Skip site navigation (1)Skip section navigation (2) 
Date:      Sun, 27 Jan 2013 09:38:35 GMT
From:      Mathieu Simon <mathieu.sim@gmail.com>
To:        freebsd-gnats-submit@FreeBSD.org
Subject:   ports/175622: OpenSSL port fails to apply PADLOCK patches
Message-ID:  <201301270938.r0R9cZ2u032820@red.freebsd.org>
Resent-Message-ID: <201301270940.r0R9e04E092313@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help 

>Number:         175622
>Category:       ports
>Synopsis:       OpenSSL port fails to apply PADLOCK patches
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-ports-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Sun Jan 27 09:40:00 UTC 2013
>Closed-Date:
>Last-Modified:
>Originator:     Mathieu Simon
>Release:        8.3
>Organization:
>Environment:
i386, likely also amd64
>Description:
pfSense has included OpenSSL from ports and testers reported problems enabling VIA's padlock engine when using OpenVPN. During debugging we discovered the external patches were wrongly named (only numbering).

Fixing this successfull allowed use of OpenVPN with padlock acceleration support with VIA CPUs. Credit for this bugfix should be given to Jim Pingle who did the major mangling.
>How-To-Repeat:
Build OpenSSL and OpenVPN from ports, enable PADLOCK support on OpenSSL and try to launch OpenVPN with PADLOCK support. OpenVPN will crash with errors that it cannot load padlock support.
>Fix:
--- freebsd-ports/security/openssl/distinfo	2013-01-24 10:30:57.980039477 +0100
+++ pfsense-tools/pfPorts/openssl/distinfo	2013-01-26 09:12:49.665637892 +0100
@@ -1,10 +1,10 @@
 SHA256 (openssl-1.0.1c/openssl-1.0.1c.tar.gz) = 2a9eb3cd4e8b114eb9179c0d3884d61658e7d8e8bf4984798a5f5bd48e325ebe
 SIZE (openssl-1.0.1c/openssl-1.0.1c.tar.gz) = 4457113
-SHA256 (openssl-1.0.1c/0001-crypto-hmac-support-EVP_MD_CTX_FLAG_ONESHOT-and-set-.patch) = 7f40edec04115e97ae2c64e77d3324f6083963200add148f9a4dec090c60550b
-SIZE (openssl-1.0.1c/0001-crypto-hmac-support-EVP_MD_CTX_FLAG_ONESHOT-and-set-.patch) = 3089
-SHA256 (openssl-1.0.1c/0003-engines-e_padlock-backport-cvs-head-changes.patch) = cc5e464d7bf8e181bb454de65772366ed90ee91716ecbadaaf2dfda2e080fdc2
-SIZE (openssl-1.0.1c/0003-engines-e_padlock-backport-cvs-head-changes.patch) = 5897
-SHA256 (openssl-1.0.1c/0004-engines-e_padlock-implement-sha1-sha224-sha256-accel.patch) = bff8308f6652c8ddade1dd3261e5519fa3aa1660bea3474fc9996a53382a26b5
-SIZE (openssl-1.0.1c/0004-engines-e_padlock-implement-sha1-sha224-sha256-accel.patch) = 20552
-SHA256 (openssl-1.0.1c/0005-crypto-engine-autoload-padlock-dynamic-engine.patch) = f2d6bffae2fe5fcf76c7b9f6299893846a7730cadf70ab91bc94ee0578d0ba8d
-SIZE (openssl-1.0.1c/0005-crypto-engine-autoload-padlock-dynamic-engine.patch) = 794
+SHA256 (openssl-1.0.1c/0001-crypto-hmac-support-EVP_MD_CTX_FLAG_ONESHOT-and-set-.patch) = 18dd81fefb39b3328a444774ed10871ed50348ca171d2da9f826f916127b2dae
+SIZE (openssl-1.0.1c/0001-crypto-hmac-support-EVP_MD_CTX_FLAG_ONESHOT-and-set-.patch) = 3512
+SHA256 (openssl-1.0.1c/0002-engines-e_padlock-backport-cvs-head-changes.patch) = 39c31c2e33cded09543a2d1fd2e3238e9d11c672ba71a14d13095baad3ec9696
+SIZE (openssl-1.0.1c/0002-engines-e_padlock-backport-cvs-head-changes.patch) = 5867
+SHA256 (openssl-1.0.1c/0003-engines-e_padlock-implement-sha1-sha224-sha256-accel.patch) = e59f86fb779d327479fa97506c6d0d2df44b97f8182b45ca2eefebe9bef44b8d
+SIZE (openssl-1.0.1c/0003-engines-e_padlock-implement-sha1-sha224-sha256-accel.patch) = 20593
+SHA256 (openssl-1.0.1c/0004-crypto-engine-autoload-padlock-dynamic-engine.patch) = 157ec6d17add25b96956abc7c44259c91eebe8a6c1026cdb976b895bf42ec56f
+SIZE (openssl-1.0.1c/0004-crypto-engine-autoload-padlock-dynamic-engine.patch) = 777
diff -rupN freebsd-ports/security/openssl/Makefile pfsense-tools/pfPorts/openssl/Makefile
--- freebsd-ports/security/openssl/Makefile	2013-01-27 10:30:34.396881391 +0100
+++ pfsense-tools/pfPorts/openssl/Makefile	2013-01-26 09:12:49.665637892 +0100
@@ -1110,9 +1114,9 @@ PLIST_SUB+=	WITH_RC5="@comment "
 PATCH_DIST_STRIP=	-p1
 PATCH_SITES+=	http://git.alpinelinux.org/cgit/aports/plain/main/openssl/:padlock
 PATCHFILES+=	0001-crypto-hmac-support-EVP_MD_CTX_FLAG_ONESHOT-and-set-.patch:padlock \
-		0003-engines-e_padlock-backport-cvs-head-changes.patch:padlock \
-		0004-engines-e_padlock-implement-sha1-sha224-sha256-accel.patch:padlock \
-		0005-crypto-engine-autoload-padlock-dynamic-engine.patch:padlock
+		0002-engines-e_padlock-backport-cvs-head-changes.patch:padlock \
+		0003-engines-e_padlock-implement-sha1-sha224-sha256-accel.patch:padlock \
+		0004-crypto-engine-autoload-padlock-dynamic-engine.patch:padlock
 .endif
 
 .if ${PORT_OPTIONS:MGMP}


>Release-Note:
>Audit-Trail:
>Unformatted:

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201301270938.r0R9cZ2u032820>