git: b419a572ee2e - main - security/pkcs11-helper: make OpenSSL 3.0 compatible

Go to: [ bottom of page ] [ top of archives ] [ this month ]
From: Matthias Andree <mandree_at_FreeBSD.org>
Date: Wed, 28 Jun 2023 20:54:47 UTC
The branch main has been updated by mandree:

URL: https://cgit.FreeBSD.org/ports/commit/?id=b419a572ee2ea98a2dbf4b1e219e057ffef56cb3

commit b419a572ee2ea98a2dbf4b1e219e057ffef56cb3
Author:     Matthias Andree <mandree@FreeBSD.org>
AuthorDate: 2023-06-24 18:32:19 +0000
Commit:     Matthias Andree <mandree@FreeBSD.org>
CommitDate: 2023-06-28 20:49:54 +0000

    security/pkcs11-helper: make OpenSSL 3.0 compatible
    
    OpenSSL 3.0 changed the prototype for the dup_func
    of the customer data callback functions, the third
    argument (from_d) switched from void * to void **.
    
    See
    https://www.openssl.org/docs/man3.0/man3/CRYPTO_get_ex_new_index.html
    
    This breaks compile on FreeBSD-CURRENT, which also
    uses the stricter LLVM/clang 16.
    
    Add an OPENSSL_VERSION_NUMBER #elif case
    to support the newer OpenSSL >= 3.0 prototype.
    
    Approved by:    ale@ (Alex Dupre, maintainer)
    PR:             272190
---
 .../files/patch-lib_pkcs11h-openssl.c              | 28 ++++++++++++++++++++--
 1 file changed, 26 insertions(+), 2 deletions(-)

diff --git a/security/pkcs11-helper/files/patch-lib_pkcs11h-openssl.c b/security/pkcs11-helper/files/patch-lib_pkcs11h-openssl.c
index e0bc64247fc7..e27454eb3d28 100644
--- a/security/pkcs11-helper/files/patch-lib_pkcs11h-openssl.c
+++ b/security/pkcs11-helper/files/patch-lib_pkcs11h-openssl.c
@@ -1,6 +1,6 @@
---- lib/pkcs11h-openssl.c.orig	2022-10-20 14:36:14 UTC
+--- lib/pkcs11h-openssl.c.orig	2022-04-07 17:01:01 UTC
 +++ lib/pkcs11h-openssl.c
-@@ -235,9 +235,13 @@ DSA_meth_free (DSA_METHOD *meth)
+@@ -235,9 +235,13 @@ DSA_meth_set1_name (DSA_METHOD *meth, const char *name
  static int
  DSA_meth_set1_name (DSA_METHOD *meth, const char *name)
  {
@@ -14,3 +14,27 @@
  }
  #endif
  
+@@ -341,12 +345,22 @@ __pkcs11h_openssl_ex_data_dup (
+ 	long argl,
+ 	void *argp
+ ) {
+-#else
++#elif OPENSSL_VERSION_NUMBER < 0x30000000L
+ int
+ __pkcs11h_openssl_ex_data_dup (
+ 	CRYPTO_EX_DATA *to,
+ 	const CRYPTO_EX_DATA *from,
+ 	void *from_d,
++	int idx,
++	long argl,
++	void *argp
++) {
++#else
++int
++__pkcs11h_openssl_ex_data_dup (
++	CRYPTO_EX_DATA *to,
++	const CRYPTO_EX_DATA *from,
++	void **from_d,
+ 	int idx,
+ 	long argl,
+ 	void *argp