Date: Sun, 11 Sep 2016 17:05:34 +0000 (UTC) From: John Marino <marino@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r421843 - in head/security/wpa_supplicant: . files Message-ID: <201609111705.u8BH5YxK079370@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: marino Date: Sun Sep 11 17:05:34 2016 New Revision: 421843 URL: https://svnweb.freebsd.org/changeset/ports/421843 Log: security/wpa_supplicant: Add support for LibreSSL Added: head/security/wpa_supplicant/files/patch-src_crypto_tls__openssl.c (contents, props changed) Modified: head/security/wpa_supplicant/Makefile Modified: head/security/wpa_supplicant/Makefile ============================================================================== --- head/security/wpa_supplicant/Makefile Sun Sep 11 16:55:08 2016 (r421842) +++ head/security/wpa_supplicant/Makefile Sun Sep 11 17:05:34 2016 (r421843) @@ -9,12 +9,12 @@ MASTER_SITES= http://w1.fi/releases/ MAINTAINER= marino@FreeBSD.org COMMENT= Supplicant (client) for WPA/802.1x protocols -USES= cpe gmake readline -USE_OPENSSL= yes +USES= cpe gmake readline ssl BUILD_WRKSRC= ${WRKSRC}/wpa_supplicant INSTALL_WRKSRC= ${WRKSRC}/src CFLAGS+= ${CPPFLAGS} # USES=readline only augments CPPFLAGS and LDFLAGS -LDFLAGS+= -lutil +CFLAGS+= -I${OPENSSLINC} +LDFLAGS+= -L${OPENSSLLIB} -lutil SUB_FILES= pkg-message PORTDOCS= README ChangeLog Added: head/security/wpa_supplicant/files/patch-src_crypto_tls__openssl.c ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/security/wpa_supplicant/files/patch-src_crypto_tls__openssl.c Sun Sep 11 17:05:34 2016 (r421843) @@ -0,0 +1,67 @@ +Compatibility fixes for LibreSSL + +--- src/crypto/tls_openssl.c.orig 2015-09-27 19:02:05 UTC ++++ src/crypto/tls_openssl.c +@@ -2229,7 +2229,7 @@ static int tls_parse_pkcs12(struct tls_d + } + + if (certs) { +-#if OPENSSL_VERSION_NUMBER >= 0x10002000L ++#if OPENSSL_VERSION_NUMBER >= 0x10002000L && !defined(LIBRESSL_VERSION_NUMBER) + SSL_clear_chain_certs(ssl); + while ((cert = sk_X509_pop(certs)) != NULL) { + X509_NAME_oneline(X509_get_subject_name(cert), buf, +@@ -2247,7 +2247,7 @@ static int tls_parse_pkcs12(struct tls_d + /* Try to continue anyway */ + } + sk_X509_free(certs); +-#ifndef OPENSSL_IS_BORINGSSL ++#if !defined(OPENSSL_IS_BORINGSSL) && !defined(LIBRESSL_VERSION_NUMBER) + res = SSL_build_cert_chain(ssl, + SSL_BUILD_CHAIN_FLAG_CHECK | + SSL_BUILD_CHAIN_FLAG_IGNORE_ERROR); +@@ -2812,7 +2812,7 @@ int tls_connection_get_random(void *ssl_ + if (conn == NULL || keys == NULL) + return -1; + ssl = conn->ssl; +-#if OPENSSL_VERSION_NUMBER < 0x10100000L ++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) + if (ssl == NULL || ssl->s3 == NULL || ssl->session == NULL) + return -1; + +@@ -2841,7 +2841,7 @@ int tls_connection_get_random(void *ssl_ + #ifndef CONFIG_FIPS + static int openssl_get_keyblock_size(SSL *ssl) + { +-#if OPENSSL_VERSION_NUMBER < 0x10100000L ++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) + const EVP_CIPHER *c; + const EVP_MD *h; + int md_size; +@@ -2911,7 +2911,7 @@ static int openssl_tls_prf(struct tls_co + "mode"); + return -1; + #else /* CONFIG_FIPS */ +-#if OPENSSL_VERSION_NUMBER < 0x10100000L ++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) + SSL *ssl; + u8 *rnd; + int ret = -1; +@@ -3394,7 +3394,7 @@ int tls_connection_set_cipher_list(void + + wpa_printf(MSG_DEBUG, "OpenSSL: cipher suites: %s", buf + 1); + +-#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) + #if defined(EAP_FAST) || defined(EAP_FAST_DYNAMIC) || defined(EAP_SERVER_FAST) + if (os_strstr(buf, ":ADH-")) { + /* +@@ -3977,7 +3977,7 @@ static int tls_sess_sec_cb(SSL *s, void + struct tls_connection *conn = arg; + int ret; + +-#if OPENSSL_VERSION_NUMBER < 0x10100000L ++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) + if (conn == NULL || conn->session_ticket_cb == NULL) + return 0; +
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201609111705.u8BH5YxK079370>