Page MenuHomeFreeBSD
Files F159821209

D37046.diff
No OneTemporary
Actions

D37046.diff
View Options

diff --git a/security/krb5-120/Makefile b/security/krb5-120/Makefile
--- a/security/krb5-120/Makefile
+++ b/security/krb5-120/Makefile
@@ -18,8 +18,6 @@
CONFLICTS= heimdal krb5 krb5-11*
CONFLICTS_BUILD= boringssl
-IGNORE_SSL= libressl libressl-devel
-
KERBEROSV_URL= http://web.mit.edu/kerberos/
USES= compiler:c++11-lang cpe gmake gettext-runtime \
gssapi:bootstrap,mit libtool:build localbase \
diff --git a/security/krb5-120/files/patch-plugins_preauth_pkinit_pkinit__crypto__openssl.c b/security/krb5-120/files/patch-plugins_preauth_pkinit_pkinit__crypto__openssl.c
--- a/security/krb5-120/files/patch-plugins_preauth_pkinit_pkinit__crypto__openssl.c
+++ b/security/krb5-120/files/patch-plugins_preauth_pkinit_pkinit__crypto__openssl.c
@@ -1,23 +1,43 @@
---- plugins/preauth/pkinit/pkinit_crypto_openssl.c.orig 2021-11-05 16:24:07.000000000 -0700
-+++ plugins/preauth/pkinit/pkinit_crypto_openssl.c 2021-11-08 10:10:45.431325000 -0800
-@@ -178,7 +178,8 @@
+--- plugins/preauth/pkinit/pkinit_crypto_openssl.c.orig 2022-10-17 09:52:43 UTC
++++ plugins/preauth/pkinit/pkinit_crypto_openssl.c
+@@ -184,6 +184,17 @@ pkcs11err(int err);
(*_x509_pp) = PKCS7_cert_from_signer_info(_p7,_si)
#endif
--#if OPENSSL_VERSION_NUMBER < 0x10100000L
-+#if (defined(OPENSSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER < 0x10100000L) || \
-+ defined(LIBRESSL_VERSION_NUMBER)
-
- /* 1.1 standardizes constructor and destructor names, renaming
- * EVP_MD_CTX_{create,destroy} and deprecating ASN1_STRING_data. */
-@@ -722,6 +723,10 @@
- DH_free(dh);
- return pkey;
- }
++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
+
-+#if defined(LIBRESSL_VERSION_NUMBER) && !defined(static_ASN1_SEQUENCE_END_name)
-+#define static_ASN1_SEQUENCE_END_name ASN1_SEQUENCE_END_name
++/*
++ * 1.1 adds DHX support, which uses the RFC 3279 DomainParameters encoding we
++ * need for PKINIT. For 1.0 we must use the original DH type when creating
++ * EVP_PKEY objects.
++ */
++#define EVP_PKEY_DHX EVP_PKEY_DH
++#define d2i_DHxparams d2i_DHparams
+#endif
++
+ #if OPENSSL_VERSION_NUMBER < 0x10100000L
- static struct pkcs11_errstrings {
- short code;
+ /* 1.1 standardizes constructor and destructor names, renaming
+@@ -193,13 +204,6 @@ pkcs11err(int err);
+ #define EVP_MD_CTX_free EVP_MD_CTX_destroy
+ #define ASN1_STRING_get0_data ASN1_STRING_data
+
+-/*
+- * 1.1 adds DHX support, which uses the RFC 3279 DomainParameters encoding we
+- * need for PKINIT. For 1.0 we must use the original DH type when creating
+- * EVP_PKEY objects.
+- */
+-#define EVP_PKEY_DHX EVP_PKEY_DH
+-
+ /* 1.1 makes many handle types opaque and adds accessors. Add compatibility
+ * versions of the new accessors we use for pre-1.1. */
+
+@@ -588,7 +592,7 @@ set_padded_derivation(EVP_PKEY_CTX *ctx)
+ {
+ EVP_PKEY_CTX_set_dh_pad(ctx, 1);
+ }
+-#elif OPENSSL_VERSION_NUMBER >= 0x10100000L
++#elif OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
+ static void
+ set_padded_derivation(EVP_PKEY_CTX *ctx)
+ {

File Metadata

Mime Type
text/plain
Expires
Fri, Jun 19, 1:44 PM (14 h, 30 m)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
34082281
Default Alt Text
D37046.diff (2 KB)

Event Timeline