pkgsrc-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[pkgsrc/trunk]: pkgsrc/www/cadaver cadaver: Build with OpenSSL 1.1... by swit...



details:   https://anonhg.NetBSD.org/pkgsrc/rev/f32de243b80b
branches:  trunk
changeset: 428132:f32de243b80b
user:      nia <nia%pkgsrc.org@localhost>
date:      Sat Apr 25 13:47:31 2020 +0000

description:
cadaver: Build with OpenSSL 1.1... by switching to gnutls and fixing that

diffstat:

 www/cadaver/Makefile                             |   26 +-
 www/cadaver/distinfo                             |    6 +-
 www/cadaver/patches/patch-lib_neon_ne__auth.c    |   24 +
 www/cadaver/patches/patch-lib_neon_ne__gnutls.c  |  340 +++++++++++++++++++++++
 www/cadaver/patches/patch-lib_neon_ne__privssl.h |   37 ++
 www/cadaver/patches/patch-lib_neon_ne__socket.c  |   90 ++++++
 6 files changed, 503 insertions(+), 20 deletions(-)

diffs (truncated from 571 to 300 lines):

diff -r 067d79fa8790 -r f32de243b80b www/cadaver/Makefile
--- a/www/cadaver/Makefile      Sat Apr 25 12:56:54 2020 +0000
+++ b/www/cadaver/Makefile      Sat Apr 25 13:47:31 2020 +0000
@@ -1,37 +1,25 @@
-# $NetBSD: Makefile,v 1.51 2020/04/24 12:14:01 nia Exp $
+# $NetBSD: Makefile,v 1.52 2020/04/25 13:47:31 nia Exp $
 
 DISTNAME=              cadaver-0.23.3
-PKGREVISION=           5
+PKGREVISION=           6
 CATEGORIES=            www
-#MASTER_SITES=         http://www.webdav.org/cadaver/
+MASTER_SITES=          http://www.webdav.org/cadaver/
 
 MAINTAINER=            pkgsrc-users%NetBSD.org@localhost
-#HOMEPAGE=             http://www.webdav.org/cadaver/
+HOMEPAGE=              http://www.webdav.org/cadaver/
 COMMENT=               Command-line WebDAV client
-
-BROKEN=                        "Fails to build with OpenSSL 1.1"
+LICENSE=               gnu-gpl-v2
 
 BUILD_TARGET=          cadaver
 GNU_CONFIGURE=         YES
 USE_PKGLOCALEDIR=      yes
 CONFIGURE_ARGS+=       --enable-netrc
 CONFIGURE_ARGS+=       --with-expat
-#CONFIGURE_ARGS+=      --with-included-neon
-CONFIGURE_ARGS+=       --with-ssl=yes
+CONFIGURE_ARGS+=       --with-ssl=gnutls
 LIBS+=                 ${BUILDLINK_LDADD.termcap}
 
-#INSTALL_MAKE_FLAGS+=  bindir=${DESTDIR:Q}${PREFIX:Q}/bin              \
-#                      mandir=${DESTDIR:Q}${PREFIX:Q}/${PKGMANDIR:Q}
-
 .include "../../mk/readline.buildlink3.mk"
-.include "../../security/openssl/buildlink3.mk"
 .include "../../textproc/expat/buildlink3.mk"
-.include "../../www/neon/buildlink3.mk"
 .include "../../devel/gettext-lib/buildlink3.mk"
-# DON'T make this package depend on the www/neon package until neon
-# becomes stable; keep it using its internal copy of neon as with
-# www/sitecopy.  This package has in the past bounced back and forth
-# between using external and internal neon because neon moves faster
-# than cadaver, and does so incompatibly.
-
+.include "../../security/gnutls/buildlink3.mk"
 .include "../../mk/bsd.pkg.mk"
diff -r 067d79fa8790 -r f32de243b80b www/cadaver/distinfo
--- a/www/cadaver/distinfo      Sat Apr 25 12:56:54 2020 +0000
+++ b/www/cadaver/distinfo      Sat Apr 25 13:47:31 2020 +0000
@@ -1,7 +1,11 @@
-$NetBSD: distinfo,v 1.10 2015/11/04 02:46:51 agc Exp $
+$NetBSD: distinfo,v 1.11 2020/04/25 13:47:31 nia Exp $
 
 SHA1 (cadaver-0.23.3.tar.gz) = 4ad8ea2341b77e7dee26b46e4a8a496f1a2962cd
 RMD160 (cadaver-0.23.3.tar.gz) = 104f687cfd121b091ba2f509b37574509b4ffabd
 SHA512 (cadaver-0.23.3.tar.gz) = 48fe0a266be0ca7239f325377e5e2a8dc57a5d60466c7160e36c060ad24c09a50727695b9fa931844b1e66e173ebbb838f390d6c60fd07b614bd3b636cd4dd41
 Size (cadaver-0.23.3.tar.gz) = 831884 bytes
 SHA1 (patch-aa) = 6b8391e825d8bc4131fdab4aee7214a0181a9b69
+SHA1 (patch-lib_neon_ne__auth.c) = b3be23038af390d52830e1c00c8313606e79ba96
+SHA1 (patch-lib_neon_ne__gnutls.c) = ab502c65db85b2e2db100dcbaad3f51de3e9e895
+SHA1 (patch-lib_neon_ne__privssl.h) = 83431345d2333423c664ce4f764683b1ee48b571
+SHA1 (patch-lib_neon_ne__socket.c) = effeded3caa19853b1845fdeea4754491f11e009
diff -r 067d79fa8790 -r f32de243b80b www/cadaver/patches/patch-lib_neon_ne__auth.c
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/www/cadaver/patches/patch-lib_neon_ne__auth.c     Sat Apr 25 13:47:31 2020 +0000
@@ -0,0 +1,24 @@
+$NetBSD: patch-lib_neon_ne__auth.c,v 1.1 2020/04/25 13:47:31 nia Exp $
+
+Fix build with newer gnutls.
+
+--- lib/neon/ne_auth.c.orig    2009-12-02 21:27:34.000000000 +0000
++++ lib/neon/ne_auth.c
+@@ -46,7 +46,7 @@
+ #ifdef HAVE_OPENSSL
+ #include <openssl/rand.h>
+ #elif defined(HAVE_GNUTLS)
+-#include <gcrypt.h>
++#include <gnutls/crypto.h>
+ #endif
+ 
+ #include <errno.h>
+@@ -316,7 +316,7 @@ static char *get_cnonce(void) 
+ 
+ #ifdef HAVE_GNUTLS
+     if (1) {
+-        gcry_create_nonce(data, sizeof data);
++        gnutls_rnd(GNUTLS_RND_NONCE, data, sizeof data);
+         ne_md5_process_bytes(data, sizeof data, hash);
+     }
+     else
diff -r 067d79fa8790 -r f32de243b80b www/cadaver/patches/patch-lib_neon_ne__gnutls.c
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/www/cadaver/patches/patch-lib_neon_ne__gnutls.c   Sat Apr 25 13:47:31 2020 +0000
@@ -0,0 +1,340 @@
+$NetBSD: patch-lib_neon_ne__gnutls.c,v 1.1 2020/04/25 13:47:31 nia Exp $
+
+Fix build with newer gnutls.
+
+--- lib/neon/ne_gnutls.c.orig  2009-12-02 21:40:41.000000000 +0000
++++ lib/neon/ne_gnutls.c
+@@ -33,15 +33,13 @@
+ #include <errno.h>
+ 
+ #include <gnutls/gnutls.h>
++#include <gnutls/abstract.h>
+ #include <gnutls/pkcs12.h>
+ 
+ #ifdef NE_HAVE_TS_SSL
+ #include <errno.h>
+ #include <pthread.h>
+-#include <gcrypt.h>
+ GCRY_THREAD_OPTION_PTHREAD_IMPL;
+-#else
+-#include <gcrypt.h>
+ #endif
+ 
+ #ifdef HAVE_ICONV
+@@ -67,30 +65,30 @@ struct ne_ssl_dname_s {
+     gnutls_x509_dn_t dn;
+ #else
+     int subject; /* non-zero if this is the subject DN object */
+-    gnutls_x509_crt cert;
++    gnutls_x509_crt_t cert;
+ #endif
+ };
+ 
+ struct ne_ssl_certificate_s {
+     ne_ssl_dname subj_dn, issuer_dn;
+-    gnutls_x509_crt subject;
++    gnutls_x509_crt_t subject;
+     ne_ssl_certificate *issuer;
+     char *identity;
+ };
+ 
+ struct ne_ssl_client_cert_s {
+-    gnutls_pkcs12 p12;
++    gnutls_pkcs12_t p12;
+     int decrypted; /* non-zero if successfully decrypted. */
+     int keyless;
+     ne_ssl_certificate cert;
+-    gnutls_x509_privkey pkey;
++    gnutls_x509_privkey_t pkey;
+     char *friendly_name;
+ };
+ 
+ /* Returns the highest used index in subject (or issuer) DN of
+  * certificate CERT for OID, or -1 if no RDNs are present in the DN
+  * using that OID. */
+-static int oid_find_highest_index(gnutls_x509_crt cert, int subject, const char *oid)
++static int oid_find_highest_index(gnutls_x509_crt_t cert, int subject, const char *oid)
+ {
+     int ret, idx = -1;
+ 
+@@ -113,7 +111,7 @@ static int oid_find_highest_index(gnutls
+ 
+ #ifdef HAVE_ICONV
+ static void convert_dirstring(ne_buffer *buf, const char *charset, 
+-                              gnutls_datum *data)
++                              gnutls_datum_t *data)
+ {
+     iconv_t id = iconv_open("UTF-8", charset);
+     size_t inlen = data->size, outlen = buf->length - buf->used;
+@@ -150,7 +148,7 @@ static void convert_dirstring(ne_buffer 
+ #define TAG_UNIVERSAL (28)
+ #define TAG_BMP (30)
+ 
+-static void append_dirstring(ne_buffer *buf, gnutls_datum *data, unsigned long tag)
++static void append_dirstring(ne_buffer *buf, gnutls_datum_t *data, unsigned long tag)
+ {
+     switch (tag) {
+     case TAG_UTF8:
+@@ -240,7 +238,7 @@ char *ne_ssl_readable_dname(const ne_ssl
+ 
+ /* Appends the value of RDN with given oid from certitifcate x5
+  * subject (if subject is non-zero), or issuer DN to buffer 'buf': */
+-static void append_rdn(ne_buffer *buf, gnutls_x509_crt x5, int subject, const char *oid)
++static void append_rdn(ne_buffer *buf, gnutls_x509_crt_t x5, int subject, const char *oid)
+ {
+     int idx, top, ret;
+     char rdn[50];
+@@ -353,7 +351,7 @@ void ne_ssl_cert_validity_time(const ne_
+  * If 'identity' is non-NULL, store the malloc-allocated identity in
+  * *identity.  If 'server' is non-NULL, it must be the network address
+  * of the server in use, and identity must be NULL. */
+-static int check_identity(const ne_uri *server, gnutls_x509_crt cert,
++static int check_identity(const ne_uri *server, gnutls_x509_crt_t cert,
+                           char **identity)
+ {
+     char name[255];
+@@ -460,7 +458,7 @@ static int check_identity(const ne_uri *
+  * that x5 is owned by returned cert object and must not be otherwise
+  * freed by the caller.  */
+ static ne_ssl_certificate *populate_cert(ne_ssl_certificate *cert,
+-                                         gnutls_x509_crt x5)
++                                         gnutls_x509_crt_t x5)
+ {
+ #ifdef HAVE_NEW_DN_API
+     gnutls_x509_crt_get_subject(x5, &cert->subj_dn.dn);
+@@ -479,12 +477,12 @@ static ne_ssl_certificate *populate_cert
+ }
+ 
+ /* Returns a copy certificate of certificate SRC. */
+-static gnutls_x509_crt x509_crt_copy(gnutls_x509_crt src)
++static gnutls_x509_crt_t x509_crt_copy(gnutls_x509_crt_t src)
+ {
+     int ret;
+     size_t size;
+-    gnutls_datum tmp;
+-    gnutls_x509_crt dest;
++    gnutls_datum_t tmp;
++    gnutls_x509_crt_t dest;
+     
+     if (gnutls_x509_crt_init(&dest) != 0) {
+         return NULL;
+@@ -547,10 +545,10 @@ dup_error:
+ }    
+ 
+ /* Callback invoked when the SSL server requests a client certificate.  */
+-static int provide_client_cert(gnutls_session session,
+-                               const gnutls_datum *req_ca_rdn, int nreqs,
+-                               const gnutls_pk_algorithm *sign_algos,
+-                               int sign_algos_length, gnutls_retr_st *st)
++static int provide_client_cert(gnutls_session_t session,
++                               const gnutls_datum_t *req_ca_rdn, int nreqs,
++                               const gnutls_pk_algorithm_t *sign_algos,
++                               int sign_algos_length, gnutls_retr2_st *st)
+ {
+     ne_session *sess = gnutls_session_get_ptr(session);
+     
+@@ -606,11 +604,11 @@ static int provide_client_cert(gnutls_se
+     }
+ 
+     if (sess->client_cert) {
+-        gnutls_certificate_type type = gnutls_certificate_type_get(session);
++        gnutls_certificate_type_t type = gnutls_certificate_type_get(session);
+         if (type == GNUTLS_CRT_X509) {
+             NE_DEBUG(NE_DBG_SSL, "Supplying client certificate.\n");
+ 
+-            st->type = type;
++            st->cert_type = type;
+             st->ncerts = 1;
+             st->cert.x509 = &sess->client_cert->cert.subject;
+             st->key.x509 = sess->client_cert->pkey;
+@@ -639,8 +637,7 @@ ne_ssl_context *ne_ssl_context_create(in
+     ne_ssl_context *ctx = ne_calloc(sizeof *ctx);
+     gnutls_certificate_allocate_credentials(&ctx->cred);
+     if (flags == NE_SSL_CTX_CLIENT) {
+-        gnutls_certificate_client_set_retrieve_function(ctx->cred,
+-                                                        provide_client_cert);
++        gnutls_certificate_set_retrieve_function(ctx->cred, provide_client_cert);
+     }
+     gnutls_certificate_set_verify_flags(ctx->cred, 
+                                         GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT);
+@@ -689,9 +686,9 @@ void ne_ssl_context_destroy(ne_ssl_conte
+ #ifdef HAVE_GNUTLS_CERTIFICATE_GET_X509_CAS
+ /* Return the issuer of the given certificate, or NULL if none can be
+  * found. */
+-static gnutls_x509_crt find_issuer(gnutls_x509_crt *ca_list,
++static gnutls_x509_crt_t find_issuer(gnutls_x509_crt_t *ca_list,
+                                    unsigned int num_cas,
+-                                   gnutls_x509_crt cert)
++                                   gnutls_x509_crt_t cert)
+ {
+     unsigned int n;
+ 
+@@ -705,11 +702,11 @@ static gnutls_x509_crt find_issuer(gnutl
+ #endif
+ 
+ /* Return the certificate chain sent by the peer, or NULL on error. */
+-static ne_ssl_certificate *make_peers_chain(gnutls_session sock,
+-                                            gnutls_certificate_credentials crd)
++static ne_ssl_certificate *make_peers_chain(gnutls_session_t sock,
++                                            gnutls_certificate_credentials_t crd)
+ {
+     ne_ssl_certificate *current = NULL, *top = NULL;
+-    const gnutls_datum *certs;
++    const gnutls_datum_t *certs;
+     unsigned int n, count;
+     ne_ssl_certificate *cert;
+ 
+@@ -721,7 +718,7 @@ static ne_ssl_certificate *make_peers_ch
+     NE_DEBUG(NE_DBG_SSL, "ssl: Got %u certs in peer chain.\n", count);
+     
+     for (n = 0; n < count; n++) {
+-        gnutls_x509_crt x5;
++        gnutls_x509_crt_t x5;
+ 
+         if (gnutls_x509_crt_init(&x5) ||
+             gnutls_x509_crt_import(x5, &certs[n], GNUTLS_X509_FMT_DER)) {
+@@ -746,8 +743,8 @@ static ne_ssl_certificate *make_peers_ch
+      * in the Certificate list during the handshake.  Fill in the
+      * complete chain manually against the certs we trust: */
+     if (current->issuer == NULL) {
+-        gnutls_x509_crt issuer;
+-        gnutls_x509_crt *ca_list;
++        gnutls_x509_crt_t issuer;
++        gnutls_x509_crt_t *ca_list;
+         unsigned int num_cas;



Home | Main Index | Thread Index | Old Index