Bug 218727 - security/opensc: pkcs11-tool broken if compiled against LibreSSL
Summary: security/opensc: pkcs11-tool broken if compiled against LibreSSL
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: --- Affects Only Me
Assignee: Alex Dupre
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2017-04-18 12:44 UTC by Johannes Jost Meixner
Modified: 2017-04-20 07:43 UTC (History)
0 users

See Also:
bugzilla: maintainer-feedback? (ale)

Attachments
conditionally remove gost support (1.29 KB, patch)
2017-04-18 12:44 UTC, Johannes Jost Meixner 		no flags Details | Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Johannes Jost Meixner freebsd_committer freebsd_triage 2017-04-18 12:44:11 UTC 
Created attachment 181863 [details]
conditionally remove gost support

LibreSSL removed support for GOST in the past, so calls to ENGINE_load_gost from pkcs11-tool will fail:

-----
xmj@mx16:~fractalcells/repos/fractalcells-ports/security/opensc $ pkcs11-tool --list-slots
sc_dlopen failed: /usr/local/lib/opensc-pkcs11.so: Undefined symbol "ENGINE_load_gost"
error: Failed to load pkcs11 module
Aborting.
-----

Stealing the voidlinux patch from [1] yields the attached patch, which works with LibreSSL on HardenedBSD. 

xmj@mx16:~fractalcells/repos/fractalcells-ports/security/opensc $ pkcs11-tool --list-slots
Available slots:
No slots.


[1] https://github.com/voidlinux/void-packages/commit/4b22d402a290a6192853dd3994e24128023a3b7e
Comment 1 commit-hook freebsd_committer freebsd_triage 2017-04-20 07:43:26 UTC 
A commit references this bug:

Author: ale
Date: Thu Apr 20 07:42:39 UTC 2017
New revision: 438929
URL: https://svnweb.freebsd.org/changeset/ports/438929

Log:
  Don't load gost algo when compiled against libressl.

  PR:		218727
  Submitted by:	xmj

Changes:
  head/security/opensc/files/patch-src_pkcs11_openssl.c