On Wed, Jan 04, 2017 at 05:53:30PM +0100, Alexander Bluhm wrote:
> Net-SSLeay 1.79 provides a function RSA_get_key_parameters() that
> only works with OpenSSL < 1.1. As it works also with our LibreSSL,
> I have added a #ifdef for that.
>
> Now Net::SSLeay checks for #ifndef OPENSSL_NO_COMP. So the sub
> Net::SSLeay::COMP_add_compression_method() does not exists anymore.
> I think this is intensional as LibreSSL says "no compression is
> also a feature of libressl".
Net::SSLeay has been updated to 1.80 to resolve the issue with
IO::Socket::SSL. Patch for LibreSSL remains the same.
ok?
bluhm
Index: security/p5-Net_SSLeay/Makefile
===================================================================
RCS file: /data/mirror/openbsd/cvs/ports/security/p5-Net_SSLeay/Makefile,v
retrieving revision 1.63
diff -u -p -r1.63 Makefile
--- security/p5-Net_SSLeay/Makefile 16 Aug 2016 16:34:07 -0000 1.63
+++ security/p5-Net_SSLeay/Makefile 5 Jan 2017 20:58:43 -0000
@@ -2,7 +2,7 @@
COMMENT = perl module for using OpenSSL
-DISTNAME = Net-SSLeay-1.78
+DISTNAME = Net-SSLeay-1.80
CATEGORIES = security
Index: security/p5-Net_SSLeay/distinfo
===================================================================
RCS file: /data/mirror/openbsd/cvs/ports/security/p5-Net_SSLeay/distinfo,v
retrieving revision 1.40
diff -u -p -r1.40 distinfo
--- security/p5-Net_SSLeay/distinfo 16 Aug 2016 16:34:07 -0000 1.40
+++ security/p5-Net_SSLeay/distinfo 5 Jan 2017 20:58:49 -0000
@@ -1,2 +1,2 @@
-SHA256 (Net-SSLeay-1.78.tar.gz) = 5/VkJ2AviXRGATuEuf9RuOirT84LvQhsTijBmKlC7VM=
-SIZE (Net-SSLeay-1.78.tar.gz) = 394554
+SHA256 (Net-SSLeay-1.80.tar.gz) = pUGmbVn8X5u3rwnToLaDBeTEO6lIixKRVyj9KC6gG5M=
+SIZE (Net-SSLeay-1.80.tar.gz) = 395820
Index: security/p5-Net_SSLeay/patches/patch-SSLeay_xs
===================================================================
RCS file: security/p5-Net_SSLeay/patches/patch-SSLeay_xs
diff -N security/p5-Net_SSLeay/patches/patch-SSLeay_xs
--- /dev/null 1 Jan 1970 00:00:00 -0000
+++ security/p5-Net_SSLeay/patches/patch-SSLeay_xs 5 Jan 2017 21:01:35
-0000
@@ -0,0 +1,12 @@
+$OpenBSD$
+--- SSLeay.xs.orig Wed Jan 4 22:39:08 2017
++++ SSLeay.xs Thu Jan 5 22:01:15 2017
+@@ -4989,7 +4989,7 @@ RSA_generate_key(bits,e,perl_cb=&PL_sv_undef,perl_data
+
+ #endif
+
+-#if OPENSSL_VERSION_NUMBER < 0x10100000L
++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
+
+ void
+ RSA_get_key_parameters(rsa)
Index: security/p5-Net_SSLeay/patches/patch-t_local_33_x509_create_cert_t
===================================================================
RCS file: security/p5-Net_SSLeay/patches/patch-t_local_33_x509_create_cert_t
diff -N security/p5-Net_SSLeay/patches/patch-t_local_33_x509_create_cert_t
--- /dev/null 1 Jan 1970 00:00:00 -0000
+++ security/p5-Net_SSLeay/patches/patch-t_local_33_x509_create_cert_t 4 Jan
2017 18:26:41 -0000
@@ -0,0 +1,28 @@
+$OpenBSD$
+--- t/local/33_x509_create_cert.t.orig Tue Nov 1 22:46:12 2016
++++ t/local/33_x509_create_cert.t Wed Jan 4 17:39:35 2017
+@@ -2,7 +2,7 @@
+
+ use strict;
+ use warnings;
+-use Test::More tests => 122;
++use Test::More tests => 123;
+ use Net::SSLeay qw/MBSTRING_ASC MBSTRING_UTF8 EVP_PK_RSA EVP_PKT_SIGN
EVP_PKT_ENC/;
+ use File::Spec;
+ use utf8;
+@@ -32,9 +32,12 @@ is(Net::SSLeay::X509_NAME_cmp($ca_issuer, $ca_subject)
+ ok(my $rsa = Net::SSLeay::RSA_generate_key(2048, &Net::SSLeay::RSA_F4),
"RSA_generate_key");
+ ok(Net::SSLeay::EVP_PKEY_assign_RSA($pk,$rsa), "EVP_PKEY_assign_RSA");
+
+-# ONly in pre 1.1:
+-# my @params = Net::SSLeay::RSA_get_key_parameters($rsa);
+-# ok(@params == 8, "RSA_get_key_parameters");
++ SKIP: {
++ skip 'openssl<1.1.0 required', 1 unless Net::SSLeay::SSLeay < 0x10100000
++ or Net::SSLeay::constant("LIBRESSL_VERSION_NUMBER");
++ my @params = Net::SSLeay::RSA_get_key_parameters($rsa);
++ ok(@params == 8, "RSA_get_key_parameters");
++ }
+
+ ok(my $x509 = Net::SSLeay::X509_new(), "X509_new");
+ ok(Net::SSLeay::X509_set_pubkey($x509,$pk), "X509_set_pubkey");
