ports/177790: [new port] security/axTLS
Hirohisa Yamaguchi
umq at ueo.co.jp
Thu Apr 11 22:30:01 UTC 2013
>Number: 177790
>Category: ports
>Synopsis: [new port] security/axTLS
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: freebsd-ports-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: change-request
>Submitter-Id: current-users
>Arrival-Date: Thu Apr 11 22:30:00 UTC 2013
>Closed-Date:
>Last-Modified:
>Originator: Hirohisa Yamaguchi
>Release: FreeBSD 9.1-RELEASE amd64
>Organization:
<organization of PR author (multiple lines)>
>Environment:
System: FreeBSD calliope.****.org 9.1-RELEASE FreeBSD 9.1-RELEASE #0 r243825: Tue Dec 4 09:23:10 UTC 2012 root at farrell.cse.buffalo.edu:/usr/obj/usr/src/sys/GENERIC amd64
>Description:
axTLS is a library implementation of SSL/TLS.
Several ports (e.g. ftp/curl, lang/gauche) have configure
options for it.
>How-To-Repeat:
N/A
>Fix:
The shar follows:
# This is a shell archive. Save it in a file, remove anything before
# this line, and then unpack it by entering "sh file". Note, it may
# create directories; files and directories will be owned by you and
# have default permissions.
#
# This archive contains:
#
# security/axTLS
# security/axTLS/Makefile
# security/axTLS/distinfo
# security/axTLS/files
# security/axTLS/files/data-.config.in
# security/axTLS/files/patch-Makefile
# security/axTLS/files/patch-samples__c__axssl.c
# security/axTLS/files/patch-ssl__Config.in
# security/axTLS/pkg-descr
# security/axTLS/pkg-plist
#
echo c - security/axTLS
mkdir -p security/axTLS > /dev/null 2>&1
echo x - security/axTLS/Makefile
sed 's/^X//' >security/axTLS/Makefile << '44783e47a1af4e4f540c662e916b70c5'
X# Created by: Hirohisa Yamaguchi <umq at ueo.co.jp>
X# $FreeBSD$
X
XPORTNAME= axTLS
XPORTVERSION= 1.4.9
XCATEGORIES= security devel net
XMASTER_SITES= SF
XMASTER_SITE_SUBDIR= ${PORTNAME:L}/${PORTVERSION}
X
XMAINTAINER= umq at ueo.co.jp
XCOMMENT= SSL/TLS client/server library implementation
X
XLICENSE= BSD
X
XOPTIONS_DEFINE= COMPAT_OPENSSL HTTPD TLSWRAP X509 PERL DOCS DEBUG TEST
XOPTIONS_SINGLE= MODE PROT
XOPTIONS_SINGLE_MODE= SERVER_ONLY CERT_VERIFICATION ENABLE_CLIENT \
X FULL_MODE SKELETON_MODE
XOPTIONS_SINGLE_PROT= LOW MEDIUM HIGH
XOPTIONS_DEFAULT= FULL_MODE MEDIUM
XCOMPAT_OPENSSL_DESC= OpenSSL compatible API
XTLSWRAP_DESC= Build TLS wrapper like sslwrap
XX509_DESC= Generate X.509 Certificate
XPERL_DESC= Perl bindings or support
XDOCS_DESC= Build and/or install documentation (require doxygen)
XTEST_DESC= Build test suite when available
XMODE_DESC= SSL Library mode
XPROT_DESC= Protocol Preference
XSERVER_ONLY_DESC= Server only (no verification)
XCERT_VERIFICATION_DESC= Server only (with verification)
XENABLE_CLIENT_DESC= Client/Server enabled
XFULL_MODE_DESC= Client/Server enabled with diagnostics
XSKELETON_MODE_DESC= The smallest library with least performance (experimental)
XLOW_DESC= Use the fastest cipher(s) but at the expense of security
XMEDIUM_DESC= Balance between speed and security
XHIGH_DESC= Use the strongest cipher(s) at the cost of speed
X
XCONFIG_SUB= PREFIX=\"${PREFIX}\" WWWDIR=\"${WWWDIR}\" \
X HTTP_PORT=${WITH_HTTP_PORT} SSL_PORT=${WITH_SSL_PORT}
XNO_OPTIONS_SORT=yes
XUSE_GMAKE= yes
XUSE_LDCONFIG= yes
XWRKSRC= ${WRKDIR}/${PORTNAME}
XSTAGE= ${WRKSRC}/_stage
X
XWITH_HTTP_PORT?= 80
XWITH_SSL_PORT?= 443
X
X.include <bsd.port.options.mk>
X
X.if ${PORT_OPTIONS:MSERVER_ONLY}
XCONFIG_SUB+= SERVER_ONLY=""
X.else
XCONFIG_SUB+= SERVER_ONLY="\# "
X.endif
X.if ${PORT_OPTIONS:MCERT_VERIFICATION}
XCONFIG_SUB+= CERT_VERIFICATION=""
X.else
XCONFIG_SUB+= CERT_VERIFICATION="\# "
X.endif
X.if ${PORT_OPTIONS:MENABLE_CLIENT}
XCONFIG_SUB+= ENABLE_CLIENT=""
X.else
XCONFIG_SUB+= ENABLE_CLIENT="\# "
X.endif
X.if ${PORT_OPTIONS:MFULL_MODE}
XCONFIG_SUB+= FULL_MODE=""
X.else
XCONFIG_SUB+= FULL_MODE="\# "
X.endif
X.if ${PORT_OPTIONS:MSKELETON_MODE}
XCONFIG_SUB+= SKELETON_MODE=""
X.else
XCONFIG_SUB+= SKELETON_MODE="\# "
X.endif
X
X.if ${PORT_OPTIONS:MHIGH}
XCONFIG_SUB+= PROT_HIGH=""
X.else
XCONFIG_SUB+= PROT_HIGH="\# "
X.endif
X.if ${PORT_OPTIONS:MMEDIUM}
XCONFIG_SUB+= PROT_MEDIUM=""
X.else
XCONFIG_SUB+= PROT_MEDIUM="\# "
X.endif
X.if ${PORT_OPTIONS:MLOW}
XCONFIG_SUB+= PROT_LOW=""
X.else
XCONFIG_SUB+= PROT_LOW="\# "
X.endif
X
X.if ${PORT_OPTIONS:MCOMPAT_OPENSSL}
XCONFIG_SUB+= COMPAT_OPENSSL=""
X.else
XCONFIG_SUB+= COMPAT_OPENSSL="\# "
X.endif
X
X.if ${PORT_OPTIONS:MHTTPD}
XCONFIG_SUB+= HTTPD=""
XPLIST_SUB+= HTTPD=""
X.else
XCONFIG_SUB+= HTTPD="\# "
XPLIST_SUB+= HTTPD="@comment "
X.endif
X
X.if ${PORT_OPTIONS:MTLSWRAP}
XCONFIG_SUB+= TLSWRAP=""
XPLIST_SUB+= TLSWRAP=""
X.else
XCONFIG_SUB+= TLSWRAP="\# "
XPLIST_SUB+= TLSWRAP="@comment "
X.endif
X
X.if ${PORT_OPTIONS:MX509}
XCONFIG_SUB+= X509=""
X.else
XCONFIG_SUB+= X509="\# "
X.endif
X
X.if ${PORT_OPTIONS:MPERL}
XBUILD_DEPENDS+= swig:${PORTSDIR}/devel/swig13
XCONFIG_SUB+= PERL=""
XPLIST_SUB+= PERL=""
XUSE_PERL5= yes
X.else
XCONFIG_SUB+= PERL="\# "
XPLIST_SUB+= PERL="@comment "
X.endif
X
X.if ${PORT_OPTIONS:MDOCS}
XBUILD_DEPENDS+= doxygen:${PORTSDIR}/devel/doxygen
XPORTDOCS= *
X.endif
X
X.if ${PORT_OPTIONS:MDEBUG}
XCONFIG_SUB+= DEBUG=""
X.else
XCONFIG_SUB+= DEBUG="\# "
X.endif
X
X.if ${PORT_OPTIONS:MTEST}
X. if ${PORT_OPTIONS:MCERT_VERIFICATION} || \
X ${PORT_OPTIONS:MENABLE_CLIENT} || \
X ${PORT_OPTIONS:MFULL_MODE}
XCONFIG_SUB+= TEST_PERF=""
X. else
XCONFIG_SUB+= TEST_PERF="\# "
X. endif
X. if ${PORT_OPTIONS:MFULL_MODE} && empty(PORT_OPTIONS:MX509)
XCONFIG_SUB+= TEST_SSL=""
X. else
XCONFIG_SUB+= TEST_SSL="\# "
X. endif
X.else
XCONFIG_SUB+= TEST_PERF="\# " \
X TEST_SSL="\# "
X.endif
X
X_CONFIG_SUB_TEMP= ${CONFIG_SUB:S/$/!g/:S/^/ -e s!%%/:S/=/%%!/}
X
Xdo-configure:
X @${SED} ${_CONFIG_SUB_TEMP} \
X -e '/^\([^#]*\) is not set$$/s//\1=y/' \
X ${FILESDIR}/data-.config.in > ${WRKSRC}/config/.config
X cd ${WRKSRC} && ${SETENV} ${MAKE_ENV} ${GMAKE} ${MAKE_FLAGS} \
X ${MAKEFILE} ${_MAKE_JOBS} ${MAKE_ARGS} oldconfig
X
Xdo-install:
X ${INSTALL_LIB} ${STAGE}/libaxtls.a ${PREFIX}/lib/
X ${INSTALL_LIB} ${STAGE}/libaxtls.so.1.2 ${PREFIX}/lib/
X ${LN} -fs ${PREFIX}/lib/libaxtls.so.1.2 ${PREFIX}/lib/libaxtls.so.1
X ${LN} -fs ${PREFIX}/lib/libaxtls.so.1 ${PREFIX}/lib/libaxtls.so
X ${INSTALL_PROGRAM} ${STAGE}/axssl ${PREFIX}/bin/
X.if ${PORT_OPTIONS:MHTTPD}
X ${INSTALL_PROGRAM} ${STAGE}/htpasswd ${PREFIX}/bin/axhtpasswd
X ${INSTALL_PROGRAM} ${STAGE}/axhttpd ${PREFIX}/bin/
X.endif
X.if ${PORT_OPTIONS:MTLSWRAP}
X ${INSTALL_PROGRAM} ${STAGE}/axtlswrap ${PREFIX}/bin/
X.endif
X.if ${PORT_OPTIONS:MPERL}
X @${MKDIR} ${PREFIX}/${SITE_PERL_REL}/${PERL_ARCH}/auto
X ${INSTALL_SCRIPT} ${STAGE}/axssl.pl ${PREFIX}/bin/
X ${INSTALL_SCRIPT} ${STAGE}/axtlsp.pm ${PREFIX}/${SITE_PERL_REL}/${PERL_ARCH}/
X ${INSTALL_LIB} ${STAGE}/libaxtlsp.so ${PREFIX}/${SITE_PERL_REL}/${PERL_ARCH}/auto/
X.endif
X @${MKDIR} ${PREFIX}/include/axTLS
X ${INSTALL_DATA} ${WRKSRC}/crypto/*.h ${PREFIX}/include/axTLS/
X ${INSTALL_DATA} ${WRKSRC}/ssl/*.h ${PREFIX}/include/axTLS/
X ${RM} ${PREFIX}/include/axTLS/cert.h
X ${RM} ${PREFIX}/include/axTLS/private_key.h
X ${RM} ${PREFIX}/include/axTLS/os_port.h
X ${INSTALL_DATA} ${WRKSRC}/config/config.h ${PREFIX}/include/axTLS/
X.if ${PORT_OPTIONS:MDOCS}
X cd ${WRKSRC} && ${GMAKE} docs
X @${MKDIR} ${DOCSDIR}
X cd ${WRKSRC}/docsrc/html && ${COPYTREE_SHARE} . ${DOCSDIR}
X.endif
X
Xregression-test: build
X cd ${WRKSRC} && ${GMAKE} test
X
X.include <bsd.port.mk>
44783e47a1af4e4f540c662e916b70c5
echo x - security/axTLS/distinfo
sed 's/^X//' >security/axTLS/distinfo << 'd17b0d95fe138a6a33bc63cda1140bf2'
XSHA256 (axTLS-1.4.9.tar.gz) = 9bc08f4c7a6bda3079af8e3f5ceee6b2ee92af34e8efbc9acfeee6c27b1f7cc3
XSIZE (axTLS-1.4.9.tar.gz) = 1300593
d17b0d95fe138a6a33bc63cda1140bf2
echo c - security/axTLS/files
mkdir -p security/axTLS/files > /dev/null 2>&1
echo x - security/axTLS/files/data-.config.in
sed 's/^X//' >security/axTLS/files/data-.config.in << '4b3feb9df77279adfe438fb2acd7711b'
X#
X# Automatically generated make config: don't edit
X#
XHAVE_DOT_CONFIG=y
XCONFIG_PLATFORM_LINUX=y
X# CONFIG_PLATFORM_CYGWIN is not set
X# CONFIG_PLATFORM_WIN32 is not set
X
X#
X# General Configuration
X#
XPREFIX=%%PREFIX%%
X%%DEBUG%%CONFIG_DEBUG is not set
X# CONFIG_STRIP_UNWANTED_SECTIONS is not set
X# CONFIG_VISUAL_STUDIO_7_0 is not set
X# CONFIG_VISUAL_STUDIO_8_0 is not set
X# CONFIG_VISUAL_STUDIO_10_0 is not set
XCONFIG_VISUAL_STUDIO_7_0_BASE=""
XCONFIG_VISUAL_STUDIO_8_0_BASE=""
XCONFIG_VISUAL_STUDIO_10_0_BASE=""
XCONFIG_EXTRA_CFLAGS_OPTIONS=""
XCONFIG_EXTRA_LDFLAGS_OPTIONS=""
X
X#
X# SSL Library
X#
X%%SERVER_ONLY%%CONFIG_SSL_SERVER_ONLY is not set
X%%CERT_VERIFICATION%%CONFIG_SSL_CERT_VERIFICATION is not set
X%%ENABLE_CLIENT%%CONFIG_SSL_ENABLE_CLIENT is not set
X%%FULL_MODE%%CONFIG_SSL_FULL_MODE is not set
X%%SKELETON_MODE%%CONFIG_SSL_SKELETON_MODE is not set
X%%PROT_LOW%%CONFIG_SSL_PROT_LOW is not set
X%%PROT_MEDIUM%%CONFIG_SSL_PROT_MEDIUM is not set
X%%PROT_HIGH%%CONFIG_SSL_PROT_HIGH is not set
XCONFIG_SSL_USE_DEFAULT_KEY=y
XCONFIG_SSL_PRIVATE_KEY_LOCATION=""
XCONFIG_SSL_PRIVATE_KEY_PASSWORD=""
XCONFIG_SSL_X509_CERT_LOCATION=""
X%%X509%%CONFIG_SSL_GENERATE_X509_CERT is not set
XCONFIG_SSL_X509_COMMON_NAME=""
XCONFIG_SSL_X509_ORGANIZATION_NAME=""
XCONFIG_SSL_X509_ORGANIZATION_UNIT_NAME=""
X# CONFIG_SSL_ENABLE_V23_HANDSHAKE is not set
XCONFIG_SSL_HAS_PEM=y
XCONFIG_SSL_USE_PKCS12=y
XCONFIG_SSL_EXPIRY_TIME=24
XCONFIG_X509_MAX_CA_CERTS=150
XCONFIG_SSL_MAX_CERTS=3
X# CONFIG_SSL_CTX_MUTEXING is not set
XCONFIG_USE_DEV_URANDOM=y
X# CONFIG_WIN32_USE_CRYPTO_LIB is not set
X%%COMPAT_OPENSSL%%CONFIG_OPENSSL_COMPATIBLE is not set
X%%TEST_PERF%%CONFIG_PERFORMANCE_TESTING is not set
X%%TEST_SSL%%CONFIG_SSL_TEST is not set
X%%TLSWRAP%%CONFIG_AXTLSWRAP is not set
X%%HTTPD%%CONFIG_AXHTTPD is not set
X
X#
X# Axhttpd Configuration
X#
X# CONFIG_HTTP_STATIC_BUILD is not set
XCONFIG_HTTP_PORT=%%HTTP_PORT%%
XCONFIG_HTTP_HTTPS_PORT=%%SSL_PORT%%
XCONFIG_HTTP_SESSION_CACHE_SIZE=5
XCONFIG_HTTP_WEBROOT=%%WWWDIR%%
XCONFIG_HTTP_TIMEOUT=300
X
X#
X# CGI
X#
XCONFIG_HTTP_HAS_CGI=y
XCONFIG_HTTP_CGI_EXTENSIONS=".lua,.pl,.php"
X# CONFIG_HTTP_ENABLE_LUA is not set
XCONFIG_HTTP_LUA_PREFIX="/usr"
X# CONFIG_HTTP_BUILD_LUA is not set
XCONFIG_HTTP_CGI_LAUNCHER="/usr/bin/cgi"
XCONFIG_HTTP_DIRECTORIES=y
XCONFIG_HTTP_HAS_AUTHORIZATION=y
XCONFIG_HTTP_HAS_IPV6=y
XCONFIG_HTTP_ENABLE_DIFFERENT_USER=y
XCONFIG_HTTP_USER="www"
XCONFIG_HTTP_VERBOSE=y
X# CONFIG_HTTP_IS_DAEMON is not set
X
X#
X# Language Bindings
X#
XCONFIG_BINDINGS=y
X# CONFIG_CSHARP_BINDINGS is not set
X# CONFIG_VBNET_BINDINGS is not set
XCONFIG_DOT_NET_FRAMEWORK_BASE=""
X# CONFIG_JAVA_BINDINGS is not set
XCONFIG_JAVA_HOME=""
X%%PERL%%CONFIG_PERL_BINDINGS is not set
XCONFIG_PERL_CORE="/usr/local"
XCONFIG_PERL_LIB=""
X# CONFIG_LUA_BINDINGS is not set
XCONFIG_LUA_CORE=""
X
X#
X# Samples
X#
XCONFIG_SAMPLES=y
XCONFIG_C_SAMPLES=y
X# CONFIG_CSHARP_SAMPLES is not set
X# CONFIG_VBNET_SAMPLES is not set
X# CONFIG_JAVA_SAMPLES is not set
X%%PERL%%CONFIG_PERL_SAMPLES is not set
X# CONFIG_LUA_SAMPLES is not set
X
X#
X# BigInt Options
X#
X# CONFIG_BIGINT_CLASSICAL is not set
X# CONFIG_BIGINT_MONTGOMERY is not set
XCONFIG_BIGINT_BARRETT=y
XCONFIG_BIGINT_CRT=y
X# CONFIG_BIGINT_KARATSUBA is not set
XMUL_KARATSUBA_THRESH=0
XSQU_KARATSUBA_THRESH=0
XCONFIG_BIGINT_SLIDING_WINDOW=y
XCONFIG_BIGINT_SQUARE=y
X%%DEBUG%%CONFIG_BIGINT_CHECK_ON is not set
XCONFIG_INTEGER_32BIT=y
X# CONFIG_INTEGER_16BIT is not set
X# CONFIG_INTEGER_8BIT is not set
4b3feb9df77279adfe438fb2acd7711b
echo x - security/axTLS/files/patch-Makefile
sed 's/^X//' >security/axTLS/files/patch-Makefile << 'de867ff87dc59858faf9978dd51a0b90'
X--- ./Makefile.orig 2011-01-07 22:16:40.000000000 +0900
X+++ ./Makefile 2013-04-11 08:38:38.000000000 +0900
X@@ -118,7 +118,9 @@
X - at rm `perl -e 'use Config; print $$Config{installarchlib};'`/axtlsp.pm > /dev/null 2>&1
X
X test:
X- cd $(STAGE); ssltest; ../ssl/test/test_axssl.sh; cd -;
X+ cd $(STAGE); [ -e ./ssltest ] && LD_LIBRARY_PATH=".:$${LD_LIBRARY_PATH}" ./ssltest ;\
X+ [ -e ./perf_bigint ] && LD_LIBRARY_PATH=".:$${LD_LIBRARY_PATH}" ./perf_bigint ;\
X+ ../ssl/test/test_axssl.sh; cd -;
X
X # tidy up things
X clean::
de867ff87dc59858faf9978dd51a0b90
echo x - security/axTLS/files/patch-samples__c__axssl.c
sed 's/^X//' >security/axTLS/files/patch-samples__c__axssl.c << '2978bb47645178019e6a63828e816f3c'
X--- ./samples/c/axssl.c.orig 2012-07-01 09:49:36.000000000 +0900
X+++ ./samples/c/axssl.c 2013-04-10 16:59:23.000000000 +0900
X@@ -45,6 +45,7 @@
X */
X #include <string.h>
X #include <stdio.h>
X+#include <signal.h>
X #include <stdlib.h>
X #include "os_port.h"
X #include "ssl.h"
X@@ -54,6 +55,14 @@
X #define STDIN_FILENO 0
X #endif
X
X+/* enable features based on a 'super-set' capbaility. */
X+#if defined(CONFIG_SSL_FULL_MODE)
X+#define CONFIG_SSL_ENABLE_CLIENT
X+#define CONFIG_SSL_CERT_VERIFICATION
X+#elif defined(CONFIG_SSL_ENABLE_CLIENT)
X+#define CONFIG_SSL_CERT_VERIFICATION
X+#endif
X+
X static void do_server(int argc, char *argv[]);
X static void print_options(char *option);
X static void print_server_options(char *option);
2978bb47645178019e6a63828e816f3c
echo x - security/axTLS/files/patch-ssl__Config.in
sed 's/^X//' >security/axTLS/files/patch-ssl__Config.in << '4d65fdad5ac88e1421b7eec643f16cde'
X--- ./ssl/Config.in.orig 2011-06-25 06:12:07.000000000 +0900
X+++ ./ssl/Config.in 2013-04-11 08:38:38.000000000 +0900
X@@ -318,7 +318,7 @@
X config CONFIG_PERFORMANCE_TESTING
X bool "Build the bigint performance test tool"
X default n
X- depends on CONFIG_SSL_CERT_VERIFICATION
X+ depends on CONFIG_SSL_CERT_VERIFICATION || CONFIG_SSL_ENABLE_CLIENT || CONFIG_SSL_FULL_MODE
X help
X Used for performance testing of bigint.
X
4d65fdad5ac88e1421b7eec643f16cde
echo x - security/axTLS/pkg-descr
sed 's/^X//' >security/axTLS/pkg-descr << 'ab8150126fd91c3cf3b4c09e9cb11597'
XThe axTLS project is an SSL client/server library using the TLSv1
Xprotocol. It is designed to be small and fast, and is suited to
Xembedded projects. A web server is included.
X
XWWW: http://http://axtls.sourceforge.net/
ab8150126fd91c3cf3b4c09e9cb11597
echo x - security/axTLS/pkg-plist
sed 's/^X//' >security/axTLS/pkg-plist << 'fd16a03c0326827a984a0c833093c559'
X at comment $FreeBSD$
X%%HTTPD%%bin/axhtpasswd
X%%HTTPD%%bin/axhttpd
Xbin/axssl
X%%PERL%%bin/axssl.pl
X%%TLSWRAP%%bin/axtlswrap
Xinclude/axTLS/bigint.h
Xinclude/axTLS/bigint_impl.h
Xinclude/axTLS/config.h
Xinclude/axTLS/crypto.h
Xinclude/axTLS/crypto_misc.h
Xinclude/axTLS/os_int.h
Xinclude/axTLS/ssl.h
Xinclude/axTLS/tls1.h
Xinclude/axTLS/version.h
Xlib/libaxtls.a
Xlib/libaxtls.so
Xlib/libaxtls.so.1
Xlib/libaxtls.so.1.2
X%%PERL%%%%SITE_PERL%%/%%PERL_ARCH%%/auto/libaxtlsp.so
X%%PERL%%%%SITE_PERL%%/%%PERL_ARCH%%/axtlsp.pm
X at dirrm include/axTLS
fd16a03c0326827a984a0c833093c559
exit
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-ports-bugs
mailing list