Bug 218727

Summary: security/opensc: pkcs11-tool broken if compiled against LibreSSL
Product: Ports & Packages Reporter: Johannes Jost Meixner <xmj>
Component: Individual Port(s)Assignee: Alex Dupre <ale>
Status: Closed FIXED    
Severity: Affects Only Me Flags: bugzilla: maintainer-feedback? (ale)
Priority: ---    
Version: Latest   
Hardware: Any   
OS: Any   
Attachments:
Description Flags
conditionally remove gost support none

Description Johannes Jost Meixner freebsd_committer freebsd_triage 2017-04-18 12:44:11 UTC 
Created attachment 181863 [details]
conditionally remove gost support

LibreSSL removed support for GOST in the past, so calls to ENGINE_load_gost from pkcs11-tool will fail:

-----
xmj@mx16:~fractalcells/repos/fractalcells-ports/security/opensc $ pkcs11-tool --list-slots
sc_dlopen failed: /usr/local/lib/opensc-pkcs11.so: Undefined symbol "ENGINE_load_gost"
error: Failed to load pkcs11 module
Aborting.
-----

Stealing the voidlinux patch from [1] yields the attached patch, which works with LibreSSL on HardenedBSD. 

xmj@mx16:~fractalcells/repos/fractalcells-ports/security/opensc $ pkcs11-tool --list-slots
Available slots:
No slots.


[1] https://github.com/voidlinux/void-packages/commit/4b22d402a290a6192853dd3994e24128023a3b7e
Comment 1 commit-hook freebsd_committer freebsd_triage 2017-04-20 07:43:26 UTC 
A commit references this bug:

Author: ale
Date: Thu Apr 20 07:42:39 UTC 2017
New revision: 438929
URL: https://svnweb.freebsd.org/changeset/ports/438929

Log:
  Don't load gost algo when compiled against libressl.

  PR:		218727
  Submitted by:	xmj

Changes:
  head/security/opensc/files/patch-src_pkcs11_openssl.c