Skip site navigation (1)Skip section navigation (2) 
Date:      Tue, 25 Apr 2017 20:32:48 +0000
From:      bugzilla-noreply@freebsd.org
To:        freebsd-ports-bugs@FreeBSD.org
Subject:   [Bug 212149] security/strongswan: Runtime failures with LibreSSL
Message-ID:  <bug-212149-13-WjpxjYhqK0@https.bugs.freebsd.org/bugzilla/>
In-Reply-To: <bug-212149-13@https.bugs.freebsd.org/bugzilla/>
References:  <bug-212149-13@https.bugs.freebsd.org/bugzilla/>
next in thread | previous in thread | raw e-mail | index | archive | help 
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D212149

Bernard Spil <brnrd@freebsd.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
 Attachment #181970|maintainer-approval?        |
              Flags|                            |
 Attachment #181970|0                           |1
        is obsolete|                            |
 Attachment #182090|                            |maintainer-approval?
              Flags|                            |

--- Comment #19 from Bernard Spil <brnrd@freebsd.org> ---
Created attachment 182090
  --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=3D182090&action=
=3Dedit
svn diff for security/strongswan

strongSwan makes a bit of a mess of the OpenSSL includes.

Files checking OPENSSL_VERSION_NUMBER
openssl_crl.c
openssl_diffie_hellman.c
openssl_ec_private_key.c
openssl_ec_public_key.c
openssl_gcm.c
openssl_hmac.c
openssl_pkcs7.c
openssl_plugin.c
openssl_plugin.c.orig
openssl_rsa_private_key.c
openssl_rsa_public_key.c
openssl_sha1_prf.c
openssl_util.c
openssl_x509.c
cp -p=20
Apart from _gcm and _pkcs7 these don't include opensslv.h. Most get
OPENSSL_VERSION_NUMBER defined through
include openssl_util.h=20
   -> <openssl/bn.h>
      -> <openssl/crypto.h>=20
         -> <openssl/opensslv.h>

Files NOT including openssl_util.h get OPENSSL_VERSION_NUMBER defined throu=
gh
openssl_gcm.c -> opensslv.h
openssl_hmac.c NONE
openssl_sha1_prf.c NONE
It is entirely possible that the path is different in OpenSSL.

I've created new files
openssl_compat.h
openssl_compat.c
Modified all files checking OPENSSL_VERSION and not including openssl_util.=
h to
add include openssl_compat.h
Modified openssl_util.h to include openssl_compat.h
Added openssl_compat.h and openssl_compat.c to Makefile.am (and ran automak=
e)

Please find a patch to test attached. I've created an account on strongswan=
.org
but that's pending moderator approval.

Dewayne, Franco, can you test this patch?

--=20
You are receiving this mail because:
You are the assignee for the bug.=

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-212149-13-WjpxjYhqK0>