Bug 216845 - security/tor: fix build with libressl-devel
Summary: security/tor: fix build with libressl-devel
Status: Closed Overcome By Events
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: --- Affects Only Me
Assignee: Matthew Rezny
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2017-02-06 13:33 UTC by Piotr Kubaj
Modified: 2017-03-27 15:42 UTC (History)
3 users (show)

See Also:
yuri: maintainer-feedback+

Attachments
patch (1.60 KB, patch)
2017-02-06 13:33 UTC, Piotr Kubaj 		no flags Details | Diff
svn diff for security/tor (2.26 KB, patch)
2017-02-16 15:07 UTC, Bernard Spil 		no flags Details | Diff
fix build of security/tor with libressl-devel (1.68 KB, patch)
2017-03-20 15:23 UTC, Matthew Rezny 		rezny: maintainer-approval?
Details | Diff
Show Obsolete (2) View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Piotr Kubaj freebsd_committer freebsd_triage 2017-02-06 13:33:04 UTC 
Created attachment 179675 [details]
patch

Building tor with libressl-devel currently graciously fails:
src/test/test_tortls.c:449:13: error: no member named 'rwstate' in 'struct ssl_st'
  tls->ssl->rwstate = SSL_READING;
  ~~~~~~~~  ^
src/test/test_tortls.c:457:13: error: no member named 'rwstate' in 'struct ssl_st'
  tls->ssl->rwstate = SSL_READING;
  ~~~~~~~~  ^
src/test/test_tortls.c:465:13: error: no member named 'rwstate' in 'struct ssl_st'
  tls->ssl->rwstate = 0;
  ~~~~~~~~  ^
src/test/test_tortls.c:466:13: error: no member named 'shutdown' in 'struct ssl_st'
  tls->ssl->shutdown = SSL_RECEIVED_SHUTDOWN;
  ~~~~~~~~  ^
src/test/test_tortls.c:467:17: error: no member named 'warn_alert' in 'struct ssl3_state_st'
  tls->ssl->s3->warn_alert =SSL_AD_CLOSE_NOTIFY;
  ~~~~~~~~~~~~  ^
src/test/test_tortls.c:1138:11: error: no member named 'ssl_pending' in 'struct ssl_method_st'
  method->ssl_pending = fixed_ssl_pending;
  ~~~~~~  ^
src/test/test_tortls.c:1412:22: error: no member named 'sess_cert' in 'struct ssl_session_st'
  tls->ssl->session->sess_cert = (void *)sess;
  ~~~~~~~~~~~~~~~~~  ^
src/test/test_tortls.c:1552:24: error: no member named 'tls_session_secret_cb' in 'struct ssl_st'
  tt_assert(!tls->ssl->tls_session_secret_cb);
             ~~~~~~~~  ^
./src/ext/tinytest_macros.h:111:37: note: expanded from macro 'tt_assert'
#define tt_assert(b) tt_assert_msg((b), "assert("#b")")
                                    ^
./src/ext/tinytest_macros.h:106:11: note: expanded from macro 'tt_assert_msg'
        tt_want_(b, msg, TT_EXIT_TEST_FUNCTION);
                 ^
./src/ext/tinytest_macros.h:91:8: note: expanded from macro 'tt_want_'
        if (!(b)) {                                     \
              ^
src/test/test_tortls.c:1561:24: error: no member named 'tls_session_secret_cb' in 'struct ssl_st'
  tt_assert(!tls->ssl->tls_session_secret_cb);
             ~~~~~~~~  ^
./src/ext/tinytest_macros.h:111:37: note: expanded from macro 'tt_assert'
#define tt_assert(b) tt_assert_msg((b), "assert("#b")")
                                    ^
./src/ext/tinytest_macros.h:106:11: note: expanded from macro 'tt_assert_msg'
        tt_want_(b, msg, TT_EXIT_TEST_FUNCTION);
                 ^
./src/ext/tinytest_macros.h:91:8: note: expanded from macro 'tt_want_'
        if (!(b)) {                                     \
              ^
src/test/test_tortls.c:1685:23: error: no member named 'info_callback' in 'struct ssl_st'
  tt_assert(tls->ssl->info_callback == tor_tls_server_info_callback);
            ~~~~~~~~  ^
./src/ext/tinytest_macros.h:111:37: note: expanded from macro 'tt_assert'
#define tt_assert(b) tt_assert_msg((b), "assert("#b")")
                                    ^
./src/ext/tinytest_macros.h:106:11: note: expanded from macro 'tt_assert_msg'
        tt_want_(b, msg, TT_EXIT_TEST_FUNCTION);
                 ^
./src/ext/tinytest_macros.h:91:8: note: expanded from macro 'tt_want_'
        if (!(b)) {                                     \
              ^
src/test/test_tortls.c:1688:23: error: no member named 'info_callback' in 'struct ssl_st'
  tt_assert(tls->ssl->info_callback == tor_tls_debug_state_callback);
            ~~~~~~~~  ^
./src/ext/tinytest_macros.h:111:37: note: expanded from macro 'tt_assert'
#define tt_assert(b) tt_assert_msg((b), "assert("#b")")
                                    ^
./src/ext/tinytest_macros.h:106:11: note: expanded from macro 'tt_assert_msg'
        tt_want_(b, msg, TT_EXIT_TEST_FUNCTION);
                 ^
./src/ext/tinytest_macros.h:91:8: note: expanded from macro 'tt_want_'
        if (!(b)) {                                     \
              ^
src/test/test_tortls.c:1936:11: error: no member named 'ssl_read' in 'struct ssl_method_st'
  method->ssl_read = fixed_ssl_read;
  ~~~~~~  ^
src/test/test_tortls.c:1937:11: error: no member named 'ssl_shutdown' in 'struct ssl_method_st'
  method->ssl_shutdown = fixed_ssl_shutdown;
  ~~~~~~  ^
src/test/test_tortls.c:2048:13: error: no member named 'handshake_func' in 'struct ssl_st'
  tls->ssl->handshake_func = dummy_handshake_func;
  ~~~~~~~~  ^
src/test/test_tortls.c:2050:11: error: no member named 'ssl_read' in 'struct ssl_method_st'
  method->ssl_read = fixed_ssl_read;
  ~~~~~~  ^
src/test/test_tortls.c:2128:11: error: no member named 'ssl_write' in 'struct ssl_method_st'
  method->ssl_write = fixed_ssl_write;
  ~~~~~~  ^
src/test/test_tortls.c:2129:13: error: no member named 'handshake_func' in 'struct ssl_st'
  tls->ssl->handshake_func = dummy_handshake_func;
  ~~~~~~~~  ^
src/test/test_tortls.c:2137:13: error: no member named 'rwstate' in 'struct ssl_st'
  tls->ssl->rwstate = SSL_READING;
  ~~~~~~~~  ^
src/test/test_tortls.c:2144:13: error: no member named 'rwstate' in 'struct ssl_st'
  tls->ssl->rwstate = SSL_READING;
  ~~~~~~~~  ^
fatal error: too many errors emitted, stopping now [-ferror-limit=]
20 errors generated.

The attached patch fixes those errors, allowing the port to be built with {open,libre}ssl{,devel}.

It's based on the patch used in OpenBSD ports.
Comment 1 Yuri Victorovich freebsd_committer freebsd_triage 2017-02-06 18:53:39 UTC 
Do you have the URL for this code in OpenBSD?
Comment 2 Piotr Kubaj freebsd_committer freebsd_triage 2017-02-06 18:57:32 UTC 
(In reply to Yuri Victorovich from comment #1)
https://github.com/openbsd/ports/blob/master/net/tor/patches/patch-src_test_test_tortls_c
Comment 3 Yuri Victorovich freebsd_committer freebsd_triage 2017-02-06 18:59:32 UTC 
Thanks!
Comment 4 Bernard Spil freebsd_committer freebsd_triage 2017-02-16 15:07:54 UTC 
Created attachment 180050 [details]
svn diff for security/tor

security/tor: Fix SSL option and LibreSSL 2.5

  - Modify --with-ssl option as per --help output
  - Add LibreSSL 2.5.1 patch from OpenBSD


The patch is re-rolled with makepatch, annotated with original source
Comment 5 Matthew Rezny freebsd_committer freebsd_triage 2017-03-20 15:23:15 UTC 
Created attachment 181002 [details]
fix build of security/tor with libressl-devel

I reworked the patch to correctly handle all versions of both libraries and took care to check LIBRESSL_VERSION_NUMBER is defined before checking its value. I have verified tor with my patch builds with openssl, openssl-devel, libressl, and libressl-devel. Only the last one of those should be affected by this patch.

Also, --with-openssl-dir appears to be correct.
from configure --help:
  --with-ssl-dir=PATH     obsolete alias for --with-openssl-dir
  --with-openssl-dir=PATH specify path to openssl installation
Comment 6 Matthew Rezny freebsd_committer freebsd_triage 2017-03-27 15:42:46 UTC 
This patch is no longer needed with the most recent update to security/tor.