git: 994cdbddbc18 - main - comms/kermit: the port had been updated and cleaned up (+)
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Sat, 16 Oct 2021 13:35:51 UTC
The branch main has been updated by danfe:
URL: https://cgit.FreeBSD.org/ports/commit/?id=994cdbddbc1823fe9ba62db697ec19548d6383c9
commit 994cdbddbc1823fe9ba62db697ec19548d6383c9
Author: Alexey Dokuchaev <danfe@FreeBSD.org>
AuthorDate: 2021-10-16 13:34:52 +0000
Commit: Alexey Dokuchaev <danfe@FreeBSD.org>
CommitDate: 2021-10-16 13:34:52 +0000
comms/kermit: the port had been updated and cleaned up (+)
- Update C-Kermit to version 9.0.305 Alpha.04 which integrates both
modern and legacy OpenSSL support (thus drop our local patch)
- Do not install essentially empty dot-files as examples; they also
contain references to full *.ini files which are no longer shipped
as part of the C-Kermit distribution
- The only useful documentation now is README.TXT, install it in the
dedicated option helper target
---
comms/kermit/Makefile | 18 +-
comms/kermit/distinfo | 6 +-
comms/kermit/files/ckermit.ini | 8 -
comms/kermit/files/ckermod.ini | 8 -
comms/kermit/files/patch-ck__ssl.c | 379 -------------------------------------
5 files changed, 10 insertions(+), 409 deletions(-)
diff --git a/comms/kermit/Makefile b/comms/kermit/Makefile
index 4bd00f510809..1d0ddb57db24 100644
--- a/comms/kermit/Makefile
+++ b/comms/kermit/Makefile
@@ -1,16 +1,17 @@
# Created by: Paul Traina <pst@FreeBSD.org>
PORTNAME= kermit
-PORTVERSION= 9.0.304.24
+PORTVERSION= 9.0.305.04
CATEGORIES= comms ftp net
MASTER_SITES= http://www.kermitproject.org/ftp/kermit/test/tar/ \
ftp://ftp.kermitproject.org/kermit/test/tar/
-DISTNAME= cku${PORTVERSION:R:E}-dev${PORTVERSION:E}
+DISTNAME= cku${PORTVERSION:R:E}-alpha${PORTVERSION:E}
MAINTAINER= danfe@FreeBSD.org
COMMENT= Portable scriptable network and serial communication program
LICENSE= BSD3CLAUSE
+LICENSE_FILE= ${WRKSRC}/COPYING.TXT
USES= ssl
NO_WRKSUBDIR= yes
@@ -20,9 +21,8 @@ MAKE_ARGS= CC2="${CC}" SSLINC="-I${OPENSSLINC}" SSLLIB="-L${OPENSSLLIB}"
PLIST_FILES= bin/kermit man/man1/kermit.1.gz
PORTDOCS= *
-PORTEXAMPLES= *
-OPTIONS_DEFINE= DOCS EXAMPLES
+OPTIONS_DEFINE= DOCS
post-patch:
@${REINPLACE_CMD} -e 's,-O2 -pipe,${CFLAGS},' ${WRKSRC}/${MAKEFILE}
@@ -31,13 +31,9 @@ do-install:
${INSTALL_PROGRAM} ${WRKSRC}/wermit ${STAGEDIR}${PREFIX}/bin/kermit
${INSTALL_MAN} ${WRKSRC}/ckuker.nr \
${STAGEDIR}${MANPREFIX}/man/man1/kermit.1
+
+do-install-DOCS-on:
@${MKDIR} ${STAGEDIR}${DOCSDIR}
- ${INSTALL_DATA} ${WRKSRC}/*.txt ${STAGEDIR}${DOCSDIR}
- ${LN} -sf ckaaaa.txt ${STAGEDIR}${DOCSDIR}/READ.ME
- @${MKDIR} ${STAGEDIR}${EXAMPLESDIR}
- ${INSTALL_DATA} ${PATCHDIR}/ckermit.ini \
- ${STAGEDIR}${EXAMPLESDIR}/dot.kermrc
- ${INSTALL_DATA} ${PATCHDIR}/ckermod.ini \
- ${STAGEDIR}${EXAMPLESDIR}/dot.mykermrc
+ ${INSTALL_DATA} ${WRKSRC}/README.TXT ${STAGEDIR}${DOCSDIR}
.include <bsd.port.mk>
diff --git a/comms/kermit/distinfo b/comms/kermit/distinfo
index e105a2423bed..021e2e1f8e4a 100644
--- a/comms/kermit/distinfo
+++ b/comms/kermit/distinfo
@@ -1,3 +1,3 @@
-TIMESTAMP = 1588857229
-SHA256 (cku304-dev24.tar.gz) = b7abde063e25013cfd85279c78a39270d331fd231d4724c158fe5399ef6c62a5
-SIZE (cku304-dev24.tar.gz) = 2480314
+TIMESTAMP = 1631718979
+SHA256 (cku305-alpha04.tar.gz) = 72a0b55f30dea3dcbca5d486396ec432c57d23fb618f2010fda746b6acb3c35c
+SIZE (cku305-alpha04.tar.gz) = 2551405
diff --git a/comms/kermit/files/ckermit.ini b/comms/kermit/files/ckermit.ini
deleted file mode 100644
index b30f3892ff5f..000000000000
--- a/comms/kermit/files/ckermit.ini
+++ /dev/null
@@ -1,8 +0,0 @@
-COMMENT - Standard C-Kermit initialization file
-;
-echo
-echo The very long standard initialization file that was distributed
-echo with C-Kermit 6, 7, and 8 is no longer recommended as "standard",
-echo since its features were little used. It is still available in
-echo the C-Kermit distribution as ockermit.ini.
-echo
diff --git a/comms/kermit/files/ckermod.ini b/comms/kermit/files/ckermod.ini
deleted file mode 100644
index 6b13c85b64d6..000000000000
--- a/comms/kermit/files/ckermod.ini
+++ /dev/null
@@ -1,8 +0,0 @@
-; File CKERMOD.INI, Sample C-Kermit 7.0 customization file.
-;
-echo
-echo The very long standard initialization file that was distributed
-echo with C-Kermit 6, 7, and 8 is no longer recommended as "standard",
-echo since its features were little used. It is still available in
-echo the C-Kermit distribution as ockermod.ini.
-echo
diff --git a/comms/kermit/files/patch-ck__ssl.c b/comms/kermit/files/patch-ck__ssl.c
deleted file mode 100644
index 4af8ac9d6b21..000000000000
--- a/comms/kermit/files/patch-ck__ssl.c
+++ /dev/null
@@ -1,379 +0,0 @@
---- ck_ssl.c.orig 2017-04-26 15:56:23 UTC
-+++ ck_ssl.c
-@@ -303,7 +303,7 @@ X509_STORE_CTX *ctx;
- break;
- default:
- printf("Error %d while verifying certificate.\r\n",
-- ctx->error);
-+ error);
- break;
- }
- }
-@@ -935,13 +935,32 @@ static DH *
- get_dh512()
- {
- DH *dh=NULL;
-+#if OPENSSL_VERSION_NUMBER >= 0x10100005L
-+ BIGNUM *p, *g;
-+#endif
-
- if ((dh=DH_new()) == NULL)
- return(NULL);
-+#if OPENSSL_VERSION_NUMBER >= 0x10100005L
-+ p=BN_bin2bn(dh512_p,sizeof(dh512_p),NULL);
-+ g=BN_bin2bn(dh512_g,sizeof(dh512_g),NULL);
-+ if (p == NULL || g == NULL) {
-+ BN_free(g);
-+ BN_free(p);
-+ DH_free(dh);
-+ return(NULL);
-+ } else
-+ DH_set0_pqg(dh, p, NULL, g);
-+#else
- dh->p=BN_bin2bn(dh512_p,sizeof(dh512_p),NULL);
- dh->g=BN_bin2bn(dh512_g,sizeof(dh512_g),NULL);
-- if ((dh->p == NULL) || (dh->g == NULL))
-+ if ((dh->p == NULL) || (dh->g == NULL)) {
-+ BN_free(dh->g);
-+ BN_free(dh->p);
-+ DH_free(dh);
- return(NULL);
-+ }
-+#endif
- return(dh);
- }
-
-@@ -949,13 +968,32 @@ static DH *
- get_dh768()
- {
- DH *dh=NULL;
-+#if OPENSSL_VERSION_NUMBER >= 0x10100005L
-+ BIGNUM *p, *g;
-+#endif
-
- if ((dh=DH_new()) == NULL)
- return(NULL);
-+#if OPENSSL_VERSION_NUMBER >= 0x10100005L
-+ p=BN_bin2bn(dh768_p,sizeof(dh768_p),NULL);
-+ g=BN_bin2bn(dh768_g,sizeof(dh768_g),NULL);
-+ if (p == NULL || g == NULL) {
-+ BN_free(g);
-+ BN_free(p);
-+ DH_free(dh);
-+ return(NULL);
-+ } else
-+ DH_set0_pqg(dh, p, NULL, g);
-+#else
- dh->p=BN_bin2bn(dh768_p,sizeof(dh768_p),NULL);
- dh->g=BN_bin2bn(dh768_g,sizeof(dh768_g),NULL);
-- if ((dh->p == NULL) || (dh->g == NULL))
-+ if ((dh->p == NULL) || (dh->g == NULL)) {
-+ BN_free(dh->g);
-+ BN_free(dh->p);
-+ DH_free(dh);
- return(NULL);
-+ }
-+#endif
- return(dh);
- }
-
-@@ -963,13 +1001,32 @@ static DH *
- get_dh1024()
- {
- DH *dh=NULL;
-+#if OPENSSL_VERSION_NUMBER >= 0x10100005L
-+ BIGNUM *p, *g;
-+#endif
-
- if ((dh=DH_new()) == NULL)
- return(NULL);
-+#if OPENSSL_VERSION_NUMBER >= 0x10100005L
-+ p=BN_bin2bn(dh1024_p,sizeof(dh1024_p),NULL);
-+ g=BN_bin2bn(dh1024_g,sizeof(dh1024_g),NULL);
-+ if (p == NULL || g == NULL) {
-+ BN_free(g);
-+ BN_free(p);
-+ DH_free(dh);
-+ return(NULL);
-+ } else
-+ DH_set0_pqg(dh, p, NULL, g);
-+#else
- dh->p=BN_bin2bn(dh1024_p,sizeof(dh1024_p),NULL);
- dh->g=BN_bin2bn(dh1024_g,sizeof(dh1024_g),NULL);
-- if ((dh->p == NULL) || (dh->g == NULL))
-+ if ((dh->p == NULL) || (dh->g == NULL)) {
-+ BN_free(dh->g);
-+ BN_free(dh->p);
-+ DH_free(dh);
- return(NULL);
-+ }
-+#endif
- return(dh);
- }
-
-@@ -977,13 +1034,32 @@ static DH *
- get_dh1536()
- {
- DH *dh=NULL;
-+#if OPENSSL_VERSION_NUMBER >= 0x10100005L
-+ BIGNUM *p, *g;
-+#endif
-
- if ((dh=DH_new()) == NULL)
- return(NULL);
-+#if OPENSSL_VERSION_NUMBER >= 0x10100005L
-+ p=BN_bin2bn(dh1536_p,sizeof(dh1536_p),NULL);
-+ g=BN_bin2bn(dh1536_g,sizeof(dh1536_g),NULL);
-+ if (p == NULL || g == NULL) {
-+ BN_free(g);
-+ BN_free(p);
-+ DH_free(dh);
-+ return(NULL);
-+ } else
-+ DH_set0_pqg(dh, p, NULL, g);
-+#else
- dh->p=BN_bin2bn(dh1536_p,sizeof(dh1536_p),NULL);
- dh->g=BN_bin2bn(dh1536_g,sizeof(dh1536_g),NULL);
-- if ((dh->p == NULL) || (dh->g == NULL))
-+ if ((dh->p == NULL) || (dh->g == NULL)) {
-+ BN_free(dh->g);
-+ BN_free(dh->p);
-+ DH_free(dh);
- return(NULL);
-+ }
-+#endif
- return(dh);
- }
-
-@@ -991,13 +1067,32 @@ static DH *
- get_dh2048()
- {
- DH *dh=NULL;
-+#if OPENSSL_VERSION_NUMBER >= 0x10100005L
-+ BIGNUM *p, *g;
-+#endif
-
- if ((dh=DH_new()) == NULL)
- return(NULL);
-+#if OPENSSL_VERSION_NUMBER >= 0x10100005L
-+ p=BN_bin2bn(dh2048_p,sizeof(dh2048_p),NULL);
-+ g=BN_bin2bn(dh2048_g,sizeof(dh2048_g),NULL);
-+ if (p == NULL || g == NULL) {
-+ BN_free(g);
-+ BN_free(p);
-+ DH_free(dh);
-+ return(NULL);
-+ } else
-+ DH_set0_pqg(dh, p, NULL, g);
-+#else
- dh->p=BN_bin2bn(dh2048_p,sizeof(dh2048_p),NULL);
- dh->g=BN_bin2bn(dh2048_g,sizeof(dh2048_g),NULL);
-- if ((dh->p == NULL) || (dh->g == NULL))
-+ if ((dh->p == NULL) || (dh->g == NULL)) {
-+ BN_free(dh->g);
-+ BN_free(dh->p);
-+ DH_free(dh);
- return(NULL);
-+ }
-+#endif
- return(dh);
- }
- #endif /* NO_DH */
-@@ -1057,13 +1152,13 @@ ssl_display_comp(SSL * ssl)
- return;
-
- #ifndef OPENSSL_NO_COMP /* ifdefs Bernard Spil 12/2015 */
-- if (ssl->expand == NULL || ssl->expand->meth == NULL)
-+ if (SSL_get_current_expansion(ssl) == NULL)
- #endif /* OPENSSL_NO_COMP */
- printf("Compression: None\r\n");
-
- #ifndef OPENSSL_NO_COMP /* ifdefs Bernard Spil 12/2015 */
- else {
-- printf("Compression: %s\r\n",ssl->expand->meth->name);
-+ printf("Compression: %s\r\n", SSL_COMP_get_name(SSL_get_current_expansion(ssl)));
- }
- #endif /* OPENSSL_NO_COMP */
- }
-@@ -1489,13 +1584,23 @@ the build.\r\n\r\n");
-
- #ifdef ZLIB
- cm = COMP_zlib();
-+#if OPENSSL_VERSION_NUMBER >= 0x10100005L
-+ if (cm != NULL && COMP_get_type(cm) != NID_undef) {
-+#else
- if (cm != NULL && cm->type != NID_undef) {
-+#endif
- SSL_COMP_add_compression_method(0xe0, cm); /* EAY's ZLIB ID */
- }
- #endif /* ZLIB */
-+#ifdef NID_rle_compression
- cm = COMP_rle();
-+#if OPENSSL_VERSION_NUMBER >= 0x10100005L
-+ if (cm != NULL && COMP_get_type(cm) != NID_undef)
-+#else
- if (cm != NULL && cm->type != NID_undef)
-+#endif
- SSL_COMP_add_compression_method(0xe1, cm); /* EAY's RLE ID */
-+#endif /* NID_rle_compression */
-
- /* Ensure the Random number generator has enough entropy */
- if ( !RAND_status() ) {
-@@ -2623,7 +2728,11 @@ ssl_anonymous_cipher(ssl) SSL * ssl;
- int
- ssl_verify_crl(int ok, X509_STORE_CTX *ctx)
- {
-+#if OPENSSL_VERSION_NUMBER >= 0x10100005L
-+ X509_OBJECT *obj;
-+#else
- X509_OBJECT obj;
-+#endif
- X509_NAME *subject = NULL;
- X509_NAME *issuer = NULL;
- X509 *xs = NULL;
-@@ -2643,6 +2752,12 @@ ssl_verify_crl(int ok, X509_STORE_CTX *ctx)
- if (!crl_store)
- return ok;
-
-+#if OPENSSL_VERSION_NUMBER >= 0x10100005L
-+ obj = X509_OBJECT_new();
-+ if (!obj)
-+ return(ok);
-+#endif
-+
- store_ctx = X509_STORE_CTX_new();
- if ( !store_ctx )
- return(ok);
-@@ -2689,11 +2804,19 @@ ssl_verify_crl(int ok, X509_STORE_CTX *ctx)
- * Try to retrieve a CRL corresponding to the _subject_ of
- * the current certificate in order to verify it's integrity.
- */
-+#if OPENSSL_VERSION_NUMBER < 0x10100005L
- memset((char *)&obj, 0, sizeof(obj));
-+#endif
- X509_STORE_CTX_init(store_ctx, crl_store, NULL, NULL);
-+#if OPENSSL_VERSION_NUMBER >= 0x10100005L
-+ rc = X509_STORE_get_by_subject(store_ctx, X509_LU_CRL, subject, obj);
-+ X509_STORE_CTX_cleanup(store_ctx);
-+ crl = X509_OBJECT_get0_X509_CRL(obj);
-+#else
- rc = X509_STORE_get_by_subject(store_ctx, X509_LU_CRL, subject, &obj);
- X509_STORE_CTX_cleanup(store_ctx);
- crl = obj.data.crl;
-+#endif
- if (rc > 0 && crl != NULL) {
- /*
- * Verify the signature on this CRL
-@@ -2701,7 +2824,11 @@ ssl_verify_crl(int ok, X509_STORE_CTX *ctx)
- if (X509_CRL_verify(crl, X509_get_pubkey(xs)) <= 0) {
- fprintf(stderr, "Invalid signature on CRL!\n");
- X509_STORE_CTX_set_error(ctx, X509_V_ERR_CRL_SIGNATURE_FAILURE);
-+#if OPENSSL_VERSION_NUMBER >= 0x10100005L
-+ X509_OBJECT_free(obj);
-+#else
- X509_OBJECT_free_contents(&obj);
-+#endif
- X509_STORE_CTX_free(store_ctx);
- return 0;
- }
-@@ -2714,7 +2841,11 @@ ssl_verify_crl(int ok, X509_STORE_CTX *ctx)
- fprintf(stderr, "Found CRL has invalid nextUpdate field.\n");
- X509_STORE_CTX_set_error(ctx,
- X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD);
-+#if OPENSSL_VERSION_NUMBER >= 0x10100005L
-+ X509_OBJECT_free(obj);
-+#else
- X509_OBJECT_free_contents(&obj);
-+#endif
- X509_STORE_CTX_free(store_ctx);
- return 0;
- }
-@@ -2723,22 +2854,38 @@ ssl_verify_crl(int ok, X509_STORE_CTX *ctx)
- "Found CRL is expired - revoking all certificates until you get updated CRL.\n"
- );
- X509_STORE_CTX_set_error(ctx, X509_V_ERR_CRL_HAS_EXPIRED);
-+#if OPENSSL_VERSION_NUMBER >= 0x10100005L
-+ X509_OBJECT_free(obj);
-+#else
- X509_OBJECT_free_contents(&obj);
-+#endif
- X509_STORE_CTX_free(store_ctx);
- return 0;
- }
-+#if OPENSSL_VERSION_NUMBER >= 0x10100005L
-+ X509_OBJECT_free(obj);
-+#else
- X509_OBJECT_free_contents(&obj);
-+#endif
- }
-
- /*
- * Try to retrieve a CRL corresponding to the _issuer_ of
- * the current certificate in order to check for revocation.
- */
-+#if OPENSSL_VERSION_NUMBER < 0x10100005L
- memset((char *)&obj, 0, sizeof(obj));
-+#endif
- X509_STORE_CTX_init(store_ctx, crl_store, NULL, NULL);
-+#if OPENSSL_VERSION_NUMBER >= 0x10100005L
-+ rc = X509_STORE_get_by_subject(store_ctx, X509_LU_CRL, issuer, obj);
-+ X509_STORE_CTX_free(store_ctx); /* calls X509_STORE_CTX_cleanup() */
-+ crl = X509_OBJECT_get0_X509_CRL(obj);
-+#else
- rc = X509_STORE_get_by_subject(store_ctx, X509_LU_CRL, issuer, &obj);
- X509_STORE_CTX_free(store_ctx); /* calls X509_STORE_CTX_cleanup() */
- crl = obj.data.crl;
-+#endif
- if (rc > 0 && crl != NULL) {
- /*
- * Check if the current certificate is revoked by this CRL
-@@ -2746,19 +2893,34 @@ ssl_verify_crl(int ok, X509_STORE_CTX *ctx)
- n = sk_X509_REVOKED_num(X509_CRL_get_REVOKED(crl));
- for (i = 0; i < n; i++) {
- revoked = sk_X509_REVOKED_value(X509_CRL_get_REVOKED(crl), i);
-+#if OPENSSL_VERSION_NUMBER >= 0x10100005L
-+ if (ASN1_INTEGER_cmp(X509_REVOKED_get0_serialNumber(revoked),
-+ X509_get_serialNumber(xs)) == 0) {
-+
-+ serial = ASN1_INTEGER_get(X509_REVOKED_get0_serialNumber(revoked));
-+#else
- if (ASN1_INTEGER_cmp(revoked->serialNumber,
- X509_get_serialNumber(xs)) == 0) {
-
- serial = ASN1_INTEGER_get(revoked->serialNumber);
-+#endif
- cp = X509_NAME_oneline(issuer, NULL, 0);
- free(cp);
-
- X509_STORE_CTX_set_error(ctx, X509_V_ERR_CERT_REVOKED);
-+#if OPENSSL_VERSION_NUMBER >= 0x10100005L
-+ X509_OBJECT_free(obj);
-+#else
- X509_OBJECT_free_contents(&obj);
-+#endif
- return 0;
- }
- }
-+#if OPENSSL_VERSION_NUMBER >= 0x10100005L
-+ X509_OBJECT_free(obj);
-+#else
- X509_OBJECT_free_contents(&obj);
-+#endif
- }
- return ok;
- }
-@@ -4399,7 +4561,14 @@ X509_userok(X509 * peer_cert, const char * userid)
- if (!(fp = fopen(buf, "r")))
- return 0;
- while (!r && (file_cert = PEM_read_X509(fp, NULL, NULL, NULL))) {
-+#if OPENSSL_VERSION_NUMBER >= 0x10100005L
-+ ASN1_BIT_STRING *peer_cert_sig, *file_cert_sig;
-+ X509_get0_signature(&peer_cert_sig, NULL, peer_cert);
-+ X509_get0_signature(&file_cert_sig, NULL, file_cert);
-+ if (!ASN1_STRING_cmp(peer_cert_sig, file_cert_sig))
-+#else
- if (!ASN1_STRING_cmp(peer_cert->signature, file_cert->signature))
-+#endif
- r = 1;
- X509_free(file_cert);
- }