cpet/openbsd-ports
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Start to enable features that LibreSSL is supporting now. My pull

Browse Source 
requests are at github, commit it now to test it with ports.
Patches OK jsing@ tb@
This commit is contained in:
bluhm 2018-11-07 01:55:42 +00:00
parent a90fcb4a2e
commit 29c09a083e
3 changed files with 52 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
security/p5-Net_SSLeay/Makefile
View File

@ -1,9 +1,9 @@
# $OpenBSD: Makefile,v 1.70 2018/10/23 19:42:47 bluhm Exp $
# $OpenBSD: Makefile,v 1.71 2018/11/07 01:55:42 bluhm Exp $
COMMENT = perl module for using OpenSSL
DISTNAME = Net-SSLeay-1.85
REVISION = 0
REVISION = 1
CATEGORIES = security

46
security/p5-Net_SSLeay/patches/patch-SSLeay_xs
View File

@ -1,8 +1,52 @@
$OpenBSD: patch-SSLeay_xs,v 1.14 2018/10/23 19:42:47 bluhm Exp $
$OpenBSD: patch-SSLeay_xs,v 1.15 2018/11/07 01:55:42 bluhm Exp $
https://github.com/radiator-software/p5-net-ssleay/pull/96
https://github.com/radiator-software/p5-net-ssleay/pull/95
https://github.com/radiator-software/p5-net-ssleay/pull/94
Index: SSLeay.xs
--- SSLeay.xs.orig
+++ SSLeay.xs
@@ -2766,7 +2766,7 @@ RAND_write_file(file_name)
#define REM40 "Minimal X509 stuff..., this is a bit ugly and should be put in its own modules Net::SSLeay::X509.pm"
-#if OPENSSL_VERSION_NUMBER >= 0x1000200fL && !defined(LIBRESSL_VERSION_NUMBER)
+#if OPENSSL_VERSION_NUMBER >= 0x1000200fL
int
X509_check_host(X509 *cert, const char *name, unsigned int flags = 0, SV *peername = &PL_sv_undef)
@@ -4366,7 +4366,7 @@ TLSv1_2_client_method()
#endif
-#if (OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)) || (LIBRESSL_VERSION_NUMBER >= 0x20020002L)
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
const SSL_METHOD *
TLS_method()
@@ -4377,10 +4377,10 @@ TLS_server_method()
const SSL_METHOD *
TLS_client_method()
-#endif /* OpenSSL 1.1.0 or LibreSSL 2.2.2 */
+#endif /* OpenSSL 1.1.0 */
-#if (OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)) || (LIBRESSL_VERSION_NUMBER >= 0x2060000fL)
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
int
SSL_CTX_set_min_proto_version(ctx, version)
@@ -4402,7 +4402,7 @@ SSL_set_max_proto_version(ssl, version)
SSL * ssl
int version
-#endif /* OpenSSL 1.1.0 or LibreSSL 2.6.0 */
+#endif /* OpenSSL 1.1.0 */
#if OPENSSL_VERSION_NUMBER >= 0x1010007fL && !defined(LIBRESSL_VERSION_NUMBER)
@@ -5612,7 +5612,7 @@ SSL_get_client_random(s)
#endif

10
security/p5-Net_SSLeay/patches/patch-t_local_33_x509_create_cert_t
View File

@ -1,16 +1,16 @@
$OpenBSD: patch-t_local_33_x509_create_cert_t,v 1.3 2018/03/18 16:47:58 bluhm Exp $
$OpenBSD: patch-t_local_33_x509_create_cert_t,v 1.4 2018/11/07 01:55:42 bluhm Exp $
https://github.com/radiator-software/p5-net-ssleay/commit/512334aa69e8c64ada0163c8c01b90ed84472
Index: t/local/33_x509_create_cert.t
--- t/local/33_x509_create_cert.t.orig
+++ t/local/33_x509_create_cert.t
@@ -299,7 +299,9 @@ SKIP: { ### X509 certificate - unicode
@@ -299,7 +299,7 @@ SKIP: { ### X509 certificate - unicode
SKIP:
{
- skip 'd2i_X509_bio fails for openssl-1.1.0e and later', 1 unless Net::SSLeay::SSLeay < 0x1010005f;
+ skip 'd2i_X509_bio fails for openssl-1.1.0e and later', 1
+ unless Net::SSLeay::SSLeay < 0x1010005f
+ or Net::SSLeay::constant("LIBRESSL_VERSION_NUMBER");
+ skip 'd2i_X509_bio fails for openssl-1.1.0e and later', 1 unless Net::SSLeay::SSLeay < 0x1010005f or Net::SSLeay::constant("LIBRESSL_VERSION_NUMBER");
ok(my $x509 = Net::SSLeay::d2i_X509_bio($bio2), "d2i_X509_bio");
}
}