Bug 228902 - devel/qca: Fails to build with OpenSSL 1.1
Summary: devel/qca: Fails to build with OpenSSL 1.1
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: --- Affects Only Me
Assignee: freebsd-kde (group)
URL:
Keywords:
Depends on:
Blocks: 228865 231931
  Show dependency treegraph
 
Reported: 2018-06-11 19:41 UTC by Bernard Spil
Modified: 2019-02-28 13:48 UTC (History)
3 users (show)

See Also:
tcberner: maintainer-feedback+


Attachments
v1 (1.45 KB, patch)
2018-06-12 04:56 UTC, Tobias C. Berner
no flags Details | Diff
Fix OpenSSL 1.x build (61.21 KB, patch)
2018-10-07 19:01 UTC, Nathan
ndowens04: maintainer-approval? (tcberner)
Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Bernard Spil freebsd_committer freebsd_triage 2018-06-11 19:41:06 UTC
incomplete type 'DSA_SIG'

During BSDCan 2018 the intention to update OpenSSL in base to 1.1.x branch was documented.

Intention is to update 12-STABLE to current 1.1.0 and subsequently update it to 1.1.1 when that is released. 

Poudriere log: https://keg.brnrd.eu/data/111amd64-default-openssl110/2018-06-11_10h42m37s/logs/errors/qca-qt5-2.1.3_1.log
Comment 1 Tobias C. Berner freebsd_committer freebsd_triage 2018-06-12 04:28:02 UTC
We can import the upstream commit:

https://github.com/KDE/qca/commit/d58e20ee652038dc4ec4fe4765dc3639ed735526
Comment 2 Tobias C. Berner freebsd_committer freebsd_triage 2018-06-12 04:56:23 UTC
Created attachment 194185 [details]
v1

Here's a quick update to the port to the tag containing the patch... [-qt4 is broken by this...]


mfg Tobias
Comment 3 Tobias C. Berner freebsd_committer freebsd_triage 2018-06-12 05:01:00 UTC
Sorry, looked at the output wrong :) 10.4 is broken
Comment 5 Nathan 2018-10-07 18:48:36 UTC
Got this one working, just got to get it to where both openssl-base and openssl-devel+ works
Comment 6 Nathan 2018-10-07 19:01:33 UTC
Created attachment 197883 [details]
Fix OpenSSL 1.x build

 devel/qca:
 
 * Fix OpenSSL 1.1.x build
 * Add License, while here
 
 PR:             228902
 Submitted by:   Nathan <ndowens@yahoo.com>
Comment 7 commit-hook freebsd_committer freebsd_triage 2018-10-11 19:57:05 UTC
A commit references this bug:

Author: adridg
Date: Thu Oct 11 19:56:48 UTC 2018
New revision: 481850
URL: https://svnweb.freebsd.org/changeset/ports/481850

Log:
  Fix devel/qca with OpenSSL 1.1.1.

  Contains portions extracted from upstream and portions created by
  submitter. Upstream bits are marked with their git hash.

  PR:		228902
  Submitted by:	Nathan <ndowens@yahoo.com>
  Reported by:	brnrd

Changes:
  head/devel/qca/Makefile
  head/devel/qca/files/
  head/devel/qca/files/patch-git_e854f357
  head/devel/qca/files/patch-plugins_qca-ossl_libcrypto-compat.c
  head/devel/qca/files/patch-plugins_qca-ossl_libcrypto-compat.h
  head/devel/qca/files/patch-plugins_qca-ossl_qca-ossl.cpp
Comment 8 Adriaan de Groot freebsd_committer freebsd_triage 2018-10-12 09:20:07 UTC
Tests pass in 12-(openssl111) and 11.1 amd64, for both flavors, so I consider this fixed.
Comment 9 commit-hook freebsd_committer freebsd_triage 2018-10-19 13:06:03 UTC
A commit references this bug:

Author: antoine
Date: Fri Oct 19 13:05:54 UTC 2018
New revision: 482426
URL: https://svnweb.freebsd.org/changeset/ports/482426

Log:
  MFH: r481850

  Fix devel/qca with OpenSSL 1.1.1.

  Contains portions extracted from upstream and portions created by
  submitter. Upstream bits are marked with their git hash.

  PR:		228902
  Submitted by:	Nathan <ndowens@yahoo.com>
  Reported by:	brnrd

Changes:
_U  branches/2018Q4/
  branches/2018Q4/devel/qca/Makefile
  branches/2018Q4/devel/qca/files/
Comment 10 commit-hook freebsd_committer freebsd_triage 2019-02-27 19:23:02 UTC
A commit references this bug:

Author: rakuco
Date: Wed Feb 27 19:22:17 UTC 2019
New revision: 494079
URL: https://svnweb.freebsd.org/changeset/ports/494079

Log:
  Replace OpenSSL 1.1.0 with upstream ones

  The patches from bug 228902 and added in r481850 are not entirely compatible
  with older OpenSSL versions, to the point that the qca-ossl plugin refuses to
  load at all on FreeBSD 11.2, for example (see bug 232784 and its duplicates).

  Fix it by replacing our patches with backports from upstream the same way
  OpenSUSE does it (the OpenSSL 1.1.0 upstream patch was authored by SUSE):

  * Revert an upstream commit made only to the 2.1 branch disabling a few ciphers
    in the unit tests.
  * Backport a change to the master branch that never made it to the 2.1 branch
    disabling the ciphers mentioned above as well as a few other ones, so that we
    can backport the actual change adding support for OpenSSL 1.1.0 more clealy.
  * Backport the actual OpenSSL 1.1.0 support commit, with a few conflicts
    resolved due to the lack of a commit adding suport for AES GCM and AES CCM in
    the 2.1 branch. The patch was actually obtained from OpenSUSE's repositories,
    since they had to resolve the same conflict as well.

  The port built fine on 11.2-i386, an old 12-CURRENT snapshot on amd64 as well
  as 13-CURRENT on amd64, and all unit tests are passing except for some PGP ones
  that are unrelated. With the patches we have in the tree, a lot of unit tests
  failed on 11.2 due to the qca-ossl plugin failing to load.

  PR:		228902
  PR:		232784
  Reviewed by:	tcberner
  Differential Revision:	https://reviews.freebsd.org/D19347

Changes:
  head/devel/qca/Makefile
  head/devel/qca/files/patch-openssl110_01
  head/devel/qca/files/patch-openssl110_02
  head/devel/qca/files/patch-openssl110_03
  head/devel/qca/files/patch-plugins_qca-ossl_libcrypto-compat.c
  head/devel/qca/files/patch-plugins_qca-ossl_libcrypto-compat.h
  head/devel/qca/files/patch-plugins_qca-ossl_qca-ossl.cpp
Comment 11 commit-hook freebsd_committer freebsd_triage 2019-02-28 13:48:21 UTC
A commit references this bug:

Author: rakuco
Date: Thu Feb 28 13:47:40 UTC 2019
New revision: 494150
URL: https://svnweb.freebsd.org/changeset/ports/494150

Log:
  MFH: r494079

  Replace OpenSSL 1.1.0 with upstream ones

  The patches from bug 228902 and added in r481850 are not entirely compatible
  with older OpenSSL versions, to the point that the qca-ossl plugin refuses to
  load at all on FreeBSD 11.2, for example (see bug 232784 and its duplicates).

  Fix it by replacing our patches with backports from upstream the same way
  OpenSUSE does it (the OpenSSL 1.1.0 upstream patch was authored by SUSE):

  * Revert an upstream commit made only to the 2.1 branch disabling a few ciphers
    in the unit tests.
  * Backport a change to the master branch that never made it to the 2.1 branch
    disabling the ciphers mentioned above as well as a few other ones, so that we
    can backport the actual change adding support for OpenSSL 1.1.0 more clealy.
  * Backport the actual OpenSSL 1.1.0 support commit, with a few conflicts
    resolved due to the lack of a commit adding suport for AES GCM and AES CCM in
    the 2.1 branch. The patch was actually obtained from OpenSUSE's repositories,
    since they had to resolve the same conflict as well.

  The port built fine on 11.2-i386, an old 12-CURRENT snapshot on amd64 as well
  as 13-CURRENT on amd64, and all unit tests are passing except for some PGP ones
  that are unrelated. With the patches we have in the tree, a lot of unit tests
  failed on 11.2 due to the qca-ossl plugin failing to load.

  PR:		228902
  PR:		232784
  Reviewed by:	tcberner
  Differential Revision:	https://reviews.freebsd.org/D19347

  Approved by:	ports-secteam (joneum)

Changes:
_U  branches/2019Q1/
  branches/2019Q1/devel/qca/Makefile
  branches/2019Q1/devel/qca/files/patch-openssl110_01
  branches/2019Q1/devel/qca/files/patch-openssl110_02
  branches/2019Q1/devel/qca/files/patch-openssl110_03
  branches/2019Q1/devel/qca/files/patch-plugins_qca-ossl_libcrypto-compat.c
  branches/2019Q1/devel/qca/files/patch-plugins_qca-ossl_libcrypto-compat.h
  branches/2019Q1/devel/qca/files/patch-plugins_qca-ossl_qca-ossl.cpp