svn commit: r382282 - in head/devel/tcltls: . files
Mikhail Teterin
mi at FreeBSD.org
Thu Mar 26 00:39:36 UTC 2015
Author: mi
Date: Thu Mar 26 00:39:34 2015
New Revision: 382282
URL: https://svnweb.freebsd.org/changeset/ports/382282
QAT: https://qat.redports.org/buildarchive/r382282/
Log:
Add a patch (submitted upstream), which turns off attempts to use
TLS1.1 and 1.2 if the protocols aren't available at compile-time.
Otherwise the software attempts to use them at run-time and fails.
Fix-up the tests. Disable regression-test until I figure out, why
it hangs here...
Added:
head/devel/tcltls/files/patch-protocols (contents, props changed)
Modified:
head/devel/tcltls/Makefile
head/devel/tcltls/files/patch-warnings
Modified: head/devel/tcltls/Makefile
==============================================================================
--- head/devel/tcltls/Makefile Thu Mar 26 00:28:04 2015 (r382281)
+++ head/devel/tcltls/Makefile Thu Mar 26 00:39:34 2015 (r382282)
@@ -36,7 +36,7 @@ PORTDOCS= *
post-patch:
${REINPLACE_CMD} -e \
- 's,package require tls.*,load ${WRKSRC}/lib${TCLPKG}.so;\
+ 's,package require tls.*,load ${WRKSRC}/libtls.so.1;\
source ${WRKSRC}/tls.tcl,' \
${WRKSRC}/tests/*.test
# The tests in ciphers.test are meaningless so far:
@@ -48,7 +48,7 @@ post-install:
${INSTALL_DATA} ${WRKSRC}/tls.htm ${STAGEDIR}${DOCSDIR}
.endif
-regression-test:
+xregression-test test check: build
cd ${WRKSRC}/tests && ${SETENV} TCL_LIBRARY="${WRKSRC}" \
tclsh${TCL_VER} all.tcl
Added: head/devel/tcltls/files/patch-protocols
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ head/devel/tcltls/files/patch-protocols Thu Mar 26 00:39:34 2015 (r382282)
@@ -0,0 +1,130 @@
+--- tls.c 2014-12-08 14:10:28.000000000 -0500
++++ tls.c 2015-03-25 19:37:53.000000000 -0400
+@@ -64,6 +64,6 @@
+ Tcl_Interp *interp, int objc, Tcl_Obj *CONST objv[]));
+
+-static SSL_CTX *CTX_Init _ANSI_ARGS_((State *statePtr, int proto, char *key,
+- char *cert, char *CAdir, char *CAfile, char *ciphers));
++static SSL_CTX *CTX_Init _ANSI_ARGS_((State *statePtr, int proto, const char *key,
++ const char *cert, const char *CAdir, const char *CAfile, const char *ciphers));
+
+ static int TlsLibInit _ANSI_ARGS_ (()) ;
+@@ -538,5 +538,5 @@
+ case TLS_SSL2:
+ #if defined(NO_SSL2)
+- Tcl_AppendResult(interp, "protocol not supported", NULL);
++ Tcl_AppendResult(interp, protocols[index], ": protocol not supported", NULL);
+ return TCL_ERROR;
+ #else
+@@ -545,5 +545,5 @@
+ case TLS_SSL3:
+ #if defined(NO_SSL3)
+- Tcl_AppendResult(interp, "protocol not supported", NULL);
++ Tcl_AppendResult(interp, protocols[index], ": protocol not supported", NULL);
+ return TCL_ERROR;
+ #else
+@@ -552,5 +552,5 @@
+ case TLS_TLS1:
+ #if defined(NO_TLS1)
+- Tcl_AppendResult(interp, "protocol not supported", NULL);
++ Tcl_AppendResult(interp, protocols[index], ": protocol not supported", NULL);
+ return TCL_ERROR;
+ #else
+@@ -559,5 +559,5 @@
+ case TLS_TLS1_1:
+ #if defined(NO_TLS1_1)
+- Tcl_AppendResult(interp, "protocol not supported", NULL);
++ Tcl_AppendResult(interp, protocols[index], ": protocol not supported", NULL);
+ return TCL_ERROR;
+ #else
+@@ -566,5 +566,5 @@
+ case TLS_TLS1_2:
+ #if defined(NO_TLS1_2)
+- Tcl_AppendResult(interp, "protocol not supported", NULL);
++ Tcl_AppendResult(interp, protocols[index], ": protocol not supported", NULL);
+ return TCL_ERROR;
+ #else
+@@ -575,10 +575,10 @@
+ }
+ if (ctx == NULL) {
+- Tcl_AppendResult(interp, REASON(), (char *) NULL);
++ Tcl_AppendResult(interp, REASON(), NULL);
+ return TCL_ERROR;
+ }
+ ssl = SSL_new(ctx);
+ if (ssl == NULL) {
+- Tcl_AppendResult(interp, REASON(), (char *) NULL);
++ Tcl_AppendResult(interp, REASON(), NULL);
+ SSL_CTX_free(ctx);
+ return TCL_ERROR;
+@@ -747,6 +747,18 @@
+ #endif
+ int tls1 = 1;
+- int tls1_1 = 1;
+- int tls1_2 = 1;
++ int tls1_1 =
++#if defined(NO_TLS1_1)
++ 0
++#else
++ 1
++#endif
++ ;
++ int tls1_2 =
++#if defined(NO_TLS1_2)
++ 0
++#else
++ 1
++#endif
++ ;
+ int proto = 0;
+ int verify = 0, require = 0, request = 1;
+@@ -1029,9 +1029,9 @@
+ State *statePtr;
+ int proto;
+- char *key;
+- char *cert;
+- char *CAdir;
+- char *CAfile;
+- char *ciphers;
++ const char *key;
++ const char *cert;
++ const char *CAdir;
++ const char *CAfile;
++ const char *ciphers;
+ {
+ Tcl_Interp *interp = statePtr->interp;
+@@ -1050,5 +1050,5 @@
+ #if defined(NO_SSL2)
+ if (ENABLED(proto, TLS_PROTO_SSL2)) {
+- Tcl_AppendResult(interp, "protocol not supported", NULL);
++ Tcl_AppendResult(interp, "protocol SSL2 not supported", NULL);
+ return (SSL_CTX *)0;
+ }
+@@ -1056,5 +1056,5 @@
+ #if defined(NO_SSL3)
+ if (ENABLED(proto, TLS_PROTO_SSL3)) {
+- Tcl_AppendResult(interp, "protocol not supported", NULL);
++ Tcl_AppendResult(interp, "protocol SSL3 not supported", NULL);
+ return (SSL_CTX *)0;
+ }
+@@ -1062,5 +1062,5 @@
+ #if defined(NO_TLS1)
+ if (ENABLED(proto, TLS_PROTO_TLS1)) {
+- Tcl_AppendResult(interp, "protocol not supported", NULL);
++ Tcl_AppendResult(interp, "protocol TLS1 not supported", NULL);
+ return (SSL_CTX *)0;
+ }
+@@ -1068,5 +1068,5 @@
+ #if defined(NO_TLS1_1)
+ if (ENABLED(proto, TLS_PROTO_TLS1_1)) {
+- Tcl_AppendResult(interp, "protocol not supported", NULL);
++ Tcl_AppendResult(interp, "protocol TLS1.1 not supported", NULL);
+ return (SSL_CTX *)0;
+ }
+@@ -1074,5 +1074,5 @@
+ #if defined(NO_TLS1_2)
+ if (ENABLED(proto, TLS_PROTO_TLS1_2)) {
+- Tcl_AppendResult(interp, "protocol not supported", NULL);
++ Tcl_AppendResult(interp, "protocol TLS1.2 not supported", NULL);
+ return (SSL_CTX *)0;
+ }
Modified: head/devel/tcltls/files/patch-warnings
==============================================================================
--- head/devel/tcltls/files/patch-warnings Thu Mar 26 00:28:04 2015 (r382281)
+++ head/devel/tcltls/files/patch-warnings Thu Mar 26 00:39:34 2015 (r382282)
@@ -91,9 +91,16 @@
};
enum protocol {
- TLS_SSL2, TLS_SSL3, TLS_TLS1, TLS_TLS1_1, TLS_TLS1_2, TLS_NONE
-+ TLS_SSL2, TLS_SSL3, TLS_TLS1, TLS_TLS1_1, TLS_TLS1_2,
++ TLS_SSL2, TLS_SSL3, TLS_TLS1, TLS_TLS1_1, TLS_TLS1_2
};
Tcl_Obj *objPtr;
+@@ -1040,5 +1040,5 @@
+ Tcl_DString ds1;
+ int off = 0;
+- const SSL_METHOD *method;
++ SSL_METHOD *method;
+
+ if (!proto) {
@@ -1361,5 +1361,5 @@
{
static CONST84 char *commands [] = { "req", NULL };
More information about the svn-ports-head
mailing list