FreeBSD Bugzilla – Attachment 221740 Details for
Bug 252829
security/wolfssl: Add DEBUG option and enable more features
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
security/wolfssl: Add DEBUG option and enable more features
0001-security-wolfssl-Add-DEBUG-option-and-enable-more-fe.patch (text/plain), 3.94 KB, created by
Fabian Keil
on 2021-01-19 13:41:19 UTC
(
hide
)
Description:
security/wolfssl: Add DEBUG option and enable more features
Filename:
MIME Type:
Creator:
Fabian Keil
Created:
2021-01-19 13:41:19 UTC
Size:
3.94 KB
patch
obsolete
>From 10dae0460a46e6bd6075a52e28e8050e283925a1 Mon Sep 17 00:00:00 2001 >From: Fabian Keil <fk@fabiankeil.de> >Date: Tue, 12 Jan 2021 11:45:54 +0100 >Subject: [PATCH] security/wolfssl: Add DEBUG option and enable more features > >- Set --enable-opensslall which is needed for > wolfSSL_X509_NAME_print_ex() and friends. >- Set --enable-certgen to allow certificate generation. >- Define WOLFSSL_ALT_NAMES so one can generate certificates > with the Subject Alternative Name extension. >- Set --enable-sessioncerts to allow to inspect certificates > with wolfSSL_get_peer_cert_chain(). >- Set --enable-des3 so one can load PBES2-3DES-CBC-encoded keys. > >While at it, add a patch to prevent memory leaks. >--- > security/wolfssl/Makefile | 12 ++++++-- > security/wolfssl/files/patch-src-ssl.c | 40 ++++++++++++++++++++++++++ > 2 files changed, 50 insertions(+), 2 deletions(-) > create mode 100644 security/wolfssl/files/patch-src-ssl.c > >diff --git a/security/wolfssl/Makefile b/security/wolfssl/Makefile >index dad5f8b2a600..cf12b46c2ec9 100644 >--- a/security/wolfssl/Makefile >+++ b/security/wolfssl/Makefile >@@ -2,6 +2,7 @@ > > PORTNAME= wolfssl > PORTVERSION= 4.6.0 >+PORTREVISION= 1 > CATEGORIES= security devel > MASTER_SITES= https://www.wolfssl.com/ \ > LOCAL/fox >@@ -16,14 +17,18 @@ USE_LDCONFIG= yes > > GNU_CONFIGURE= yes > CONFIGURE_ARGS= --disable-dependency-tracking \ >+ --enable-certgen \ >+ --enable-des3 \ > --enable-dh \ > --enable-dsa \ > --enable-dtls \ > --enable-ecc \ > --enable-ipv6 \ > --enable-keygen \ >+ --enable-opensslall \ > --enable-opensslextra \ > --enable-ripemd \ >+ --enable-sessioncerts \ > --enable-sha512 \ > --enable-shared \ > --enable-sni \ >@@ -32,8 +37,11 @@ CONFIGURE_ARGS= --disable-dependency-tracking \ > --enable-tls13 \ > --enable-tls13-draft18 > TEST_TARGET= check >+CFLAGS+= -DWOLFSSL_ALT_NAMES > PORTDOCS= * >-OPTIONS_DEFINE= DOCS >+OPTIONS_DEFINE= DEBUG DOCS >+ >+DEBUG_CONFIGURE_ON= --enable-debug > > post-configure: > @${REINPLACE_CMD} \ >@@ -42,7 +50,7 @@ post-configure: > -e '/^pkgconfigdir/s|(libdir)|&data|' \ > ${WRKSRC}/Makefile > >-post-install: >+post-install-DEBUG-off: > @${STRIP_CMD} ${STAGEDIR}${PREFIX}/lib/libwolfssl.so > > .include <bsd.port.mk> >diff --git a/security/wolfssl/files/patch-src-ssl.c b/security/wolfssl/files/patch-src-ssl.c >new file mode 100644 >index 000000000000..020f7b991d58 >--- /dev/null >+++ b/security/wolfssl/files/patch-src-ssl.c >@@ -0,0 +1,40 @@ >+From 0aead8cb868003a5dff2e81d6a7ffd7579652610 Mon Sep 17 00:00:00 2001 >+From: Fabian Keil <fk@fabiankeil.de> >+Date: Sun, 17 Jan 2021 11:21:59 +0100 >+Subject: [PATCH] wolfSSL_CertManagerFree(): free refMutex >+ >+Fixes memory leaks like: >+ ==323== 96 bytes in 1 blocks are definitely lost in loss record 3 of 4 >+ ==323== at 0x4C291E1: calloc (in /usr/local/lib/valgrind/vgpreload_memcheck-amd64-freebsd.so) >+ ==323== by 0x585495F: pthread_mutex_init (in /lib/libthr.so.3) >+ ==323== by 0x4E7B5E8: wc_InitMutex (wc_port.c:1071) >+ ==323== by 0x4F09540: wolfSSL_CertManagerNew_ex (ssl.c:3596) >+ ==323== by 0x4EC6A81: InitSSL_Ctx (internal.c:1752) >+ ==323== by 0x4F0441E: wolfSSL_CTX_new_ex (ssl.c:394) >+ ==323== by 0x4F04658: wolfSSL_CTX_new (ssl.c:436) >+ ==323== by 0x400AA2: main (wolfssl-ctx-leak.c:9) >+ >+This is a partial cherry-pick of upstream commit >+9598c037168b73ce2f by Tesfa Mael. >+--- >+ src/ssl.c | 4 +++- >+ 1 file changed, 3 insertions(+), 1 deletion(-) >+ >+diff --git src/ssl.c src/ssl.c >+index 19d36795e..9433d302e 100644 >+--- src/ssl.c >++++ src/ssl.c >+@@ -3663,7 +3663,9 @@ void wolfSSL_CertManagerFree(WOLFSSL_CERT_MANAGER* cm) >+ FreeTrustedPeerTable(cm->tpTable, TP_TABLE_SIZE, cm->heap); >+ wc_FreeMutex(&cm->tpLock); >+ #endif >+- >++ if (wc_FreeMutex(&cm->refMutex) != 0) { >++ WOLFSSL_MSG("Couldn't free refMutex mutex"); >++ } >+ XFREE(cm, cm->heap, DYNAMIC_TYPE_CERT_MANAGER); >+ } >+ } >+-- >+2.30.0 >+ >-- >2.30.0 >
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 252829
: 221740