From owner-svn-ports-head@FreeBSD.ORG Thu Mar 26 00:39:36 2015 Return-Path: Delivered-To: svn-ports-head@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id ABA0D992; Thu, 26 Mar 2015 00:39:36 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 94FBFC34; Thu, 26 Mar 2015 00:39:36 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.9/8.14.9) with ESMTP id t2Q0daUf008341; Thu, 26 Mar 2015 00:39:36 GMT (envelope-from mi@FreeBSD.org) Received: (from mi@localhost) by svn.freebsd.org (8.14.9/8.14.9/Submit) id t2Q0dZUL008336; Thu, 26 Mar 2015 00:39:35 GMT (envelope-from mi@FreeBSD.org) Message-Id: <201503260039.t2Q0dZUL008336@svn.freebsd.org> X-Authentication-Warning: svn.freebsd.org: mi set sender to mi@FreeBSD.org using -f From: Mikhail Teterin Date: Thu, 26 Mar 2015 00:39:35 +0000 (UTC) To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r382282 - in head/devel/tcltls: . files X-SVN-Group: ports-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-ports-head@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: SVN commit messages for the ports tree for head List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 26 Mar 2015 00:39:36 -0000 Author: mi Date: Thu Mar 26 00:39:34 2015 New Revision: 382282 URL: https://svnweb.freebsd.org/changeset/ports/382282 QAT: https://qat.redports.org/buildarchive/r382282/ Log: Add a patch (submitted upstream), which turns off attempts to use TLS1.1 and 1.2 if the protocols aren't available at compile-time. Otherwise the software attempts to use them at run-time and fails. Fix-up the tests. Disable regression-test until I figure out, why it hangs here... Added: head/devel/tcltls/files/patch-protocols (contents, props changed) Modified: head/devel/tcltls/Makefile head/devel/tcltls/files/patch-warnings Modified: head/devel/tcltls/Makefile ============================================================================== --- head/devel/tcltls/Makefile Thu Mar 26 00:28:04 2015 (r382281) +++ head/devel/tcltls/Makefile Thu Mar 26 00:39:34 2015 (r382282) @@ -36,7 +36,7 @@ PORTDOCS= * post-patch: ${REINPLACE_CMD} -e \ - 's,package require tls.*,load ${WRKSRC}/lib${TCLPKG}.so;\ + 's,package require tls.*,load ${WRKSRC}/libtls.so.1;\ source ${WRKSRC}/tls.tcl,' \ ${WRKSRC}/tests/*.test # The tests in ciphers.test are meaningless so far: @@ -48,7 +48,7 @@ post-install: ${INSTALL_DATA} ${WRKSRC}/tls.htm ${STAGEDIR}${DOCSDIR} .endif -regression-test: +xregression-test test check: build cd ${WRKSRC}/tests && ${SETENV} TCL_LIBRARY="${WRKSRC}" \ tclsh${TCL_VER} all.tcl Added: head/devel/tcltls/files/patch-protocols ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/devel/tcltls/files/patch-protocols Thu Mar 26 00:39:34 2015 (r382282) @@ -0,0 +1,130 @@ +--- tls.c 2014-12-08 14:10:28.000000000 -0500 ++++ tls.c 2015-03-25 19:37:53.000000000 -0400 +@@ -64,6 +64,6 @@ + Tcl_Interp *interp, int objc, Tcl_Obj *CONST objv[])); + +-static SSL_CTX *CTX_Init _ANSI_ARGS_((State *statePtr, int proto, char *key, +- char *cert, char *CAdir, char *CAfile, char *ciphers)); ++static SSL_CTX *CTX_Init _ANSI_ARGS_((State *statePtr, int proto, const char *key, ++ const char *cert, const char *CAdir, const char *CAfile, const char *ciphers)); + + static int TlsLibInit _ANSI_ARGS_ (()) ; +@@ -538,5 +538,5 @@ + case TLS_SSL2: + #if defined(NO_SSL2) +- Tcl_AppendResult(interp, "protocol not supported", NULL); ++ Tcl_AppendResult(interp, protocols[index], ": protocol not supported", NULL); + return TCL_ERROR; + #else +@@ -545,5 +545,5 @@ + case TLS_SSL3: + #if defined(NO_SSL3) +- Tcl_AppendResult(interp, "protocol not supported", NULL); ++ Tcl_AppendResult(interp, protocols[index], ": protocol not supported", NULL); + return TCL_ERROR; + #else +@@ -552,5 +552,5 @@ + case TLS_TLS1: + #if defined(NO_TLS1) +- Tcl_AppendResult(interp, "protocol not supported", NULL); ++ Tcl_AppendResult(interp, protocols[index], ": protocol not supported", NULL); + return TCL_ERROR; + #else +@@ -559,5 +559,5 @@ + case TLS_TLS1_1: + #if defined(NO_TLS1_1) +- Tcl_AppendResult(interp, "protocol not supported", NULL); ++ Tcl_AppendResult(interp, protocols[index], ": protocol not supported", NULL); + return TCL_ERROR; + #else +@@ -566,5 +566,5 @@ + case TLS_TLS1_2: + #if defined(NO_TLS1_2) +- Tcl_AppendResult(interp, "protocol not supported", NULL); ++ Tcl_AppendResult(interp, protocols[index], ": protocol not supported", NULL); + return TCL_ERROR; + #else +@@ -575,10 +575,10 @@ + } + if (ctx == NULL) { +- Tcl_AppendResult(interp, REASON(), (char *) NULL); ++ Tcl_AppendResult(interp, REASON(), NULL); + return TCL_ERROR; + } + ssl = SSL_new(ctx); + if (ssl == NULL) { +- Tcl_AppendResult(interp, REASON(), (char *) NULL); ++ Tcl_AppendResult(interp, REASON(), NULL); + SSL_CTX_free(ctx); + return TCL_ERROR; +@@ -747,6 +747,18 @@ + #endif + int tls1 = 1; +- int tls1_1 = 1; +- int tls1_2 = 1; ++ int tls1_1 = ++#if defined(NO_TLS1_1) ++ 0 ++#else ++ 1 ++#endif ++ ; ++ int tls1_2 = ++#if defined(NO_TLS1_2) ++ 0 ++#else ++ 1 ++#endif ++ ; + int proto = 0; + int verify = 0, require = 0, request = 1; +@@ -1029,9 +1029,9 @@ + State *statePtr; + int proto; +- char *key; +- char *cert; +- char *CAdir; +- char *CAfile; +- char *ciphers; ++ const char *key; ++ const char *cert; ++ const char *CAdir; ++ const char *CAfile; ++ const char *ciphers; + { + Tcl_Interp *interp = statePtr->interp; +@@ -1050,5 +1050,5 @@ + #if defined(NO_SSL2) + if (ENABLED(proto, TLS_PROTO_SSL2)) { +- Tcl_AppendResult(interp, "protocol not supported", NULL); ++ Tcl_AppendResult(interp, "protocol SSL2 not supported", NULL); + return (SSL_CTX *)0; + } +@@ -1056,5 +1056,5 @@ + #if defined(NO_SSL3) + if (ENABLED(proto, TLS_PROTO_SSL3)) { +- Tcl_AppendResult(interp, "protocol not supported", NULL); ++ Tcl_AppendResult(interp, "protocol SSL3 not supported", NULL); + return (SSL_CTX *)0; + } +@@ -1062,5 +1062,5 @@ + #if defined(NO_TLS1) + if (ENABLED(proto, TLS_PROTO_TLS1)) { +- Tcl_AppendResult(interp, "protocol not supported", NULL); ++ Tcl_AppendResult(interp, "protocol TLS1 not supported", NULL); + return (SSL_CTX *)0; + } +@@ -1068,5 +1068,5 @@ + #if defined(NO_TLS1_1) + if (ENABLED(proto, TLS_PROTO_TLS1_1)) { +- Tcl_AppendResult(interp, "protocol not supported", NULL); ++ Tcl_AppendResult(interp, "protocol TLS1.1 not supported", NULL); + return (SSL_CTX *)0; + } +@@ -1074,5 +1074,5 @@ + #if defined(NO_TLS1_2) + if (ENABLED(proto, TLS_PROTO_TLS1_2)) { +- Tcl_AppendResult(interp, "protocol not supported", NULL); ++ Tcl_AppendResult(interp, "protocol TLS1.2 not supported", NULL); + return (SSL_CTX *)0; + } Modified: head/devel/tcltls/files/patch-warnings ============================================================================== --- head/devel/tcltls/files/patch-warnings Thu Mar 26 00:28:04 2015 (r382281) +++ head/devel/tcltls/files/patch-warnings Thu Mar 26 00:39:34 2015 (r382282) @@ -91,9 +91,16 @@ }; enum protocol { - TLS_SSL2, TLS_SSL3, TLS_TLS1, TLS_TLS1_1, TLS_TLS1_2, TLS_NONE -+ TLS_SSL2, TLS_SSL3, TLS_TLS1, TLS_TLS1_1, TLS_TLS1_2, ++ TLS_SSL2, TLS_SSL3, TLS_TLS1, TLS_TLS1_1, TLS_TLS1_2 }; Tcl_Obj *objPtr; +@@ -1040,5 +1040,5 @@ + Tcl_DString ds1; + int off = 0; +- const SSL_METHOD *method; ++ SSL_METHOD *method; + + if (!proto) { @@ -1361,5 +1361,5 @@ { static CONST84 char *commands [] = { "req", NULL };