svn commit: r421843 - in head/security/wpa_supplicant: . files
John Marino
marino at FreeBSD.org
Sun Sep 11 17:05:35 UTC 2016
Author: marino
Date: Sun Sep 11 17:05:34 2016
New Revision: 421843
URL: https://svnweb.freebsd.org/changeset/ports/421843
Log:
security/wpa_supplicant: Add support for LibreSSL
Added:
head/security/wpa_supplicant/files/patch-src_crypto_tls__openssl.c (contents, props changed)
Modified:
head/security/wpa_supplicant/Makefile
Modified: head/security/wpa_supplicant/Makefile
==============================================================================
--- head/security/wpa_supplicant/Makefile Sun Sep 11 16:55:08 2016 (r421842)
+++ head/security/wpa_supplicant/Makefile Sun Sep 11 17:05:34 2016 (r421843)
@@ -9,12 +9,12 @@ MASTER_SITES= http://w1.fi/releases/
MAINTAINER= marino at FreeBSD.org
COMMENT= Supplicant (client) for WPA/802.1x protocols
-USES= cpe gmake readline
-USE_OPENSSL= yes
+USES= cpe gmake readline ssl
BUILD_WRKSRC= ${WRKSRC}/wpa_supplicant
INSTALL_WRKSRC= ${WRKSRC}/src
CFLAGS+= ${CPPFLAGS} # USES=readline only augments CPPFLAGS and LDFLAGS
-LDFLAGS+= -lutil
+CFLAGS+= -I${OPENSSLINC}
+LDFLAGS+= -L${OPENSSLLIB} -lutil
SUB_FILES= pkg-message
PORTDOCS= README ChangeLog
Added: head/security/wpa_supplicant/files/patch-src_crypto_tls__openssl.c
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ head/security/wpa_supplicant/files/patch-src_crypto_tls__openssl.c Sun Sep 11 17:05:34 2016 (r421843)
@@ -0,0 +1,67 @@
+Compatibility fixes for LibreSSL
+
+--- src/crypto/tls_openssl.c.orig 2015-09-27 19:02:05 UTC
++++ src/crypto/tls_openssl.c
+@@ -2229,7 +2229,7 @@ static int tls_parse_pkcs12(struct tls_d
+ }
+
+ if (certs) {
+-#if OPENSSL_VERSION_NUMBER >= 0x10002000L
++#if OPENSSL_VERSION_NUMBER >= 0x10002000L && !defined(LIBRESSL_VERSION_NUMBER)
+ SSL_clear_chain_certs(ssl);
+ while ((cert = sk_X509_pop(certs)) != NULL) {
+ X509_NAME_oneline(X509_get_subject_name(cert), buf,
+@@ -2247,7 +2247,7 @@ static int tls_parse_pkcs12(struct tls_d
+ /* Try to continue anyway */
+ }
+ sk_X509_free(certs);
+-#ifndef OPENSSL_IS_BORINGSSL
++#if !defined(OPENSSL_IS_BORINGSSL) && !defined(LIBRESSL_VERSION_NUMBER)
+ res = SSL_build_cert_chain(ssl,
+ SSL_BUILD_CHAIN_FLAG_CHECK |
+ SSL_BUILD_CHAIN_FLAG_IGNORE_ERROR);
+@@ -2812,7 +2812,7 @@ int tls_connection_get_random(void *ssl_
+ if (conn == NULL || keys == NULL)
+ return -1;
+ ssl = conn->ssl;
+-#if OPENSSL_VERSION_NUMBER < 0x10100000L
++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
+ if (ssl == NULL || ssl->s3 == NULL || ssl->session == NULL)
+ return -1;
+
+@@ -2841,7 +2841,7 @@ int tls_connection_get_random(void *ssl_
+ #ifndef CONFIG_FIPS
+ static int openssl_get_keyblock_size(SSL *ssl)
+ {
+-#if OPENSSL_VERSION_NUMBER < 0x10100000L
++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
+ const EVP_CIPHER *c;
+ const EVP_MD *h;
+ int md_size;
+@@ -2911,7 +2911,7 @@ static int openssl_tls_prf(struct tls_co
+ "mode");
+ return -1;
+ #else /* CONFIG_FIPS */
+-#if OPENSSL_VERSION_NUMBER < 0x10100000L
++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
+ SSL *ssl;
+ u8 *rnd;
+ int ret = -1;
+@@ -3394,7 +3394,7 @@ int tls_connection_set_cipher_list(void
+
+ wpa_printf(MSG_DEBUG, "OpenSSL: cipher suites: %s", buf + 1);
+
+-#if OPENSSL_VERSION_NUMBER >= 0x10100000L
++#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
+ #if defined(EAP_FAST) || defined(EAP_FAST_DYNAMIC) || defined(EAP_SERVER_FAST)
+ if (os_strstr(buf, ":ADH-")) {
+ /*
+@@ -3977,7 +3977,7 @@ static int tls_sess_sec_cb(SSL *s, void
+ struct tls_connection *conn = arg;
+ int ret;
+
+-#if OPENSSL_VERSION_NUMBER < 0x10100000L
++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
+ if (conn == NULL || conn->session_ticket_cb == NULL)
+ return 0;
+
More information about the svn-ports-head
mailing list