Page MenuHomeFreeBSD
Files F144942349

D44824.id137270.diff
No OneTemporary
Actions

D44824.id137270.diff
View Options

diff --git a/www/Makefile b/www/Makefile
--- a/www/Makefile
+++ b/www/Makefile
@@ -2383,6 +2383,7 @@
SUBDIR += tokyopromenade
SUBDIR += tomcat-devel
SUBDIR += tomcat-native
+ SUBDIR += tomcat-native2
SUBDIR += tomcat101
SUBDIR += tomcat85
SUBDIR += tomcat9
diff --git a/www/tomcat-native2/Makefile b/www/tomcat-native2/Makefile
new file mode 100644
--- /dev/null
+++ b/www/tomcat-native2/Makefile
@@ -0,0 +1,37 @@
+PORTNAME= tomcat-native
+DISTVERSION= 2.0.7
+CATEGORIES= www java
+MASTER_SITES= https://archive.apache.org/dist/tomcat/tomcat-connectors/native/${PORTVERSION}/source/
+PKGNAMESUFFIX= 2
+DISTNAME= ${PORTNAME}-${PORTVERSION}-src
+
+MAINTAINER= michaelo@apache.org
+COMMENT= Tomcat native library
+WWW= https://tomcat.apache.org/native-doc/
+
+LICENSE= APACHE20
+
+LIB_DEPENDS= libapr-1.so:devel/apr1
+
+USES= libtool ssl
+USE_JAVA= yes
+USE_LDCONFIG= yes
+GNU_CONFIGURE= yes
+CONFIGURE_ARGS= --with-apr=${LOCALBASE} \
+ --with-java-home=${JAVA_HOME} \
+ --with-ssl=${OPENSSLBASE} \
+ --disable-openssl-version-check
+
+WRKSRC= ${WRKDIR}/${DISTNAME}/native
+
+SOVERSION= ${PORTVERSION:E}
+MAJORVERSION= ${PORTVERSION:R:R}
+PLIST_FILES= lib/libtcnative-${MAJORVERSION}.so \
+ lib/libtcnative-${MAJORVERSION}.so.0 \
+ lib/libtcnative-${MAJORVERSION}.so.0.0.${SOVERSION}
+
+post-install:
+ ${RM} ${STAGEDIR}${PREFIX}/lib/libtcnative-${MAJORVERSION}.a
+ ${STRIP_CMD} ${STAGEDIR}${PREFIX}/lib/libtcnative-${MAJORVERSION}.so.0.0.${SOVERSION}
+
+.include <bsd.port.mk>
diff --git a/www/tomcat-native2/distinfo b/www/tomcat-native2/distinfo
new file mode 100644
--- /dev/null
+++ b/www/tomcat-native2/distinfo
@@ -0,0 +1,3 @@
+TIMESTAMP = 1713346420
+SHA256 (tomcat-native-2.0.7-src.tar.gz) = 2c5afc7edc383e47660647e9a7071ad81f58e51c7f765c12f7e7afc9203b2d4d
+SIZE (tomcat-native-2.0.7-src.tar.gz) = 538131
diff --git a/www/tomcat-native2/files/patch-include_ssl__private.h b/www/tomcat-native2/files/patch-include_ssl__private.h
new file mode 100644
--- /dev/null
+++ b/www/tomcat-native2/files/patch-include_ssl__private.h
@@ -0,0 +1,12 @@
+--- include/ssl_private.h.orig 2024-02-04 19:32:52 UTC
++++ include/ssl_private.h
+@@ -46,9 +46,6 @@
+ #include <openssl/x509v3.h>
+ #include <openssl/dh.h>
+ #include <openssl/bn.h>
+-#ifndef LIBRESSL_VERSION_NUMBER
+-#include <openssl/provider.h>
+-#endif
+ /* Avoid tripping over an engine build installed globally and detected
+ * when the user points at an explicit non-engine flavor of OpenSSL
+ */
diff --git a/www/tomcat-native2/files/patch-src_ssl.c b/www/tomcat-native2/files/patch-src_ssl.c
new file mode 100644
--- /dev/null
+++ b/www/tomcat-native2/files/patch-src_ssl.c
@@ -0,0 +1,63 @@
+--- src/ssl.c.orig 2024-02-04 19:32:52 UTC
++++ src/ssl.c
+@@ -395,30 +395,14 @@ TCN_IMPLEMENT_CALL(void, SSL, randSet)(TCN_STDARGS, js
+
+ TCN_IMPLEMENT_CALL(jint, SSL, fipsModeGet)(TCN_STDARGS)
+ {
+-#if defined(LIBRESSL_VERSION_NUMBER)
+ UNREFERENCED(o);
+- /* LibreSSL doesn't support FIPS */
+- return 0;
++#ifdef OPENSSL_FIPS
++ return FIPS_mode();
+ #else
+- EVP_MD *md;
+- const OSSL_PROVIDER *provider;
+- const char *name;
+- UNREFERENCED(o);
++ /* FIPS is unavailable */
++ tcn_ThrowException(e, "FIPS was not available to tcnative at build time. You will need to re-build tcnative against an OpenSSL with FIPS.");
+
+- // Maps the OpenSSL 3. x onwards behaviour to theOpenSSL 1.x API
+-
+- // Checks that FIPS is the default provider
+- md = EVP_MD_fetch(NULL, "SHA-512", NULL);
+- provider = EVP_MD_get0_provider(md);
+- name = OSSL_PROVIDER_get0_name(provider);
+- // Clean up
+- EVP_MD_free(md);
+-
+- if (strcmp("fips", name)) {
+- return 0;
+- } else {
+- return 1;
+- }
++ return 0;
+ #endif
+ }
+
+@@ -427,8 +411,22 @@ TCN_IMPLEMENT_CALL(jint, SSL, fipsModeSet)(TCN_STDARGS
+ int r = 0;
+ UNREFERENCED(o);
+
+- /* This method should never be called when using Tomcat Native 2.x onwards */
+- tcn_ThrowException(e, "fipsModeSet is not supported in Tomcat Native 2.x onwards.");
++#ifdef OPENSSL_FIPS
++ if(1 != (r = (jint)FIPS_mode_set((int)mode))) {
++ /* arrange to get a human-readable error message */
++ unsigned long err = SSL_ERR_get();
++ char msg[256];
++
++ /* ERR_load_crypto_strings() already called in initialize() */
++
++ ERR_error_string_n(err, msg, 256);
++
++ tcn_ThrowException(e, msg);
++ }
++#else
++ /* FIPS is unavailable */
++ tcn_ThrowException(e, "FIPS was not available to tcnative at build time. You will need to re-build tcnative against an OpenSSL with FIPS.");
++#endif
+
+ return r;
+ }
diff --git a/www/tomcat-native2/files/patch-src_sslutils.c b/www/tomcat-native2/files/patch-src_sslutils.c
new file mode 100644
--- /dev/null
+++ b/www/tomcat-native2/files/patch-src_sslutils.c
@@ -0,0 +1,14 @@
+--- src/sslutils.c.orig 2024-02-04 19:32:52 UTC
++++ src/sslutils.c
+@@ -946,11 +946,7 @@ static OCSP_RESPONSE *get_ocsp_response(apr_pool_t *p,
+ int ok = 0;
+ apr_socket_t *apr_sock = NULL;
+ apr_pool_t *mp;
+-#ifdef LIBRESSL_VERSION_NUMBER
+ if (OCSP_parse_url(url, &hostname, &c_port, &path, &use_ssl) == 0)
+-#else
+- if (OSSL_HTTP_parse_url(url, &use_ssl, NULL, &hostname, &c_port, NULL, &path, NULL, NULL) == 0)
+-#endif
+ goto end;
+
+ if (sscanf(c_port, "%d", &port) != 1)
diff --git a/www/tomcat-native2/pkg-descr b/www/tomcat-native2/pkg-descr
new file mode 100644
--- /dev/null
+++ b/www/tomcat-native2/pkg-descr
@@ -0,0 +1,3 @@
+The Apache Tomcat Native Library is an optional component for use with Apache
+Tomcat that allows Tomcat to use OpenSSL as a replacement for JSSE to support
+TLS connections.

File Metadata

Mime Type
text/plain
Expires
Sun, Feb 15, 8:30 AM (19 h, 54 m)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
28733725
Default Alt Text
D44824.id137270.diff (5 KB)

Event Timeline