git: 678024402a7e - main - security/gost-engine: fix build with different instances of OpenSSL 3.0
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Mon, 03 Jul 2023 09:12:19 UTC
The branch main has been updated by eugen:
URL: https://cgit.FreeBSD.org/ports/commit/?id=678024402a7ebba0d01910d1cc43cdb5d3da2483
commit 678024402a7ebba0d01910d1cc43cdb5d3da2483
Author: Eugene Grosbein <eugen@FreeBSD.org>
AuthorDate: 2023-07-03 09:08:44 +0000
Commit: Eugene Grosbein <eugen@FreeBSD.org>
CommitDate: 2023-07-03 09:12:13 +0000
security/gost-engine: fix build with different instances of OpenSSL 3.0
OpenSSL 3.0 in base of 14-CURRENT and in security/openssl30 port
have different ENGINESDIR (engines-3 vs. engines-12).
---
security/gost-engine/Makefile | 39 ++++++++++++++++++-----------
security/gost-engine/files/openssl.cnf.diff | 18 +++++++++++++
security/gost-engine/files/pkg-message.in | 3 +++
security/gost-engine/pkg-plist | 2 +-
security/gost-engine/pkg-plist-openssl30 | 2 +-
5 files changed, 48 insertions(+), 16 deletions(-)
diff --git a/security/gost-engine/Makefile b/security/gost-engine/Makefile
index fb19cdfc607f..2a13f229962b 100644
--- a/security/gost-engine/Makefile
+++ b/security/gost-engine/Makefile
@@ -1,4 +1,5 @@
PORTNAME= gost-engine
+PORTREVISION= 1
CATEGORIES= security
MAINTAINER= eugen@FreeBSD.org
@@ -11,7 +12,6 @@ LICENSE_FILE= ${WRKSRC}/LICENSE
FLAVORS= base openssl30
openssl30_PKGNAMESUFFIX= -${FLAVOR}
-openssl30_PLIST= ${.CURDIR}/pkg-plist-${FLAVOR}
BROKEN_SSL= libressl libressl-devel openssl31
BROKEN_SSL_REASON_libressl= needs features only available in OpenSSL 1.1.1+
@@ -26,7 +26,7 @@ GH_ACCOUNT= gost-engine
GH_PROJECT= engine
ENGINESDIR?= ${PREFIX}/${EDIR}
-PLIST_SUB+= EDIR="${EDIR}" EDIRV="${EDIRV}"
+PLIST_SUB+= EDIR="${EDIR}"
CMAKE_ARGS+= -DOPENSSL_ROOT_DIR=${OPENSSLBASE} \
-DOPENSSL_ENGINES_DIR=${ENGINESDIR}
@@ -37,35 +37,43 @@ OPTIONS_DEFINE= DOCS
.include <bsd.port.options.mk>
+.if ${SSL_DEFAULT} == openssl30
+FLAVOR= openssl30
+.endif
+
+# For OpenSSL 3.0.x in base (14+) or installed as port/package
.if ${OPSYS} == FreeBSD && ${OSVERSION} >= 1400092 || ${FLAVOR:U} == openssl30
GH_TAGNAME= 2b22503
GH_TUPLE+= provider-corner:libprov:e9f3e6a:libprov
GH_SUBDIR= libprov:libprov
DISTVERSION= g20230106
+DISTINFO_FILE= ${PKGDIR}/distinfo.openssl30
+PLIST= ${PKGDIR}/pkg-plist-openssl30
+
+.if ${FLAVOR:U} == openssl30
EDIR?= lib/engines-12
-EDIRV?= @comment unused
-DISTINFO_FILE= ${.CURDIR}/distinfo.openssl30
-.if ${OPSYS} == FreeBSD && ${OSVERSION} < 1400092
-BROKEN_SSL+= base # openssl31
+BROKEN_SSL+= base
+.else
+EDIR?= lib/engines-3
.endif
+
+post-patch:
+ ${REINPLACE_CMD} \
+ 's|/usr/lib/ssl/engines/libgost.so|${PREFIX}/${EDIR}/gost.so|' \
+ ${WRKSRC}/INSTALL.md
+
+# For OpenSSL 1.1.x in base or installed as port/package
.else
GH_TAGNAME= 739f957
DISTVERSION= g20220520
BROKEN_SSL+= openssl30 # openssl31
EDIR?= lib/engines-1.1
-EDIRV?= ${EDIR}
-.endif
-.if ${SSL_DEFAULT} == openssl30
-FLAVOR= openssl30
-.endif
-
-.if ${FLAVOR:U} == base
post-patch:
${REINPLACE_CMD} 's/-Werror //' ${WRKSRC}/CMakeLists.txt
post-install:
- cd ${STAGEDIR}${PREFIX}/lib/engines-1.1 && \
+ cd ${STAGEDIR}${PREFIX}/${EDIR} && \
${MV} gost.so.1.1 libgost.so.1.1 && ${LN} -s libgost.so.1.1 libgost.so && \
${RM} gost.so
.endif
@@ -77,5 +85,8 @@ post-install-DOCS-on:
${MKDIR} ${STAGEDIR}${DOCSDIR}
cd ${WRKSRC} && ${INSTALL_MAN} INSTALL.md README.gost README.md \
${STAGEDIR}${DOCSDIR}
+.if ${EDIR:M*engines-3}
+ ${INSTALL_MAN} ${FILESDIR}/openssl.cnf.diff ${STAGEDIR}${DOCSDIR}
+.endif
.include <bsd.port.mk>
diff --git a/security/gost-engine/files/openssl.cnf.diff b/security/gost-engine/files/openssl.cnf.diff
new file mode 100644
index 000000000000..77cf7b0d4d65
--- /dev/null
+++ b/security/gost-engine/files/openssl.cnf.diff
@@ -0,0 +1,18 @@
+--- openssl.cnf.orig 2023-06-26 14:18:41.158316000 +0700
++++ openssl.cnf 2023-06-30 02:41:55.649698000 +0700
+@@ -53,6 +53,15 @@ providers = provider_sect
+
+ [openssl_init]
+ providers = provider_sect
++engines = engine_section
++
++[engine_section]
++gost = gost_section
++
++[gost_section]
++engine_id = gost
++dynamic_path = /usr/local/lib/engines-3/gost.so
++default_algorithms = ALL
+
+ # List of providers to load
+ [provider_sect]
diff --git a/security/gost-engine/files/pkg-message.in b/security/gost-engine/files/pkg-message.in
index f15112bebb33..c235178b15b0 100644
--- a/security/gost-engine/files/pkg-message.in
+++ b/security/gost-engine/files/pkg-message.in
@@ -5,6 +5,9 @@ You should edit openssl.cnf configuration file as specified below
to start using GOST Engine through OpenSSL.
For details, refer to the section `How to Configure' in
%%DOCSDIR%%/INSTALL.md
+
+Also, you may find useful an example patch for your openssl.cnf in
+%%DOCSDIR%%/openssl.cnf.diff
EOM
}
]
diff --git a/security/gost-engine/pkg-plist b/security/gost-engine/pkg-plist
index 17b05cd8bd83..2261f975cb35 100644
--- a/security/gost-engine/pkg-plist
+++ b/security/gost-engine/pkg-plist
@@ -1,7 +1,7 @@
bin/gost12sum
bin/gostsum
%%EDIR%%/libgost.so
-%%EDIRV%%/libgost.so.1.1
+%%EDIR%%/libgost.so.1.1
%%PORTDOCS%%share/man/man1/gost12sum.1.gz
%%PORTDOCS%%share/man/man1/gostsum.1.gz
%%PORTDOCS%%%%DOCSDIR%%/INSTALL.md
diff --git a/security/gost-engine/pkg-plist-openssl30 b/security/gost-engine/pkg-plist-openssl30
index a4c8b49c89c9..4904852e6787 100644
--- a/security/gost-engine/pkg-plist-openssl30
+++ b/security/gost-engine/pkg-plist-openssl30
@@ -1,7 +1,6 @@
bin/gost12sum
bin/gostsum
%%EDIR%%/gost.so
-%%EDIRV%%/libgost.so.1.1
lib/libgost.so
lib/libgostprov.so
lib/ossl-modules/gostprov.so
@@ -14,3 +13,4 @@ share/cmake/GostProvider/GostProviderConfig.cmake
%%PORTDOCS%%%%DOCSDIR%%/INSTALL.md
%%PORTDOCS%%%%DOCSDIR%%/README.gost
%%PORTDOCS%%%%DOCSDIR%%/README.md
+%%PORTDOCS%%%%DOCSDIR%%/openssl.cnf.diff