From nobody Mon Jul 03 09:12:19 2023 X-Original-To: dev-commits-ports-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4QvgDN1PQvz4lCby; Mon, 3 Jul 2023 09:12:20 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4QvgDN0zlDz4Lry; Mon, 3 Jul 2023 09:12:20 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1688375540; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=4aK3QDm2bHIxQbQPPhaXupeWI4NKDZZsXbKlfAHAK28=; b=iZEgOUxUHlkPEC6O26uVZ80zMkH1kBdzbgB2blPwY8su5GD0OQl7M4QU+s4uWkleiqnsDI X14VduCDvEROqey2TbRmN6OCIMZuPVJqprPRAsK+EmpwHTHZyhb6T65Xryof45ZfMJZ/Nf 3W5uXaET+9Ah6n56pUdTYc7VmkjPy0bUpE6BOEhAzEte5FWVvzYzcop7mF4B70iVWxODCm 3xtiOh+dGIAmGt0m04bYYSQTl18l9Q/+tfEakE3sFVcif3AhcyA/gMYLP87ihN7ChhdKdP 2wz+W62sDR1P+WPRxz+7SUA8q08Kp4CAUnzHl3TzthBIUSaNqO5Kzze+geJ8RA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1688375540; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=4aK3QDm2bHIxQbQPPhaXupeWI4NKDZZsXbKlfAHAK28=; b=ZyyXjOLveqAYePB8b+yoJqaQn5irPly3kAnGv31uTDlOJm4zCIu4HpaBFxCO+lz3vCiHAw 8N6KMBYWNbvrRnyjkoDBqRIe7Z+nv+2kDD4//gu3yhirkat6PZnlwl/s6oisj0OeeNgQgx KR2XCbalid5qddKlazA0VXlsfsTifFPTdPYspMjmP23RUkajdHTagUkpzGK2sA/1+i7ln3 A7FOTB6qTGAc/y1RnWYadROdZebd7yqOfpHD3WqGkd5M1JPb79tsctu06QqvPp41EviPpH nP5Ix0ngq9mRUa9ogO8zMS2RWxwdE1EFyDczFZpBM1+qOpbtJlwU6vdHSiYMew== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1688375540; a=rsa-sha256; cv=none; b=T/9d9Eyfhqq443tYbg4sQInOPPNx+9P4g972Uo1VZhQVTd47cEOuKgAjkg/42DWvDkcbHH pJQ88gu7xXfo6/iD70mfo+8BEQDXhUGFc9aGgJT91SId52o6hWCxTyQZMSQxkKJdERzAmI DrWVdFmp71T1B1WtzqALahZxG3yTGhcJ0zwo5n8toe34YHR2c2UrrRUR/vUzA7wx6bgRPH BLyiZVzZQFgQgLCD1T7033GzqNSfTqvri35rCmINRYASwAgv6+MuAlPb8hWXlrqn2TQLKF +Z2N6yRsH8gfcSMOt3nk3qihaiKoUB/87kjx9kx+Dgb0oux+4OcY+ThNSdazlQ== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4QvgDN04h6zkYY; Mon, 3 Jul 2023 09:12:20 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.17.1/8.17.1) with ESMTP id 3639CJ55022488; Mon, 3 Jul 2023 09:12:19 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.17.1/8.17.1/Submit) id 3639CJHY022487; Mon, 3 Jul 2023 09:12:19 GMT (envelope-from git) Date: Mon, 3 Jul 2023 09:12:19 GMT Message-Id: <202307030912.3639CJHY022487@gitrepo.freebsd.org> To: ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-main@FreeBSD.org From: Eugene Grosbein Subject: git: 678024402a7e - main - security/gost-engine: fix build with different instances of OpenSSL 3.0 List-Id: Commit messages for all branches of the ports repository List-Archive: https://lists.freebsd.org/archives/dev-commits-ports-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-ports-all@freebsd.org X-BeenThere: dev-commits-ports-all@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: eugen X-Git-Repository: ports X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 678024402a7ebba0d01910d1cc43cdb5d3da2483 Auto-Submitted: auto-generated X-ThisMailContainsUnwantedMimeParts: N The branch main has been updated by eugen: URL: https://cgit.FreeBSD.org/ports/commit/?id=678024402a7ebba0d01910d1cc43cdb5d3da2483 commit 678024402a7ebba0d01910d1cc43cdb5d3da2483 Author: Eugene Grosbein AuthorDate: 2023-07-03 09:08:44 +0000 Commit: Eugene Grosbein CommitDate: 2023-07-03 09:12:13 +0000 security/gost-engine: fix build with different instances of OpenSSL 3.0 OpenSSL 3.0 in base of 14-CURRENT and in security/openssl30 port have different ENGINESDIR (engines-3 vs. engines-12). --- security/gost-engine/Makefile | 39 ++++++++++++++++++----------- security/gost-engine/files/openssl.cnf.diff | 18 +++++++++++++ security/gost-engine/files/pkg-message.in | 3 +++ security/gost-engine/pkg-plist | 2 +- security/gost-engine/pkg-plist-openssl30 | 2 +- 5 files changed, 48 insertions(+), 16 deletions(-) diff --git a/security/gost-engine/Makefile b/security/gost-engine/Makefile index fb19cdfc607f..2a13f229962b 100644 --- a/security/gost-engine/Makefile +++ b/security/gost-engine/Makefile @@ -1,4 +1,5 @@ PORTNAME= gost-engine +PORTREVISION= 1 CATEGORIES= security MAINTAINER= eugen@FreeBSD.org @@ -11,7 +12,6 @@ LICENSE_FILE= ${WRKSRC}/LICENSE FLAVORS= base openssl30 openssl30_PKGNAMESUFFIX= -${FLAVOR} -openssl30_PLIST= ${.CURDIR}/pkg-plist-${FLAVOR} BROKEN_SSL= libressl libressl-devel openssl31 BROKEN_SSL_REASON_libressl= needs features only available in OpenSSL 1.1.1+ @@ -26,7 +26,7 @@ GH_ACCOUNT= gost-engine GH_PROJECT= engine ENGINESDIR?= ${PREFIX}/${EDIR} -PLIST_SUB+= EDIR="${EDIR}" EDIRV="${EDIRV}" +PLIST_SUB+= EDIR="${EDIR}" CMAKE_ARGS+= -DOPENSSL_ROOT_DIR=${OPENSSLBASE} \ -DOPENSSL_ENGINES_DIR=${ENGINESDIR} @@ -37,35 +37,43 @@ OPTIONS_DEFINE= DOCS .include +.if ${SSL_DEFAULT} == openssl30 +FLAVOR= openssl30 +.endif + +# For OpenSSL 3.0.x in base (14+) or installed as port/package .if ${OPSYS} == FreeBSD && ${OSVERSION} >= 1400092 || ${FLAVOR:U} == openssl30 GH_TAGNAME= 2b22503 GH_TUPLE+= provider-corner:libprov:e9f3e6a:libprov GH_SUBDIR= libprov:libprov DISTVERSION= g20230106 +DISTINFO_FILE= ${PKGDIR}/distinfo.openssl30 +PLIST= ${PKGDIR}/pkg-plist-openssl30 + +.if ${FLAVOR:U} == openssl30 EDIR?= lib/engines-12 -EDIRV?= @comment unused -DISTINFO_FILE= ${.CURDIR}/distinfo.openssl30 -.if ${OPSYS} == FreeBSD && ${OSVERSION} < 1400092 -BROKEN_SSL+= base # openssl31 +BROKEN_SSL+= base +.else +EDIR?= lib/engines-3 .endif + +post-patch: + ${REINPLACE_CMD} \ + 's|/usr/lib/ssl/engines/libgost.so|${PREFIX}/${EDIR}/gost.so|' \ + ${WRKSRC}/INSTALL.md + +# For OpenSSL 1.1.x in base or installed as port/package .else GH_TAGNAME= 739f957 DISTVERSION= g20220520 BROKEN_SSL+= openssl30 # openssl31 EDIR?= lib/engines-1.1 -EDIRV?= ${EDIR} -.endif -.if ${SSL_DEFAULT} == openssl30 -FLAVOR= openssl30 -.endif - -.if ${FLAVOR:U} == base post-patch: ${REINPLACE_CMD} 's/-Werror //' ${WRKSRC}/CMakeLists.txt post-install: - cd ${STAGEDIR}${PREFIX}/lib/engines-1.1 && \ + cd ${STAGEDIR}${PREFIX}/${EDIR} && \ ${MV} gost.so.1.1 libgost.so.1.1 && ${LN} -s libgost.so.1.1 libgost.so && \ ${RM} gost.so .endif @@ -77,5 +85,8 @@ post-install-DOCS-on: ${MKDIR} ${STAGEDIR}${DOCSDIR} cd ${WRKSRC} && ${INSTALL_MAN} INSTALL.md README.gost README.md \ ${STAGEDIR}${DOCSDIR} +.if ${EDIR:M*engines-3} + ${INSTALL_MAN} ${FILESDIR}/openssl.cnf.diff ${STAGEDIR}${DOCSDIR} +.endif .include diff --git a/security/gost-engine/files/openssl.cnf.diff b/security/gost-engine/files/openssl.cnf.diff new file mode 100644 index 000000000000..77cf7b0d4d65 --- /dev/null +++ b/security/gost-engine/files/openssl.cnf.diff @@ -0,0 +1,18 @@ +--- openssl.cnf.orig 2023-06-26 14:18:41.158316000 +0700 ++++ openssl.cnf 2023-06-30 02:41:55.649698000 +0700 +@@ -53,6 +53,15 @@ providers = provider_sect + + [openssl_init] + providers = provider_sect ++engines = engine_section ++ ++[engine_section] ++gost = gost_section ++ ++[gost_section] ++engine_id = gost ++dynamic_path = /usr/local/lib/engines-3/gost.so ++default_algorithms = ALL + + # List of providers to load + [provider_sect] diff --git a/security/gost-engine/files/pkg-message.in b/security/gost-engine/files/pkg-message.in index f15112bebb33..c235178b15b0 100644 --- a/security/gost-engine/files/pkg-message.in +++ b/security/gost-engine/files/pkg-message.in @@ -5,6 +5,9 @@ You should edit openssl.cnf configuration file as specified below to start using GOST Engine through OpenSSL. For details, refer to the section `How to Configure' in %%DOCSDIR%%/INSTALL.md + +Also, you may find useful an example patch for your openssl.cnf in +%%DOCSDIR%%/openssl.cnf.diff EOM } ] diff --git a/security/gost-engine/pkg-plist b/security/gost-engine/pkg-plist index 17b05cd8bd83..2261f975cb35 100644 --- a/security/gost-engine/pkg-plist +++ b/security/gost-engine/pkg-plist @@ -1,7 +1,7 @@ bin/gost12sum bin/gostsum %%EDIR%%/libgost.so -%%EDIRV%%/libgost.so.1.1 +%%EDIR%%/libgost.so.1.1 %%PORTDOCS%%share/man/man1/gost12sum.1.gz %%PORTDOCS%%share/man/man1/gostsum.1.gz %%PORTDOCS%%%%DOCSDIR%%/INSTALL.md diff --git a/security/gost-engine/pkg-plist-openssl30 b/security/gost-engine/pkg-plist-openssl30 index a4c8b49c89c9..4904852e6787 100644 --- a/security/gost-engine/pkg-plist-openssl30 +++ b/security/gost-engine/pkg-plist-openssl30 @@ -1,7 +1,6 @@ bin/gost12sum bin/gostsum %%EDIR%%/gost.so -%%EDIRV%%/libgost.so.1.1 lib/libgost.so lib/libgostprov.so lib/ossl-modules/gostprov.so @@ -14,3 +13,4 @@ share/cmake/GostProvider/GostProviderConfig.cmake %%PORTDOCS%%%%DOCSDIR%%/INSTALL.md %%PORTDOCS%%%%DOCSDIR%%/README.gost %%PORTDOCS%%%%DOCSDIR%%/README.md +%%PORTDOCS%%%%DOCSDIR%%/openssl.cnf.diff