- Unbreak the build against modern versions of OpenSSL

- While at it, provide more elaborate port description
svn path=/head/; revision=548056
2020-09-09 03:00:49 +00:00 · 2020-09-09 03:00:49 +00:00 · 52eaff34c3 · 2021-03-31 03:12:20 +00:00
commit 52eaff34c3
parent 4698676f51
6 changed files with 244 additions and 9 deletions
--- a/mail/libdkim/Makefile
+++ b/mail/libdkim/Makefile
@ -19,16 +19,11 @@ PLIST_SUB=	SHLIB_MAJOR="${SHLIB_MAJOR}"

 WRKSRC=		${WRKDIR}/${PORTNAME}/src

-.include <bsd.port.pre.mk>
-
-.if ${SSL_DEFAULT} == base
-BROKEN_FreeBSD_12=	field has incomplete type 'EVP_MD_CTX' (aka 'evp_md_ctx_st')
-BROKEN_FreeBSD_13=	field has incomplete type 'EVP_MD_CTX' (aka 'evp_md_ctx_st')
-.endif
-
 post-patch:
 	${MV} ${WRKSRC}/Makefile ${WRKSRC}/Makefile.prev
 	@${SED} -e "s=%%SHLIB_MAJOR%%=${SHLIB_MAJOR}=g" \
 		${FILESDIR}/Makefile > ${WRKSRC}/Makefile

-.include <bsd.port.post.mk>
+.include <bsd.port.mk>
+
+PATCH_ARGS+=	-l
--- a/mail/libdkim/files/patch-dkimsign.cpp
+++ b/mail/libdkim/files/patch-dkimsign.cpp
@ -0,0 +1,119 @@
+--- dkimsign.cpp.orig	2020-09-09 02:13:04 UTC
+++ dkimsign.cpp
+@@ -40,21 +40,27 @@ CDKIMSign::CDKIMSign()
+ {
+ 	m_EmptyLineCount = 0;
+ 	m_pfnHdrCallback = NULL;
+
+	m_allman_sha1ctx = EVP_MD_CTX_create();
+	m_Hdr_ietf_sha1ctx = EVP_MD_CTX_create();
+	m_Hdr_ietf_sha256ctx = EVP_MD_CTX_create();
+	m_Bdy_ietf_sha1ctx = EVP_MD_CTX_create();
+	m_Bdy_ietf_sha256ctx = EVP_MD_CTX_create();
+ 
+-	EVP_SignInit( &m_allman_sha1ctx, EVP_sha1() );
+-	EVP_SignInit( &m_Hdr_ietf_sha1ctx, EVP_sha1() );
+-	EVP_SignInit( &m_Hdr_ietf_sha256ctx, EVP_sha256() );
+-	EVP_DigestInit( &m_Bdy_ietf_sha1ctx, EVP_sha1() );
+-	EVP_DigestInit( &m_Bdy_ietf_sha256ctx, EVP_sha256() );
+	EVP_SignInit( m_allman_sha1ctx, EVP_sha1() );
+	EVP_SignInit( m_Hdr_ietf_sha1ctx, EVP_sha1() );
+	EVP_SignInit( m_Hdr_ietf_sha256ctx, EVP_sha256() );
+	EVP_DigestInit( m_Bdy_ietf_sha1ctx, EVP_sha1() );
+	EVP_DigestInit( m_Bdy_ietf_sha256ctx, EVP_sha256() );
+ }
+ 
+ CDKIMSign::~CDKIMSign()
+ {
+-	EVP_MD_CTX_cleanup( &m_allman_sha1ctx );
+-	EVP_MD_CTX_cleanup( &m_Hdr_ietf_sha1ctx );
+-	EVP_MD_CTX_cleanup( &m_Hdr_ietf_sha256ctx );
+-	EVP_MD_CTX_cleanup( &m_Bdy_ietf_sha1ctx );
+-	EVP_MD_CTX_cleanup( &m_Bdy_ietf_sha256ctx );
+	EVP_MD_CTX_destroy( m_allman_sha1ctx );
+	EVP_MD_CTX_destroy( m_Hdr_ietf_sha1ctx );
+	EVP_MD_CTX_destroy( m_Hdr_ietf_sha256ctx );
+	EVP_MD_CTX_destroy( m_Bdy_ietf_sha1ctx );
+	EVP_MD_CTX_destroy( m_Bdy_ietf_sha256ctx );
+ }
+ 
+ ////////////////////////////////////////////////////////////////////////////////
+@@ -150,34 +156,34 @@ void CDKIMSign::Hash( const char* szBuffer, int nBufLe
+ 	{
+ 		if( m_nIncludeBodyHash & DKIM_BODYHASH_ALLMAN_1 )
+ 		{
+-			EVP_SignUpdate( &m_allman_sha1ctx, szBuffer, nBufLength );
+			EVP_SignUpdate( m_allman_sha1ctx, szBuffer, nBufLength );
+ 		}
+ 	}
+ 	else
+ 	{
+ 		if( m_nIncludeBodyHash < DKIM_BODYHASH_IETF_1 )
+ 		{
+-			EVP_SignUpdate( &m_allman_sha1ctx, szBuffer, nBufLength );
+			EVP_SignUpdate( m_allman_sha1ctx, szBuffer, nBufLength );
+ 		}
+ 		else if( m_nIncludeBodyHash & DKIM_BODYHASH_IETF_1 )
+ 		{
+ 			if( m_nIncludeBodyHash & DKIM_BODYHASH_ALLMAN_1 )
+ 			{
+-				EVP_SignUpdate( &m_allman_sha1ctx, szBuffer, nBufLength );
+				EVP_SignUpdate( m_allman_sha1ctx, szBuffer, nBufLength );
+ 			}
+ 			if( m_nHash & DKIM_HASH_SHA256 )
+ 			{
+ 				if( bHdr )
+-					EVP_SignUpdate( &m_Hdr_ietf_sha256ctx, szBuffer, nBufLength );
+					EVP_SignUpdate( m_Hdr_ietf_sha256ctx, szBuffer, nBufLength );
+ 				else
+-					EVP_DigestUpdate( &m_Bdy_ietf_sha256ctx, szBuffer, nBufLength );
+					EVP_DigestUpdate( m_Bdy_ietf_sha256ctx, szBuffer, nBufLength );
+ 			}
+ 			if( m_nHash != DKIM_HASH_SHA256 )
+ 			{
+ 				if( bHdr )
+-					EVP_SignUpdate( &m_Hdr_ietf_sha1ctx, szBuffer, nBufLength );
+					EVP_SignUpdate( m_Hdr_ietf_sha1ctx, szBuffer, nBufLength );
+ 				else
+-					EVP_DigestUpdate( &m_Bdy_ietf_sha1ctx, szBuffer, nBufLength );
+					EVP_DigestUpdate( m_Bdy_ietf_sha1ctx, szBuffer, nBufLength );
+ 			}
+ 		}
+ 	}
+@@ -865,7 +871,7 @@ int CDKIMSign::ConstructSignature( char* szPrivKey, bo
+ 		unsigned char Hash[EVP_MAX_MD_SIZE];
+ 		unsigned int nHashLen = 0;
+ 
+-		EVP_DigestFinal( bUseSha256 ? &m_Bdy_ietf_sha256ctx : &m_Bdy_ietf_sha1ctx, Hash, &nHashLen );
+		EVP_DigestFinal( bUseSha256 ? m_Bdy_ietf_sha256ctx : m_Bdy_ietf_sha1ctx, Hash, &nHashLen );
+ 
+ 		bio = BIO_new(BIO_s_mem());
+ 		if (!bio) {
+@@ -936,11 +942,11 @@ int CDKIMSign::ConstructSignature( char* szPrivKey, bo
+ 
+ 	if( bUseIetfBodyHash )
+ 	{
+-		EVP_SignUpdate( bUseSha256 ? &m_Hdr_ietf_sha256ctx : &m_Hdr_ietf_sha1ctx, sTemp.c_str(), sTemp.size() );
+		EVP_SignUpdate( bUseSha256 ? m_Hdr_ietf_sha256ctx : m_Hdr_ietf_sha1ctx, sTemp.c_str(), sTemp.size() );
+ 	}
+ 	else
+ 	{
+-		EVP_SignUpdate( &m_allman_sha1ctx, sTemp.c_str(), sTemp.size() );
+		EVP_SignUpdate( m_allman_sha1ctx, sTemp.c_str(), sTemp.size() );
+ 	}
+  
+ 	bio = BIO_new_mem_buf(szPrivKey, -1);
+@@ -967,11 +973,11 @@ int CDKIMSign::ConstructSignature( char* szPrivKey, bo
+ 	
+ 	if( bUseIetfBodyHash )
+ 	{
+-		nSignRet = EVP_SignFinal( bUseSha256 ? &m_Hdr_ietf_sha256ctx : &m_Hdr_ietf_sha1ctx, sig, &siglen, pkey);
+		nSignRet = EVP_SignFinal( bUseSha256 ? m_Hdr_ietf_sha256ctx : m_Hdr_ietf_sha1ctx, sig, &siglen, pkey);
+ 	}
+ 	else
+ 	{
+-		nSignRet = EVP_SignFinal( &m_allman_sha1ctx, sig, &siglen, pkey);
+		nSignRet = EVP_SignFinal( m_allman_sha1ctx, sig, &siglen, pkey);
+ 	}
+ 
+     EVP_PKEY_free(pkey);
--- a/mail/libdkim/files/patch-dkimsign.h
+++ b/mail/libdkim/files/patch-dkimsign.h
@ -0,0 +1,21 @@
+--- dkimsign.h.orig	2008-05-12 03:07:58 UTC
+++ dkimsign.h
+@@ -60,13 +60,13 @@ class CDKIMSign : public CDKIMBase (protected)
+ 
+ 	int AssembleReturnedSig( char* szPrivKey );
+ 
+-	EVP_MD_CTX m_Hdr_ietf_sha1ctx;		/* the header hash for ietf sha1  */
+-	EVP_MD_CTX m_Hdr_ietf_sha256ctx;	/* the header hash for ietf sha256 */
+	EVP_MD_CTX *m_Hdr_ietf_sha1ctx;		/* the header hash for ietf sha1  */
+	EVP_MD_CTX *m_Hdr_ietf_sha256ctx;	/* the header hash for ietf sha256 */
+ 
+-	EVP_MD_CTX m_Bdy_ietf_sha1ctx;		/* the body hash for ietf sha1  */
+-	EVP_MD_CTX m_Bdy_ietf_sha256ctx;	/* the body hash for ietf sha256 */
+	EVP_MD_CTX *m_Bdy_ietf_sha1ctx;		/* the body hash for ietf sha1  */
+	EVP_MD_CTX *m_Bdy_ietf_sha256ctx;	/* the body hash for ietf sha256 */
+ 
+-	EVP_MD_CTX m_allman_sha1ctx;		/* the hash for allman sha1  */
+	EVP_MD_CTX *m_allman_sha1ctx;		/* the hash for allman sha1  */
+ 
+ 	int m_Canon;				// canonization method
+ 
--- a/mail/libdkim/files/patch-dkimverify.cpp
+++ b/mail/libdkim/files/patch-dkimverify.cpp
@ -0,0 +1,85 @@
+--- dkimverify.cpp.orig	2020-09-09 02:39:20 UTC
+++ dkimverify.cpp
+@@ -43,8 +43,10 @@ SignatureInfo::SignatureInfo(bool s)
+ {
+ 	VerifiedBodyCount = 0;
+ 	UnverifiedBodyCount = 0;
+-	EVP_MD_CTX_init( &m_Hdr_ctx );
+-	EVP_MD_CTX_init( &m_Bdy_ctx );
+	m_Hdr_ctx = EVP_MD_CTX_create();
+	m_Bdy_ctx = EVP_MD_CTX_create();
+	EVP_MD_CTX_init( m_Hdr_ctx );
+	EVP_MD_CTX_init( m_Bdy_ctx );
+ 	m_pSelector = NULL;
+ 	Status = DKIM_SUCCESS;
+ 	m_nHash = 0;
+@@ -54,8 +56,8 @@ SignatureInfo::SignatureInfo(bool s)
+ 
+ SignatureInfo::~SignatureInfo()
+ {
+-	EVP_MD_CTX_cleanup( &m_Hdr_ctx );
+-	EVP_MD_CTX_cleanup( &m_Bdy_ctx );
+	EVP_MD_CTX_destroy( m_Hdr_ctx );
+	EVP_MD_CTX_destroy( m_Bdy_ctx );
+ }
+ 
+ 
+@@ -459,7 +461,7 @@ int CDKIMVerify::GetResults(void)
+ 				unsigned char md[EVP_MAX_MD_SIZE];
+ 				unsigned len = 0;
+ 
+-				int res = EVP_DigestFinal( &i->m_Bdy_ctx, md, &len);
+				int res = EVP_DigestFinal( i->m_Bdy_ctx, md, &len);
+ 
+ 				if (!res || len != i->BodyHashData.length() || memcmp(i->BodyHashData.data(), md, len) != 0)
+ 				{
+@@ -515,7 +517,7 @@ int CDKIMVerify::GetResults(void)
+ 
+ 			assert( i->m_pSelector != NULL );
+ 
+-			int res = EVP_VerifyFinal( &i->m_Hdr_ctx, (unsigned char *) i->SignatureData.data(), i->SignatureData.length(), i->m_pSelector->PublicKey);
+			int res = EVP_VerifyFinal( i->m_Hdr_ctx, (unsigned char *) i->SignatureData.data(), i->SignatureData.length(), i->m_pSelector->PublicKey);
+ 
+ 			if (res == 1)
+ 			{
+@@ -658,11 +660,11 @@ void SignatureInfo::Hash( const char* szBuffer, unsign
+ 
+ 	if (IsBody && !BodyHashData.empty())
+ 	{
+-		EVP_DigestUpdate( &m_Bdy_ctx, szBuffer, nBufLength );
+		EVP_DigestUpdate( m_Bdy_ctx, szBuffer, nBufLength );
+ 	}
+ 	else
+ 	{
+-		EVP_VerifyUpdate( &m_Hdr_ctx, szBuffer, nBufLength );
+		EVP_VerifyUpdate( m_Hdr_ctx, szBuffer, nBufLength );
+ 	}
+ 
+ 	if (m_SaveCanonicalizedData)
+@@ -741,13 +743,13 @@ int CDKIMVerify::ProcessHeaders(void)
+ 		// initialize the hashes
+ 		if (sig.m_nHash == DKIM_HASH_SHA256)
+ 		{
+-			EVP_VerifyInit( &sig.m_Hdr_ctx, EVP_sha256() );
+-			EVP_DigestInit( &sig.m_Bdy_ctx, EVP_sha256() );
+			EVP_VerifyInit( sig.m_Hdr_ctx, EVP_sha256() );
+			EVP_DigestInit( sig.m_Bdy_ctx, EVP_sha256() );
+ 		}
+ 		else
+ 		{
+-			EVP_VerifyInit( &sig.m_Hdr_ctx, EVP_sha1() );
+-			EVP_DigestInit( &sig.m_Bdy_ctx, EVP_sha1() );
+			EVP_VerifyInit( sig.m_Hdr_ctx, EVP_sha1() );
+			EVP_DigestInit( sig.m_Bdy_ctx, EVP_sha1() );
+ 		}
+ 
+ 		// compute the hash of the header
+@@ -1337,7 +1339,7 @@ int SelectorInfo::Parse( char* Buffer )
+ 			return DKIM_SELECTOR_PUBLIC_KEY_INVALID;
+ 
+ 		// make sure public key is the correct type (we only support rsa)
+-		if (pkey->type == EVP_PKEY_RSA || pkey->type == EVP_PKEY_RSA2)
+		if (EVP_PKEY_id(pkey) == EVP_PKEY_RSA || EVP_PKEY_id(pkey) == EVP_PKEY_RSA2)
+ 		{
+ 			PublicKey = pkey;
+ 		}
--- a/mail/libdkim/files/patch-dkimverify.h
+++ b/mail/libdkim/files/patch-dkimverify.h
@ -0,0 +1,13 @@
+--- dkimverify.h.orig	2008-09-15 00:22:00 UTC
+++ dkimverify.h
+@@ -83,8 +83,8 @@ class SignatureInfo (public)
+ 	unsigned VerifiedBodyCount;
+ 	unsigned UnverifiedBodyCount;
+ 
+-	EVP_MD_CTX m_Hdr_ctx;
+-	EVP_MD_CTX m_Bdy_ctx;
+	EVP_MD_CTX *m_Hdr_ctx;
+	EVP_MD_CTX *m_Bdy_ctx;
+ 	SelectorInfo *m_pSelector;
+ 
+ 	int Status;
--- a/mail/libdkim/pkg-descr
+++ b/mail/libdkim/pkg-descr
@ -1,3 +1,5 @@
-This library implements DKIM (DomainKeys Identified Mail).
+This is a C++ library which allows incorporating DKIM into existing MTA
+or other application.  It provides full support for signing, verifying,
+and SSP.  It is compliant with RFC 4871.

 WWW: http://dkim.org/