSL 1.1.0 and is not in
LibreSSL (yet).
The TrouSerS code utilises the OPENSSL_VERSION_NUMBER preprocessor macro
to determine the version of OpenSSL which is it compiling against,
and defines the RSA_set0_key function if the version of OpenSSL is older
than 1.1.0. This causes an issue with LibreSSL, because it sets the
OPENSSL_VERSION_NUMBER preprocessor macro to impersonate OpenSSL 2.0.0.
The new patch-src_trspi_crypto_openssl_rsa.c causes TrouSerS to define
the RSA_set0_key function on LibreSSL also.
PR: 214660
Submitted by: David Z <daz at hyperchronos.org>
Reported by: Walter Schwarzenfeld <w.schwarzenfeld at utanet.at>
Approved by: adamw (mentor, implicit)
Approved by: portmgr (just-fix-it blanket)
Added:
head/security/trousers/files/patch-src_trspi_crypto_openssl_rsa.c (contents, props changed)
Modified:
head/security/trousers/Makefile
Modified: head/security/trousers/Makefile
==============================================================================
--- head/security/trousers/Makefile Wed Nov 23 13:04:21 2016 (r426919)
+++ head/security/trousers/Makefile Wed Nov 23 13:16:53 2016 (r426920)
@@ -3,6 +3,7 @@
PORTNAME= trousers
PORTVERSION= 0.3.14
+PORTREVISION= 1
CATEGORIES= security
MASTER_SITES= SF
Added: head/security/trousers/files/patch-src_trspi_crypto_openssl_rsa.c
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ head/security/trousers/files/patch-src_trspi_crypto_openssl_rsa.c Wed Nov 23 13:16:53 2016 (r426920)
@@ -0,0 +1,11 @@
+--- src/trspi/crypto/openssl/rsa.c.orig 2016-11-23 12:26:19 UTC
++++ src/trspi/crypto/openssl/rsa.c
+@@ -38,7 +38,7 @@
+ #define DEBUG_print_openssl_errors()
+ #endif
+
+-#if OPENSSL_VERSION_NUMBER < 0x10100001L
++#if OPENSSL_VERSION_NUMBER < 0x10100001L || defined(LIBRESSL_VERSION_NUMBER)
+ static int
+ RSA_set0_key(RSA *r, BIGNUM *n, BIGNUM *e, BIGNUM *d)
+ {
More information about the svn-ports-all
mailing list