Bug 232218 - sysutils/ori: Fix OpenSSL build
Summary: sysutils/ori: Fix OpenSSL build
Status: Open
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: --- Affects Only Me
Assignee: freebsd-ports-bugs (Nobody)
URL: https://reviews.freebsd.org/D18997
Keywords: needs-patch, needs-qa
Depends on:
Blocks: 231931
  Show dependency treegraph
Reported: 2018-10-13 05:08 UTC by Nathan
Modified: 2020-09-25 14:42 UTC (History)
4 users (show)

See Also:
bugzilla: maintainer-feedback? (mashti)
koobs: merge-quarterly?

Fix OpenSSL 1.1.x build (5.53 KB, patch)
2018-10-13 05:08 UTC, Nathan
no flags Details | Diff
OpenSSL 1.1 LLD fix (5.54 KB, patch)
2018-10-14 03:28 UTC, Nathan
no flags Details | Diff
Fix OpenSSL 1.1.x build (5.56 KB, patch)
2018-10-14 03:29 UTC, Nathan
no flags Details | Diff
V2 (5.50 KB, patch)
2018-10-14 04:13 UTC, Nathan
koobs: maintainer-approval? (mashti)
Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Nathan 2018-10-13 05:08:25 UTC
Created attachment 198088 [details]
Fix OpenSSL 1.1.x build

sysutils/ori: Fix OpenSSL build
 PR:             231931
 Submitted by:   Nathan <ndowens@yahoo.com>
Comment 1 Tobias Kortkamp freebsd_committer 2018-10-13 06:53:43 UTC
+-    EVP_MD_CTX ctx;
++    EVP_MD_CTX *ctx = NULL;
+     assert(x509 != NULL && key != NULL);
+-    EVP_VerifyInit(&ctx, EVP_sha256());
+-    EVP_VerifyUpdate(&ctx, blob.data(), blob.size());
+-    err = EVP_VerifyFinal(&ctx, (const unsigned char *)digest.data(),
++    EVP_VerifyInit(ctx, EVP_sha256());
++    EVP_VerifyUpdate(ctx, blob.data(), blob.size());
++    err = EVP_VerifyFinal(ctx, (const unsigned char *)digest.data(),
+                           digest.length(), key);

No.  No memory was allocated here prior to calling EVP_VerifyInit().
Comment 2 Nathan 2018-10-14 03:28:02 UTC
Created attachment 198111 [details]
OpenSSL 1.1 LLD fix

 sysutils/ori: Fix OpenSSL build
 PR:             231931
 Submitted by:   Nathan <ndowens@yahoo.com>
Comment 3 Nathan 2018-10-14 03:29:25 UTC
Created attachment 198112 [details]
Fix OpenSSL 1.1.x build

Missed one EVP_MD_CTX_new
Comment 4 Nathan 2018-10-14 04:13:26 UTC
Created attachment 198113 [details]

Not sure if this one or the other is the correct way to do this, so I added this one as well. I suspect this one is probably the correct way?
Comment 5 Tobias Kortkamp freebsd_committer 2018-10-20 18:51:03 UTC
(In reply to Nathan from comment #4)
V2 looks ok to me at a quick glance (I have not looked at the first version).
Comment 6 Tobias Kortkamp freebsd_committer 2018-12-09 21:13:49 UTC
Adding upstream issue
Comment 7 Ali Mashtizadeh 2018-12-10 17:57:55 UTC
I've made a few fixes to my upstream repository and plan to cut a new release and update the port this week.  Sorry for the delay.  I guess I'm not able to change the assignee?
Comment 8 Kubilay Kocak freebsd_committer freebsd_triage 2018-12-14 11:21:06 UTC
(In reply to Ali Mashtizadeh from comment #7)

Does attachment 198113 [details] resolve the issue correctly/completely? If so, it can be committed in lieu of upstream commits/merges/releases
Comment 9 John Baldwin freebsd_committer freebsd_triage 2019-07-02 20:43:06 UTC
(In reply to Kubilay Kocak from comment #8)
I see a few bugs in the latest patch still.  It was not freeing the structures that it allocated, and while the EVP_MD case was fixed to use 'new' to allocate a context, the cipher case was still just using 'ctx = NULL' with 'init' which is still wrong and needs to use 'new'.  I also can't tell if from the phab URL this is supposed to be fixed upstream instead, but the phab review shows that the updated version from upstream is also broken.