The current version of tcltls in ports is 1.6 which only supports up to TLS 1.0. Supposedly TLS 1.0 is not considered that secure anymore. TCLTLS development has since moved to core.tcl.tk and tcltls 1.7.16 adds support up to TLS 1.2 . Some files have been moved around moved around/renamed upstream so this patch is a little more than just a version bump.
Last time I submitted a patch I made some errors, so please let me know if there are things I need to change.
-- Currell
Index: Makefile
===================================================================
RCS file: /cvs/ports/security/tcltls/Makefile,v
retrieving revision 1.15
diff -u -p -r1.15 Makefile
--- Makefile 12 May 2017 21:41:46 -0000 1.15
+++ Makefile 29 Apr 2018 22:38:35 -0000
@@ -2,15 +2,14 @@
COMMENT= OpenSSL Tcl extension
-VERSION= 1.6
+VERSION= 1.7.16
-DISTNAME= tls${VERSION}-src
+DISTNAME= tcltls-${VERSION}
PKGNAME= tcltls-${VERSION}
-REVISION= 3
CATEGORIES= security
-HOMEPAGE= http://tls.sourceforge.net/
+HOMEPAGE= http://core.tcl.tk/tcltls
MAINTAINER= Sebastian Reitenbach <sebastia@openbsd.org>
@@ -19,29 +18,29 @@ PERMIT_PACKAGE_CDROM= Yes
WANTLIB= ssl crypto
-MASTER_SITES= ${MASTER_SITE_SOURCEFORGE:=tls/}
+MASTER_SITES= https://core.tcl.tk/tcltls/uv/ \
+ https://tcltls.rkeene.org/uv/
MODULES= lang/tcl
RUN_DEPENDS= ${MODTCL_RUN_DEPENDS}
BUILD_DEPENDS= ${RUN_DEPENDS}
-WRKDIST= ${WRKDIR}/tls${VERSION}
+WRKDIST= ${WRKDIR}/tcltls-${VERSION}
SEPARATE_BUILD =Yes
CONFIGURE_STYLE=gnu
CONFIGURE_ARGS= --libdir=${MODTCL_TCLDIR} \
--with-tcl=${MODTCL_LIBDIR} \
--with-tclinclude=${MODTCL_INCDIR} \
--with-ssl-dir=/usr \
- --includedir=${PREFIX}/include/tcltls
+ --includedir=${PREFIX}/include/tcltls \
+ --disable-sslv2 \
+ --disable-sslv3
FAKE_FLAGS = PKG_DIR='$$(PACKAGE_NAME)' INSTALL_PROGRAM='$$(INSTALL_DATA)'
-INSTALL_TARGET= install-binaries
+INSTALL_TARGET= install
TEST_TARGET= test
-CFLAGS += -DNO_SSL2 -DNO_SSL3
-SUBST_VARS= VER
-
-VER= ${VERSION:S/.//g}
+SUBST_VARS= VERSION
post-install:
${INSTALL_DATA_DIR} ${PREFIX}/share/doc/tcltls/
Index: distinfo
===================================================================
RCS file: /cvs/ports/security/tcltls/distinfo,v
retrieving revision 1.4
diff -u -p -r1.4 distinfo
--- distinfo 18 Jan 2015 03:15:08 -0000 1.4
+++ distinfo 29 Apr 2018 22:38:35 -0000
@@ -1,2 +1,2 @@
-SHA256 (tls1.6-src.tar.gz) = rexQFDqa1jSmcdJPfHu/JFVIfrXxLSkPQXl8MqmLk/M=
-SIZE (tls1.6-src.tar.gz) = 168043
+SHA256 (tcltls-1.7.16.tar.gz) = aEUABzK+33ZOeMI0zuZG+Vu2jfNOWQw5Q0q47db1ua8=
+SIZE (tcltls-1.7.16.tar.gz) = 166439
Index: patches/patch-configure
===================================================================
RCS file: patches/patch-configure
diff -N patches/patch-configure
--- patches/patch-configure 12 May 2017 21:41:47 -0000 1.2
+++ /dev/null 1 Jan 1970 00:00:00 -0000
@@ -1,13 +0,0 @@
-$OpenBSD: patch-configure,v 1.2 2017/05/12 21:41:47 stu Exp $
-Index: configure
---- configure.orig
-+++ configure
-@@ -8155,7 +8155,7 @@ echo "${ECHO_T}$tcl_cv_ld_elf" >&6
- DL_LIBS=""
- CC_SEARCH_FLAGS='-Wl,-rpath,${LIB_RUNTIME_DIR}'
- LD_SEARCH_FLAGS=${CC_SEARCH_FLAGS}
-- SHARED_LIB_SUFFIX='${TCL_TRIM_DOTS}.so.1.0'
-+ SHARED_LIB_SUFFIX='${TCL_TRIM_DOTS}.so'
- echo "$as_me:$LINENO: checking for ELF" >&5
- echo $ECHO_N "checking for ELF... $ECHO_C" >&6
- if test "${tcl_cv_ld_elf+set}" = set; then
Index: patches/patch-tests_ciphers_test
===================================================================
RCS file: /cvs/ports/security/tcltls/patches/patch-tests_ciphers_test,v
retrieving revision 1.2
diff -u -p -r1.2 patch-tests_ciphers_test
--- patches/patch-tests_ciphers_test 5 Jan 2011 18:04:58 -0000 1.2
+++ patches/patch-tests_ciphers_test 29 Apr 2018 22:38:35 -0000
@@ -1,41 +1,33 @@
-$OpenBSD: patch-tests_ciphers_test,v 1.2 2011/01/05 18:04:58 sebastia Exp $
+$OpenBSD$
-Those tests will fail.
-
---- tests/ciphers.test.orig Fri Jun 22 23:03:34 2007
-+++ tests/ciphers.test Sun Dec 5 12:57:05 2010
-@@ -105,22 +105,22 @@ test ciphers-1.2 {Tls::ciphers for tls1} {rsabsafe} {
- listcompare $::EXPECTEDCIPHERS(rsabsafe) [tls::ciphers tls1]
- } {}
+Index: tests/ciphers.test
+--- tests/ciphers.test.orig
++++ tests/ciphers.test
+@@ -122,17 +122,17 @@ proc listcompare {wants haves} {
+ }
+ }
--test ciphers-1.3 {Tls::ciphers for ssl3} {openssl} {
-- # This will fail if you compiled against RSA bsafe or with a
-- # different set of defines than the default.
+-test ciphers-1.1 {Tls::ciphers for ssl3} {rsabsafe} {
+- # This will fail if you compiled against OpenSSL.
- # Change the constraint setting above.
-- listcompare $::EXPECTEDCIPHERS(openssl) [tls::ciphers ssl3]
+- listcompare $::EXPECTEDCIPHERS(rsabsafe) [tls::ciphers ssl3]
-} {}
-+#test ciphers-1.3 {Tls::ciphers for ssl3} {openssl} {
-+# # This will fail if you compiled against RSA bsafe or with a
-+# # different set of defines than the default.
++#test ciphers-1.1 {Tls::ciphers for ssl3} {rsabsafe} {
++# # This will fail if you compiled against OpenSSL.
+# # Change the constraint setting above.
-+# listcompare $::EXPECTEDCIPHERS(openssl) [tls::ciphers ssl3]
++# listcompare $::EXPECTEDCIPHERS(rsabsafe) [tls::ciphers ssl3]
+#} {}
- # This version of the test is correct for OpenSSL only.
- # An equivalent test for the RSA BSAFE SSL-C is earlier in this file.
-
--test ciphers-1.4 {Tls::ciphers for tls1} {openssl} {
-- # This will fail if you compiled against RSA bsafe or with a
-- # different set of defines than the default.
-- # Change the constraint setting in all.tcl
-- listcompare $::EXPECTEDCIPHERS(openssl) [tls::ciphers tls1]
+-test ciphers-1.2 {Tls::ciphers for tls1} {rsabsafe} {
+- # This will fail if you compiled against OpenSSL.
+- # Change the constraint setting above.
+- listcompare $::EXPECTEDCIPHERS(rsabsafe) [tls::ciphers tls1]
-} {}
-+#test ciphers-1.4 {Tls::ciphers for tls1} {openssl} {
-+# # This will fail if you compiled against RSA bsafe or with a
-+# # different set of defines than the default.
-+# # Change the constraint setting in all.tcl
-+# listcompare $::EXPECTEDCIPHERS(openssl) [tls::ciphers tls1]
++#test ciphers-1.2 {Tls::ciphers for tls1} {rsabsafe} {
++# # This will fail if you compiled against OpenSSL.
++# # Change the constraint setting above.
++# listcompare $::EXPECTEDCIPHERS(rsabsafe) [tls::ciphers tls1]
+#} {}
-
- # cleanup
+ test ciphers-1.3 {Tls::ciphers for ssl3} {openssl} {
+ # This will fail if you compiled against RSA bsafe or with a
Index: pkg/PLIST
===================================================================
RCS file: /cvs/ports/security/tcltls/pkg/PLIST,v
retrieving revision 1.3
diff -u -p -r1.3 PLIST
--- pkg/PLIST 12 May 2017 21:41:47 -0000 1.3
+++ pkg/PLIST 29 Apr 2018 22:38:35 -0000
@@ -1,7 +1,6 @@
@comment $OpenBSD: PLIST,v 1.3 2017/05/12 21:41:47 stu Exp $
-lib/tcl/tls/
-lib/tcl/tls/libtls${VER}.so
-lib/tcl/tls/pkgIndex.tcl
-lib/tcl/tls/tls.tcl
+lib/tcl/tcltls${VERSION}/
+lib/tcl/tcltls${VERSION}/tcltls.so
+lib/tcl/tcltls${VERSION}/pkgIndex.tcl
share/doc/tcltls/
share/doc/tcltls/tls.htm
No comments:
Post a Comment