Index: head/devel/tcltls/Makefile =================================================================== --- head/devel/tcltls/Makefile (revision 441313) +++ head/devel/tcltls/Makefile (revision 441314) @@ -1,47 +1,39 @@ # Created by: mi@aldan.algebra.com # $FreeBSD$ PORTNAME= tcltls -PORTVERSION= 1.6.7 -PORTREVISION= 1 -CATEGORIES= devel tcl -MASTER_SITES= SF/tls/tls/${PORTVERSION} -DISTNAME= tls${PORTVERSION}-src +PORTVERSION= 1.7.12 +CATEGORIES= devel security tcl +MASTER_SITES= http://core.tcl.tk/tcltls/uv/ \ + http://tcltls.rkeene.org/uv/ MAINTAINER= mi@aldan.algebra.com COMMENT= SSL extensions for TCL; dynamicly loadable LICENSE= TclTk LICENSE_NAME= Tcl/Tk License LICENSE_FILE= ${WRKSRC}/license.terms LICENSE_PERMS= dist-mirror dist-sell pkg-mirror pkg-sell auto-accept OPTIONS_DEFINE= DOCS USES+= tcl:tea ssl -CONFIGURE_ARGS+=--with-ssl-dir=${OPENSSLBASE} +CONFIGURE_ARGS+=--with-ssl-dir=${OPENSSLBASE} \ + --disable-rpath -WRKSRC= ${WRKDIR}/${TCL_PKG} -PLIST_FILES= lib/${TCL_PKG}/libtls.so.1 \ - lib/${TCL_PKG}/pkgIndex.tcl \ - lib/${TCL_PKG}/tls.tcl +PLIST_FILES= lib/${TCL_PKG}/tcltls.so \ + lib/${TCL_PKG}/pkgIndex.tcl PORTDOCS= * -INSTALL_TARGET= install-binaries install-doc +MAKE_ARGS+= "PACKAGE_INSTALL_DIR=${PREFIX}/lib/${TCL_PKG}" +TEST_TARGET= test +MAKE_ENV+= PATH=${OPENSSLBASE}/bin:${PATH} +CONFIGURE_ENV+= PATH=${OPENSSLBASE}/bin:${PATH} post-patch: - ${REINPLACE_CMD} -e \ - 's,package require tls.*,load ${WRKSRC}/libtls.so.1;\ - source ${WRKSRC}/tls.tcl,' \ - ${WRKSRC}/tests/*.test - # The tests in ciphers.test are meaningless so far: ${MV} ${WRKSRC}/tests/ciphers.test ${WRKSRC}/tests/ciphers.test.broken post-install-DOCS-on: ${MKDIR} ${STAGEDIR}${DOCSDIR} ${INSTALL_DATA} ${WRKSRC}/tls.htm ${STAGEDIR}${DOCSDIR} - -xregression-test test check: build - cd ${WRKSRC}/tests && ${SETENV} TCL_LIBRARY="${WRKSRC}" \ - tclsh${TCL_VER} all.tcl .include Index: head/devel/tcltls/distinfo =================================================================== --- head/devel/tcltls/distinfo (revision 441313) +++ head/devel/tcltls/distinfo (revision 441314) @@ -1,2 +1,3 @@ -SHA256 (tls1.6.7-src.tar.gz) = 5119de3e5470359b97a8a00d861c9c48433571ee0167af0a952de66c99d3a3b8 -SIZE (tls1.6.7-src.tar.gz) = 173654 +TIMESTAMP = 1494970441 +SHA256 (tcltls-1.7.12.tar.gz) = 0e09e8e1cb3dcb3d419079fe40c521b7283d5e822dc914ffd1e4ff600b895caa +SIZE (tcltls-1.7.12.tar.gz) = 162259 Index: head/devel/tcltls/files/patch-warnings =================================================================== --- head/devel/tcltls/files/patch-warnings (revision 441313) +++ head/devel/tcltls/files/patch-warnings (nonexistent) @@ -1,268 +0,0 @@ ---- tlsBIO.c Tue Feb 3 23:02:19 2004 -+++ tlsBIO.c Mon Jun 20 10:18:45 2005 -@@ -30,4 +30,5 @@ - BioNew, - BioFree, -+ NULL - }; - -@@ -62,6 +63,6 @@ - int ret; - -- dprintf(stderr,"\nBioWrite(0x%x, , %d) [0x%x]", -- (unsigned int) bio, bufLen, (unsigned int) chan); -+ dprintf(stderr,"\nBioWrite(%p, , %d) [%p]", -+ (void *)bio, bufLen, (void *)chan); - - if (channelTypeVersion == TLS_CHANNEL_VERSION_2) { -@@ -71,6 +72,6 @@ - } - -- dprintf(stderr,"\n[0x%x] BioWrite(%d) -> %d [%d.%d]", -- (unsigned int) chan, bufLen, ret, Tcl_Eof(chan), Tcl_GetErrno()); -+ dprintf(stderr,"\n[%p] BioWrite(%d) -> %d [%d.%d]", -+ (void *) chan, bufLen, ret, Tcl_Eof(chan), Tcl_GetErrno()); - - BIO_clear_flags(bio, BIO_FLAGS_WRITE|BIO_FLAGS_SHOULD_RETRY); -@@ -97,6 +98,6 @@ - int ret = 0; - -- dprintf(stderr,"\nBioRead(0x%x, , %d) [0x%x]", -- (unsigned int) bio, bufLen, (unsigned int) chan); -+ dprintf(stderr,"\nBioRead(%p, , %d) [%p]", -+ (void *)bio, bufLen, (void *)chan); - - if (buf == NULL) return 0; -@@ -108,6 +109,6 @@ - } - -- dprintf(stderr,"\n[0x%x] BioRead(%d) -> %d [%d.%d]", -- (unsigned int) chan, bufLen, ret, Tcl_Eof(chan), Tcl_GetErrno()); -+ dprintf(stderr,"\n[%p] BioRead(%d) -> %d [%d.%d]", -+ (void *) chan, bufLen, ret, Tcl_Eof(chan), Tcl_GetErrno()); - - BIO_clear_flags(bio, BIO_FLAGS_READ|BIO_FLAGS_SHOULD_RETRY); -@@ -144,7 +145,6 @@ - int *ip; - -- dprintf(stderr,"\nBioCtrl(0x%x, 0x%x, 0x%x, 0x%x)", -- (unsigned int) bio, (unsigned int) cmd, (unsigned int) num, -- (unsigned int) ptr); -+ dprintf(stderr,"\nBioCtrl(%p, 0x%x, 0x%lx, %p)", -+ (void *)bio, cmd, num, ptr); - - switch (cmd) { ---- tlsIO.c 2015-06-06 09:07:08 UTC -+++ tlsIO.c 2015-09-22 20:41:37 UTC -@@ -287,5 +287,5 @@ - State *statePtr = (State *) instanceData; - -- dprintf(stderr,"\nTlsCloseProc(0x%x)", (unsigned int) statePtr); -+ dprintf(stderr,"\nTlsCloseProc(%p)", instanceData); - - if (channelTypeVersion == TLS_CHANNEL_VERSION_1) { -@@ -424,5 +424,5 @@ - *errorCodePtr = 0; - -- dprintf(stderr,"\nBIO_write(0x%x, %d)", (unsigned int) statePtr, toWrite); -+ dprintf(stderr,"\nBIO_write(%p, %d)", instanceData, toWrite); - - if (statePtr->flags & TLS_TCL_CALLBACK) { -@@ -444,5 +444,5 @@ - if (toWrite == 0) { - dprintf(stderr, "zero-write\n"); -- BIO_flush(statePtr->bio); -+ (void)BIO_flush(statePtr->bio); - written = 0; - goto output; -@@ -461,6 +461,6 @@ - ERR_clear_error(); - written = BIO_write(statePtr->bio, buf, toWrite); -- dprintf(stderr,"\nBIO_write(0x%x, %d) -> [%d]", -- (unsigned int) statePtr, toWrite, written); -+ dprintf(stderr,"\nBIO_write(%p, %d) -> [%d]", -+ instanceData, toWrite, written); - } - if (written <= 0) { -@@ -543,5 +543,5 @@ - return (*getOptionProc)(Tcl_GetChannelInstanceData(downChan), - interp, optionName, dsPtr); -- } else if (optionName == (char*) NULL) { -+ } else if (optionName == NULL) { - /* - * Request is query for all options, this is ok. -@@ -554,10 +554,10 @@ - return TCL_ERROR; - } else { -+#if 0 - size_t len = 0; - -- if (optionName != (char *) NULL) { -+ if (optionName != NULL) { - len = strlen(optionName); - } --#if 0 - if ((len == 0) || ((len > 1) && (optionName[1] == 'c') && - (strncmp(optionName, "-cipher", len) == 0))) { -@@ -888,5 +888,5 @@ - int err; - -- dprintf(stderr,"\nWaitForConnect(0x%x)", (unsigned int) statePtr); -+ dprintf(stderr,"\nWaitForConnect(%p)", (void *)statePtr); - - if (statePtr->flags & TLS_TCL_HANDSHAKE_FAILED) { -@@ -913,5 +913,5 @@ - /*SSL_write(statePtr->ssl, (char*)&err, 0); HACK!!! */ - if (err > 0) { -- BIO_flush(statePtr->bio); -+ (void)BIO_flush(statePtr->bio); - } - ---- tls.c 2015-07-07 17:16:02 UTC -+++ tls.c 2015-09-22 20:18:04 UTC -@@ -64,7 +64,7 @@ - Tcl_Interp *interp, int objc, Tcl_Obj *CONST objv[])); - --static SSL_CTX *CTX_Init _ANSI_ARGS_((State *statePtr, int proto, char *key, -- char *cert, char *CAdir, char *CAfile, char *ciphers, -- char *DHparams)); -+static SSL_CTX *CTX_Init _ANSI_ARGS_((State *statePtr, int proto, const char *key, -+ const char *cert, const char *CAdir, const char *CAfile, -+ const char *ciphers, const char *DHparams)); - - static int TlsLibInit _ANSI_ARGS_ (()) ; -@@ -309,5 +309,5 @@ - { - Tcl_Obj *cmdPtr, *result; -- char *errStr, *string; -+ const char *errStr; - int length; - SSL *ssl = (SSL*)X509_STORE_CTX_get_app_data(ctx); -@@ -320,7 +320,7 @@ - - if (!ok) { -- errStr = (char*)X509_verify_cert_error_string(err); -+ errStr = X509_verify_cert_error_string(err); - } else { -- errStr = (char *)0; -+ errStr = NULL; - } - -@@ -350,5 +350,5 @@ - - Tcl_ListObjAppendElement( statePtr->interp, cmdPtr, -- Tcl_NewStringObj( errStr ? errStr : "", -1) ); -+ Tcl_NewStringObj( errStr != NULL ? errStr : "", -1) ); - - Tcl_Preserve( (ClientData) statePtr->interp); -@@ -364,5 +364,5 @@ - } else { - result = Tcl_GetObjResult(statePtr->interp); -- string = Tcl_GetStringFromObj(result, &length); -+ Tcl_GetStringFromObj(result, &length); /* We only need the length */ - /* An empty result leaves verification unchanged. */ - if (length > 0) { -@@ -532,5 +532,5 @@ - }; - enum protocol { -- TLS_SSL2, TLS_SSL3, TLS_TLS1, TLS_TLS1_1, TLS_TLS1_2, TLS_NONE -+ TLS_SSL2, TLS_SSL3, TLS_TLS1, TLS_TLS1_1, TLS_TLS1_2 - }; - Tcl_Obj *objPtr; -@@ -745,13 +745,13 @@ - int flags = TLS_TCL_INIT; - int server = 0; /* is connection incoming or outgoing? */ -- char *key = NULL; -- char *cert = NULL; -- char *ciphers = NULL; -- char *CAfile = NULL; -- char *CAdir = NULL; -- char *DHparams = NULL; -- char *model = NULL; -+ const char *key = NULL; -+ const char *cert = NULL; -+ const char *ciphers = NULL; -+ const char *CAfile = NULL; -+ const char *CAdir = NULL; -+ const char *DHparams = NULL; -+ const char *model = NULL; - #ifndef OPENSSL_NO_TLSEXT -- char *servername = NULL; /* hostname for Server Name Indication */ -+ const char *servername = NULL; /* hostname for Server Name Indication */ - #endif - #if defined(NO_SSL2) -@@ -1050,10 +1062,10 @@ - State *statePtr; - int proto; -- char *key; -- char *cert; -- char *CAdir; -- char *CAfile; -- char *ciphers; -- char *DHparams; -+ const char *key; -+ const char *cert; -+ const char *CAdir; -+ const char *CAfile; -+ const char *ciphers; -+ const char *DHparams; - { - Tcl_Interp *interp = statePtr->interp; -@@ -1422,5 +1434,5 @@ - { - static CONST84 char *commands [] = { "req", NULL }; -- enum command { C_REQ, C_DUMMY }; -+ enum command { C_REQ }; - int cmd; - -@@ -1526,11 +1538,11 @@ - name=X509_get_subject_name(cert); - -- X509_NAME_add_entry_by_txt(name,"C", MBSTRING_ASC, k_C, -1, -1, 0); -- X509_NAME_add_entry_by_txt(name,"ST", MBSTRING_ASC, k_ST, -1, -1, 0); -- X509_NAME_add_entry_by_txt(name,"L", MBSTRING_ASC, k_L, -1, -1, 0); -- X509_NAME_add_entry_by_txt(name,"O", MBSTRING_ASC, k_O, -1, -1, 0); -- X509_NAME_add_entry_by_txt(name,"OU", MBSTRING_ASC, k_OU, -1, -1, 0); -- X509_NAME_add_entry_by_txt(name,"CN", MBSTRING_ASC, k_CN, -1, -1, 0); -- X509_NAME_add_entry_by_txt(name,"Email", MBSTRING_ASC, k_Email, -1, -1, 0); -+ X509_NAME_add_entry_by_txt(name,"C", MBSTRING_ASC, (const unsigned char *)k_C, -1, -1, 0); -+ X509_NAME_add_entry_by_txt(name,"ST", MBSTRING_ASC, (const unsigned char *)k_ST, -1, -1, 0); -+ X509_NAME_add_entry_by_txt(name,"L", MBSTRING_ASC, (const unsigned char *)k_L, -1, -1, 0); -+ X509_NAME_add_entry_by_txt(name,"O", MBSTRING_ASC, (const unsigned char *)k_O, -1, -1, 0); -+ X509_NAME_add_entry_by_txt(name,"OU", MBSTRING_ASC, (const unsigned char *)k_OU, -1, -1, 0); -+ X509_NAME_add_entry_by_txt(name,"CN", MBSTRING_ASC, (const unsigned char *)k_CN, -1, -1, 0); -+ X509_NAME_add_entry_by_txt(name,"Email", MBSTRING_ASC, (const unsigned char *)k_Email, -1, -1, 0); - - X509_set_subject_name(cert,name); ---- tlsInt.h 2014-12-08 14:10:28.000000000 -0500 -+++ tlsInt.h 2015-03-25 18:29:34.000000000 -0400 -@@ -18,5 +18,5 @@ - * - */ --#ifndef _TSLINT_H -+#ifndef _TLSINT_H - #define _TLSINT_H - ---- tlsX509.c 2004-06-29 10:58:08 UTC -+++ tlsX509.c 2015-09-22 20:49:42 UTC -@@ -119,5 +119,5 @@ - n = max(n, 0); - subject[n] = 0; -- BIO_flush(bio); -+ (void)BIO_flush(bio); - - X509_NAME_print_ex(bio, X509_get_issuer_name(cert), 0, flags); -@@ -125,5 +125,5 @@ - n = max(n, 0); - issuer[n] = 0; -- BIO_flush(bio); -+ (void)BIO_flush(bio); - - i2a_ASN1_INTEGER(bio, X509_get_serialNumber(cert)); -@@ -131,5 +131,5 @@ - n = max(n, 0); - serial[n] = 0; -- BIO_flush(bio); -+ (void)BIO_flush(bio); - - BIO_free(bio); Property changes on: head/devel/tcltls/files/patch-warnings ___________________________________________________________________ Deleted: fbsd:nokeywords ## -1 +0,0 ## -yes \ No newline at end of property Deleted: svn:eol-style ## -1 +0,0 ## -native \ No newline at end of property Deleted: svn:mime-type ## -1 +0,0 ## -text/plain \ No newline at end of property Index: head/devel/tcltls/files/patch-protocols =================================================================== --- head/devel/tcltls/files/patch-protocols (revision 441313) +++ head/devel/tcltls/files/patch-protocols (nonexistent) @@ -1,106 +0,0 @@ ---- tls.c 2014-12-08 14:10:28.000000000 -0500 -+++ tls.c 2015-03-25 19:37:53.000000000 -0400 -@@ -538,5 +538,5 @@ - case TLS_SSL2: - #if defined(NO_SSL2) -- Tcl_AppendResult(interp, "protocol not supported", NULL); -+ Tcl_AppendResult(interp, protocols[index], ": protocol not supported", NULL); - return TCL_ERROR; - #else -@@ -545,5 +545,5 @@ - case TLS_SSL3: - #if defined(NO_SSL3) -- Tcl_AppendResult(interp, "protocol not supported", NULL); -+ Tcl_AppendResult(interp, protocols[index], ": protocol not supported", NULL); - return TCL_ERROR; - #else -@@ -552,5 +552,5 @@ - case TLS_TLS1: - #if defined(NO_TLS1) -- Tcl_AppendResult(interp, "protocol not supported", NULL); -+ Tcl_AppendResult(interp, protocols[index], ": protocol not supported", NULL); - return TCL_ERROR; - #else -@@ -559,5 +559,5 @@ - case TLS_TLS1_1: - #if defined(NO_TLS1_1) -- Tcl_AppendResult(interp, "protocol not supported", NULL); -+ Tcl_AppendResult(interp, protocols[index], ": protocol not supported", NULL); - return TCL_ERROR; - #else -@@ -566,5 +566,5 @@ - case TLS_TLS1_2: - #if defined(NO_TLS1_2) -- Tcl_AppendResult(interp, "protocol not supported", NULL); -+ Tcl_AppendResult(interp, protocols[index], ": protocol not supported", NULL); - return TCL_ERROR; - #else -@@ -575,10 +575,10 @@ - } - if (ctx == NULL) { -- Tcl_AppendResult(interp, REASON(), (char *) NULL); -+ Tcl_AppendResult(interp, REASON(), NULL); - return TCL_ERROR; - } - ssl = SSL_new(ctx); - if (ssl == NULL) { -- Tcl_AppendResult(interp, REASON(), (char *) NULL); -+ Tcl_AppendResult(interp, REASON(), NULL); - SSL_CTX_free(ctx); - return TCL_ERROR; -@@ -747,6 +747,18 @@ - #endif - int tls1 = 1; -- int tls1_1 = 1; -- int tls1_2 = 1; -+ int tls1_1 = -+#if defined(NO_TLS1_1) -+ 0 -+#else -+ 1 -+#endif -+ ; -+ int tls1_2 = -+#if defined(NO_TLS1_2) -+ 0 -+#else -+ 1 -+#endif -+ ; - int proto = 0; - int verify = 0, require = 0, request = 1; -@@ -1050,5 +1050,5 @@ - #if defined(NO_SSL2) - if (ENABLED(proto, TLS_PROTO_SSL2)) { -- Tcl_AppendResult(interp, "protocol not supported", NULL); -+ Tcl_AppendResult(interp, "protocol SSL2 not supported", NULL); - return (SSL_CTX *)0; - } -@@ -1056,5 +1056,5 @@ - #if defined(NO_SSL3) - if (ENABLED(proto, TLS_PROTO_SSL3)) { -- Tcl_AppendResult(interp, "protocol not supported", NULL); -+ Tcl_AppendResult(interp, "protocol SSL3 not supported", NULL); - return (SSL_CTX *)0; - } -@@ -1062,5 +1062,5 @@ - #if defined(NO_TLS1) - if (ENABLED(proto, TLS_PROTO_TLS1)) { -- Tcl_AppendResult(interp, "protocol not supported", NULL); -+ Tcl_AppendResult(interp, "protocol TLS1 not supported", NULL); - return (SSL_CTX *)0; - } -@@ -1068,5 +1068,5 @@ - #if defined(NO_TLS1_1) - if (ENABLED(proto, TLS_PROTO_TLS1_1)) { -- Tcl_AppendResult(interp, "protocol not supported", NULL); -+ Tcl_AppendResult(interp, "protocol TLS1.1 not supported", NULL); - return (SSL_CTX *)0; - } -@@ -1074,5 +1074,5 @@ - #if defined(NO_TLS1_2) - if (ENABLED(proto, TLS_PROTO_TLS1_2)) { -- Tcl_AppendResult(interp, "protocol not supported", NULL); -+ Tcl_AppendResult(interp, "protocol TLS1.2 not supported", NULL); - return (SSL_CTX *)0; - } Property changes on: head/devel/tcltls/files/patch-protocols ___________________________________________________________________ Deleted: fbsd:nokeywords ## -1 +0,0 ## -yes \ No newline at end of property Deleted: svn:eol-style ## -1 +0,0 ## -native \ No newline at end of property Deleted: svn:mime-type ## -1 +0,0 ## -text/plain \ No newline at end of property Index: head/devel/tcltls/files/patch-gen_dh_params =================================================================== --- head/devel/tcltls/files/patch-gen_dh_params (nonexistent) +++ head/devel/tcltls/files/patch-gen_dh_params (revision 441314) @@ -0,0 +1,27 @@ +--- gen_dh_params 2017-05-01 10:45:59.000000000 -0400 ++++ gen_dh_params 2017-05-16 18:19:20.703957000 -0400 +@@ -12,11 +12,8 @@ + + openssl_dhparam() { +- if [ -x "`which openssl 2>/dev/null`" ]; then +- o_output="`openssl dhparam -C "$@" 2>/dev/null`" || return 1 +- o_output="`echo "${o_output}" | sed 's/get_dh[0-9]\+/get_dhParams/'`" || return 1 +- o_output="`echo "${o_output}" | sed '/^-----BEGIN DH PARAMETERS-----$/,/^-----END DH PARAMETERS-----$/ d;/^#/ d'`" || return 1 +- +- echo "${o_output}" +- ++ if openssl dhparam -C "$@" | sed \ ++ -e 's/^DH \*get_dh[0-9]*/static DH *get_dhParams/' \ ++ -e '/^-----BEGIN DH PARAMETERS-----$/,/^-----END DH PARAMETERS-----$/ d;/^#/ d' ++ then + return 0 + fi +@@ -273,6 +270,6 @@ + echo "*****************************" >&2 + gen_dh_params_openssl && exit 0 +-gen_dh_params_remote && exit 0 +-gen_dh_params_fallback && exit 0 ++# gen_dh_params_remote && exit 0 ++# gen_dh_params_fallback && exit 0 + + echo "Unable to generate parameters for DH of ${bits} bits" >&2 Property changes on: head/devel/tcltls/files/patch-gen_dh_params ___________________________________________________________________ Added: fbsd:nokeywords ## -0,0 +1 ## +yes \ No newline at end of property Added: svn:eol-style ## -0,0 +1 ## +native \ No newline at end of property Added: svn:mime-type ## -0,0 +1 ## +text/plain \ No newline at end of property