Date: Tue, 27 Oct 2020 22:08:35 +0000 (UTC) From: Mark Felder <feld@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r553502 - in head/security/titus: . files Message-ID: <202010272208.09RM8Zjd086941@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: feld Date: Tue Oct 27 22:08:35 2020 New Revision: 553502 URL: https://svnweb.freebsd.org/changeset/ports/553502 Log: security/titus: Support OpenSSL 1.1.0+ Backported patch fixes builds on FreeBSD 12 and 13 MFH: 2020Q4 Added: head/security/titus/files/patch-dh.cpp (contents, props changed) head/security/titus/files/patch-rsa__client.cpp (contents, props changed) Modified: head/security/titus/Makefile Modified: head/security/titus/Makefile ============================================================================== --- head/security/titus/Makefile Tue Oct 27 21:41:56 2020 (r553501) +++ head/security/titus/Makefile Tue Oct 27 22:08:35 2020 (r553502) @@ -3,7 +3,7 @@ PORTNAME= titus PORTVERSION= 0.3 -PORTREVISION= 5 +PORTREVISION= 6 CATEGORIES= security MAINTAINER= feld@FreeBSD.org @@ -25,11 +25,6 @@ CFLAGS+= -I${OPENSSLINC} LDFLAGS+= -L${OPENSSLLIB} .include <bsd.port.pre.mk> - -.if ${SSL_DEFAULT} == base -BROKEN_FreeBSD_12= member access into incomplete type 'dh_st' -BROKEN_FreeBSD_13= member access into incomplete type 'dh_st' -.endif post-patch: ${REINPLACE_CMD} 's|/var/lib/titus/empty|/var/empty|' ${WRKSRC}/titus.conf.example Added: head/security/titus/files/patch-dh.cpp ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/security/titus/files/patch-dh.cpp Tue Oct 27 22:08:35 2020 (r553502) @@ -0,0 +1,15 @@ +--- dh.cpp.orig 2015-11-28 22:51:00 UTC ++++ dh.cpp +@@ -148,11 +148,7 @@ openssl_unique_ptr<DH> make_dh (const unsigned char* p + throw Openssl_error(ERR_get_error()); + } + +- if ((dh->p = BN_bin2bn(prime, prime_len, NULL)) == NULL) { +- throw Openssl_error(ERR_get_error()); +- } +- +- if ((dh->g = BN_bin2bn(generator, generator_len, NULL)) == NULL) { ++ if (!DH_set0_pqg(dh.get(), BN_bin2bn(prime, prime_len, NULL), NULL, BN_bin2bn(generator, generator_len, NULL))) { + throw Openssl_error(ERR_get_error()); + } + Added: head/security/titus/files/patch-rsa__client.cpp ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/security/titus/files/patch-rsa__client.cpp Tue Oct 27 22:08:35 2020 (r553502) @@ -0,0 +1,50 @@ +--- rsa_client.cpp.orig 2015-11-28 22:51:00 UTC ++++ rsa_client.cpp +@@ -85,7 +85,7 @@ int Rsa_client::rsa_private_encrypt (int flen, const u + int Rsa_client::rsa_finish (RSA* rsa) + { + delete reinterpret_cast<Rsa_client_data*>(RSA_get_app_data(rsa)); +- if (const auto default_finish = RSA_get_default_method()->finish) { ++ if (const auto default_finish = RSA_meth_get_finish(RSA_get_default_method())) { + return (*default_finish)(rsa); + } else { + return 1; +@@ -94,14 +94,14 @@ int Rsa_client::rsa_finish (RSA* rsa) + + const RSA_METHOD* Rsa_client::get_rsa_method () + { +- static RSA_METHOD ops; +- if (!ops.rsa_priv_enc) { +- ops = *RSA_get_default_method(); +- ops.rsa_priv_enc = rsa_private_encrypt; +- ops.rsa_priv_dec = rsa_private_decrypt; +- ops.finish = rsa_finish; ++ static RSA_METHOD* ops = NULL; ++ if (ops == NULL) { ++ ops = RSA_meth_dup(RSA_get_default_method()); ++ RSA_meth_set_priv_enc(ops, rsa_private_encrypt); ++ RSA_meth_set_priv_dec(ops, rsa_private_decrypt); ++ RSA_meth_set_finish(ops, rsa_finish); + } +- return &ops; ++ return ops; + } + + openssl_unique_ptr<EVP_PKEY> Rsa_client::load_private_key (uintptr_t key_id, RSA* public_rsa) +@@ -111,12 +111,10 @@ openssl_unique_ptr<EVP_PKEY> Rsa_client::load_private_ + throw Openssl_error(ERR_get_error()); + } + +- rsa->n = BN_dup(public_rsa->n); +- if (!rsa->n) { +- throw Openssl_error(ERR_get_error()); +- } +- rsa->e = BN_dup(public_rsa->e); +- if (!rsa->e) { ++ const BIGNUM* n; ++ const BIGNUM* e; ++ RSA_get0_key(public_rsa, &n, &e, NULL); ++ if (!RSA_set0_key(rsa.get(), BN_dup(n), BN_dup(e), NULL)) { + throw Openssl_error(ERR_get_error()); + } +
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202010272208.09RM8Zjd086941>