From 61db6fe6563f21cfb73d849cb70267e179b03882 Mon Sep 17 00:00:00 2001
From: rsadowski <rsadowski@openbsd.org>
Date: Fri, 6 Dec 2019 07:10:41 +0000
Subject: [PATCH] Update qca to 2.2.1

- Only new exports added so bump minor.
- Cleanup WANTLIB
- Fix MASTER_SITE URL
- Cleanup plugin configuration

LibreSSL patches from Gentoo developer Stefan Strogin from here:
https://github.com/gentoo/libressl/commit/3e69b18db758fe808a7bcdf339504c80a84cb241
---
 security/qca/Makefile                         | 41 ++++++++++---------
 security/qca/distinfo                         |  4 +-
 security/qca/patches/patch-QcaConfig_cmake_in | 12 ------
 .../patch-plugins_qca-botan_CMakeLists_txt    | 15 +++++++
 .../patch-plugins_qca-ossl_ossl110-compat_h   | 30 ++++++++++++++
 .../patch-plugins_qca-ossl_qca-ossl_cpp       | 40 ++++++++++++++++++
 security/qca/pkg/PLIST-gnupg                  |  4 +-
 security/qca/pkg/PLIST-main                   |  3 +-
 security/qca/pkg/PLIST-ossl                   |  4 +-
 9 files changed, 113 insertions(+), 40 deletions(-)
 delete mode 100644 security/qca/patches/patch-QcaConfig_cmake_in
 create mode 100644 security/qca/patches/patch-plugins_qca-botan_CMakeLists_txt
 create mode 100644 security/qca/patches/patch-plugins_qca-ossl_ossl110-compat_h
 create mode 100644 security/qca/patches/patch-plugins_qca-ossl_qca-ossl_cpp

diff --git a/security/qca/Makefile b/security/qca/Makefile
index f9c1bd1f84b..b103307dbcc 100644
--- a/security/qca/Makefile
+++ b/security/qca/Makefile
@@ -1,22 +1,19 @@
-# $OpenBSD: Makefile,v 1.28 2019/07/12 20:49:35 sthen Exp $
+# $OpenBSD: Makefile,v 1.29 2019/12/06 07:10:41 rsadowski Exp $
 
 COMMENT-main =	Qt Cryptographic Architecture for Qt4
 COMMENT-ossl =	SSL/TLS plugin
 COMMENT-gnupg =	GnuPG plugin
 
-VERSION =	2.1.3
+VERSION =	2.2.1
 DISTNAME =	qca-${VERSION}
 
 PKGNAME-main =	qca-${VERSION}
 PKGNAME-ossl =	qca-ossl-${VERSION}
 PKGNAME-gnupg =	qca-gnupg-${VERSION}
-REVISION-main =	4
-REVISION-ossl =	2
-REVISION-gnupg =2
 
 CATEGORIES =	security
 
-SHARED_LIBS +=  qca                   3.0 # 2.1
+SHARED_LIBS +=  qca                   3.1 # 2.1
 
 HOMEPAGE =	https://userbase.kde.org/QCA
 
@@ -29,25 +26,13 @@ WANTLIB-gnupg += QtCore m qca ${COMPILER_LIBCXX}
 
 COMPILER =		base-clang ports-gcc base-gcc
 
-MASTER_SITES =	${MASTER_SITE_KDE:=stable/qca/${VERSION}/src/}
-EXTRACT_SUFX =	.tar.xz
+MASTER_SITES =		${MASTER_SITE_KDE:=stable/qca/${V}/}
+EXTRACT_SUFX =		.tar.xz
 
 # Plugins: qca-botan qca-cyrus-sasl qca-gcrypt qca-gnupg qca-logger
 # qca-nss qca-ossl qca-pkcs11 qca-softstore
 MULTI_PACKAGES =	-main -ossl -gnupg
 
-CFLAGS +=		-DOPENSSL_NO_SSL2 \
-			-DOPENSSL_NO_SSL3_METHOD
-
-CONFIGURE_ARGS =	-DCMAKE_INSTALL_PREFIX=${LOCALBASE} \
-			-DQCA_MAN_INSTALL_DIR=${LOCALBASE}/man \
-			-DQCA_BINARY_INSTALL_DIR=${PREFIX}/bin \
-			-DQCA_FEATURE_INSTALL_DIR=${LOCALBASE}/lib/qt4/mkspecs/features \
-			-DBUILD_PLUGINS="ossl;gnupg" \
-			-DCMAKE_DISABLE_FIND_PACKAGE_Doxygen:Bool=ON \
-			-Dqca_CERTSTORE=/etc/ssl/cert.pem \
-			-DQT4_BUILD:Bool=ON
-
 MODULES =		devel/cmake
 
 LIB_DEPENDS =		x11/qt4
@@ -57,4 +42,20 @@ LIB_DEPENDS-gnupg +=	${BUILD_PKGPATH},-main
 
 RUN_DEPENDS-gnupg +=	security/gnupg
 
+CFLAGS +=		-DOPENSSL_NO_SSL2 \
+			-DOPENSSL_NO_SSL3_METHOD
+
+CONFIGURE_ARGS =	-DCMAKE_INSTALL_PREFIX=${LOCALBASE} \
+			-DQCA_MAN_INSTALL_DIR=${LOCALBASE}/man \
+			-DQCA_BINARY_INSTALL_DIR=${PREFIX}/bin \
+			-DQCA_FEATURE_INSTALL_DIR=${MODQT_LIBDIR}/mkspecs/features \
+			-DBUILD_PLUGINS="none" \
+			-DCMAKE_DISABLE_FIND_PACKAGE_Doxygen=ON \
+			-Dqca_CERTSTORE=/etc/ssl/cert.pem \
+			-DQT4_BUILD=ON
+
+# Enable plugins (qca checks for "yes")
+CONFIGURE_ARGS +=	-DWITH_ossl_PLUGIN=yes \
+			-DWITH_gnupg_PLUGIN=yes
+
 .include <bsd.port.mk>
diff --git a/security/qca/distinfo b/security/qca/distinfo
index c58d96f9f73..906dbfae202 100644
--- a/security/qca/distinfo
+++ b/security/qca/distinfo
@@ -1,2 +1,2 @@
-SHA256 (qca-2.1.3.tar.xz) = AD/YajJCEFegOxioFo21LilAl4+dteu7agiIL4qx41M=
-SIZE (qca-2.1.3.tar.xz) = 686340
+SHA256 (qca-2.2.1.tar.xz) = 1xbS2OPtjZW72wYfAwgdfQMiBvdGowpNKdchlvUOewI=
+SIZE (qca-2.2.1.tar.xz) = 691676
diff --git a/security/qca/patches/patch-QcaConfig_cmake_in b/security/qca/patches/patch-QcaConfig_cmake_in
deleted file mode 100644
index 7f2319be17c..00000000000
--- a/security/qca/patches/patch-QcaConfig_cmake_in
+++ /dev/null
@@ -1,12 +0,0 @@
-$OpenBSD: patch-QcaConfig_cmake_in,v 1.1 2017/07/11 20:40:44 rsadowski Exp $
-
-Index: QcaConfig.cmake.in
---- QcaConfig.cmake.in.orig
-+++ QcaConfig.cmake.in
-@@ -5,3 +5,6 @@ if(NOT TARGET @QCA_LIB_NAME@)
- endif()
- 
- set(Qca_LIBRARY @QCA_LIB_NAME@)
-+set(Qca_INCLUDE_DIRS "@QCA_FULL_INCLUDE_INSTALL_DIR@")
-+set(Qca_INCLUDE_DIR "@QCA_FULL_INCLUDE_INSTALL_DIR@")
-+set(Qca_LIBRARY_DIR "@QCA_LIBRARY_INSTALL_DIR@")
diff --git a/security/qca/patches/patch-plugins_qca-botan_CMakeLists_txt b/security/qca/patches/patch-plugins_qca-botan_CMakeLists_txt
new file mode 100644
index 00000000000..777c01ec8ac
--- /dev/null
+++ b/security/qca/patches/patch-plugins_qca-botan_CMakeLists_txt
@@ -0,0 +1,15 @@
+$OpenBSD: patch-plugins_qca-botan_CMakeLists_txt,v 1.1 2019/12/06 07:10:41 rsadowski Exp $
+
+Fix qca-botan linking.
+
+Index: plugins/qca-botan/CMakeLists.txt
+--- plugins/qca-botan/CMakeLists.txt.orig
++++ plugins/qca-botan/CMakeLists.txt
+@@ -16,6 +16,7 @@ if(BOTAN_FOUND)
+     set_property(TARGET qca-botan  PROPERTY SUFFIX ".dylib")
+   endif()
+ 
++  target_link_directories(qca-botan PRIVATE ${BOTAN_LIBRARY_DIRS})
+   target_link_libraries(qca-botan ${QT_QTCORE_LIBRARY} ${QCA_LIB_NAME} ${BOTAN_LIBRARIES})
+ 
+   if(NOT DEVELOPER_MODE)
diff --git a/security/qca/patches/patch-plugins_qca-ossl_ossl110-compat_h b/security/qca/patches/patch-plugins_qca-ossl_ossl110-compat_h
new file mode 100644
index 00000000000..08ee3b3e794
--- /dev/null
+++ b/security/qca/patches/patch-plugins_qca-ossl_ossl110-compat_h
@@ -0,0 +1,30 @@
+$OpenBSD: patch-plugins_qca-ossl_ossl110-compat_h,v 1.1 2019/12/06 07:10:41 rsadowski Exp $
+
+LibreSSL 3.0.x support from Stefan Strogin <steils@gentoo.org>
+
+Index: plugins/qca-ossl/ossl110-compat.h
+--- plugins/qca-ossl/ossl110-compat.h.orig
++++ plugins/qca-ossl/ossl110-compat.h
+@@ -205,22 +205,6 @@ static int RSA_meth_set_priv_dec(RSA_METHOD *rsa, int 
+     return 1;
+ }
+ 
+-static int RSA_meth_set_sign(RSA_METHOD *meth, int (*sign) (int type, const unsigned char *m,
+-    unsigned int m_length, unsigned char *sigret, unsigned int *siglen, const RSA *rsa))
+-{
+-    if (!meth) return 0;
+-    meth->rsa_sign = sign;
+-    return 1;
+-}
+-
+-static int RSA_meth_set_verify(RSA_METHOD *meth, int (*verify) (int dtype, const unsigned char *m,
+-    unsigned int m_length, const unsigned char *sigbuf, unsigned int siglen, const RSA *rsa))
+-{
+-    if (!meth) return 0;
+-    meth->rsa_verify = verify;
+-    return 1;
+-}
+-
+ static int RSA_meth_set_finish(RSA_METHOD *meth, int (*finish) (RSA *rsa))
+ {
+     if (!meth) return 0;
diff --git a/security/qca/patches/patch-plugins_qca-ossl_qca-ossl_cpp b/security/qca/patches/patch-plugins_qca-ossl_qca-ossl_cpp
new file mode 100644
index 00000000000..2576f3c975d
--- /dev/null
+++ b/security/qca/patches/patch-plugins_qca-ossl_qca-ossl_cpp
@@ -0,0 +1,40 @@
+$OpenBSD: patch-plugins_qca-ossl_qca-ossl_cpp,v 1.1 2019/12/06 07:10:41 rsadowski Exp $
+
+LibreSSL 3.0.x support from Stefan Strogin <steils@gentoo.org>
+
+Index: plugins/qca-ossl/qca-ossl.cpp
+--- plugins/qca-ossl/qca-ossl.cpp.orig
++++ plugins/qca-ossl/qca-ossl.cpp
+@@ -62,12 +62,12 @@
+ #endif
+ 
+ // OpenSSL 1.1.0 compatibility macros
+-#ifdef OSSL_110
++#if defined(OSSL_110) && !defined(LIBRESSL_VERSION_NUMBER)
+ #define M_ASN1_IA5STRING_new() ASN1_IA5STRING_new()
+ #define RSA_F_RSA_EAY_PRIVATE_DECRYPT RSA_F_RSA_OSSL_PRIVATE_DECRYPT
+ #endif
+ 
+-#ifdef OSSL_110
++#if defined(OSSL_110) && !defined(LIBRESSL_VERSION_NUMBER)
+ #include <openssl/kdf.h>
+ #endif
+ 
+@@ -1280,7 +1280,7 @@ class opensslPbkdf2Context : public KDFContext (public
+ protected:
+ };
+ 
+-#ifdef OSSL_110
++#if defined(OSSL_110) && !defined(LIBRESSL_VERSION_NUMBER)
+ class opensslHkdfContext : public HKDFContext
+ {
+ public:
+@@ -7489,7 +7489,7 @@ class opensslProvider : public Provider (public)
+ #endif
+ 		else if ( type == "pbkdf2(sha1)" )
+ 			return new opensslPbkdf2Context( this, type );
+-#ifdef OSSL_110
++#if defined(OSSL_110) && !defined(LIBRESSL_VERSION_NUMBER)
+ 		else if ( type == "hkdf(sha256)" )
+ 			return new opensslHkdfContext( this, type );
+ #endif
diff --git a/security/qca/pkg/PLIST-gnupg b/security/qca/pkg/PLIST-gnupg
index 769036541ae..b1ed1790151 100644
--- a/security/qca/pkg/PLIST-gnupg
+++ b/security/qca/pkg/PLIST-gnupg
@@ -1,3 +1,3 @@
-@comment $OpenBSD: PLIST-gnupg,v 1.1 2017/07/11 20:40:44 rsadowski Exp $
+@comment $OpenBSD: PLIST-gnupg,v 1.2 2019/12/06 07:10:41 rsadowski Exp $
 @pkgpath security/qca-gnupg
-lib/qca/crypto/libqca-gnupg.so
+@so lib/qca/crypto/libqca-gnupg.so
diff --git a/security/qca/pkg/PLIST-main b/security/qca/pkg/PLIST-main
index 633663fc08d..5ca172e9659 100644
--- a/security/qca/pkg/PLIST-main
+++ b/security/qca/pkg/PLIST-main
@@ -1,4 +1,4 @@
-@comment $OpenBSD: PLIST-main,v 1.3 2017/11/14 15:34:11 landry Exp $
+@comment $OpenBSD: PLIST-main,v 1.4 2019/12/06 07:10:41 rsadowski Exp $
 @conflict qca-<=1.0
 @conflict qca2-<=2.0.3
 @pkgpath security/qca
@@ -32,5 +32,4 @@ lib/cmake/Qca/QcaTargets.cmake
 lib/pkgconfig/qca2.pc
 lib/qca/
 lib/qca/crypto/
-lib/qt4/mkspecs/features/crypto.prf
 @man man/man1/qcatool.1
diff --git a/security/qca/pkg/PLIST-ossl b/security/qca/pkg/PLIST-ossl
index 8e781eb9339..b6fdcbae08e 100644
--- a/security/qca/pkg/PLIST-ossl
+++ b/security/qca/pkg/PLIST-ossl
@@ -1,3 +1,3 @@
-@comment $OpenBSD: PLIST-ossl,v 1.1 2017/07/11 20:40:44 rsadowski Exp $
+@comment $OpenBSD: PLIST-ossl,v 1.2 2019/12/06 07:10:41 rsadowski Exp $
 @pkgpath security/qca-ossl
-lib/qca/crypto/libqca-ossl.so
+@so lib/qca/crypto/libqca-ossl.so