and while here what about switching to using openssl 3.1? it's where we had issues (see the privsep crypto thingy in smtpd-portable.)
does the switch to openssl 3.1 requires a shlib bump? Index: Makefile =================================================================== RCS file: /home/cvs/ports/security/openssl/libretls/Makefile,v retrieving revision 1.10 diff -u -p -r1.10 Makefile --- Makefile 27 Sep 2023 16:34:34 -0000 1.10 +++ Makefile 12 Oct 2023 07:30:11 -0000 @@ -1,6 +1,6 @@ COMMENT = libtls library used with OpenSSL 1.1 for testing -V = 3.7.0 +V = 3.8.1 DISTNAME = libretls-$V PKGNAME = libretls-$V @@ -13,27 +13,27 @@ HOMEPAGE = https://git.causal.agency/lib # ISC PERMIT_PACKAGE = Yes -WANTLIB = c lib/eopenssl11/crypto lib/eopenssl11/ssl +WANTLIB = lib/eopenssl31/crypto lib/eopenssl31/ssl SITES = https://causal.agency/libretls/ # OpenSSL used because this port is specifically intended for testing # portable versions of OpenBSD daemons against OpenSSL+libretls -LIB_DEPENDS = security/openssl/1.1 +LIB_DEPENDS = security/openssl/3.1 USE_LIBTOOL = gnu CONFIGURE_STYLE = gnu old -CONFIGURE_ARGS = --libdir=${LOCALBASE}/lib/eopenssl11 \ - --includedir=${LOCALBASE}/include/eopenssl11 \ - --mandir=${LOCALBASE}/lib/eopenssl11/man -CONFIGURE_ENV = CFLAGS="${CFLAGS} -I${LOCALBASE}/include/eopenssl11" \ - LDFLAGS="-L${LOCALBASE}/lib/eopenssl11 -Wl,-rpath,${LOCALBASE}/lib/eopenssl11" +CONFIGURE_ARGS = --libdir=${LOCALBASE}/lib/eopenssl31 \ + --includedir=${LOCALBASE}/include/eopenssl31 \ + --mandir=${LOCALBASE}/lib/eopenssl31/man +CONFIGURE_ENV = CFLAGS="${CFLAGS} -I${LOCALBASE}/include/eopenssl31" \ + LDFLAGS="-L${LOCALBASE}/lib/eopenssl31 -Wl,-rpath,${LOCALBASE}/lib/eopenssl31" SEPARATE_BUILD = Yes # move pkgconfig files here, the build infrastructure is not layed out for that post-install: - mv ${PREFIX}/lib/eopenssl11/pkgconfig/libtls.pc \ + mv ${PREFIX}/lib/eopenssl31/pkgconfig/libtls.pc \ ${PREFIX}/lib/pkgconfig/libetls.pc - rmdir ${PREFIX}/lib/eopenssl11/pkgconfig + rmdir ${PREFIX}/lib/eopenssl31/pkgconfig .include <bsd.port.mk> Index: distinfo =================================================================== RCS file: /home/cvs/ports/security/openssl/libretls/distinfo,v retrieving revision 1.6 diff -u -p -r1.6 distinfo --- distinfo 24 Dec 2022 11:34:59 -0000 1.6 +++ distinfo 12 Oct 2023 07:04:19 -0000 @@ -1,2 +1,2 @@ -SHA256 (libretls-3.7.0.tar.gz) = mqXTqRM5MsNiB1JZsLF7sMiXQfobJTUTbfLe16DBM5I= -SIZE (libretls-3.7.0.tar.gz) = 427980 +SHA256 (libretls-3.8.1.tar.gz) = O8n8DmGCfuL2COXkSZOo/abWELgKHgGpx1YQzCkpl7U= +SIZE (libretls-3.8.1.tar.gz) = 432142 Index: pkg/PLIST =================================================================== RCS file: /home/cvs/ports/security/openssl/libretls/pkg/PLIST,v retrieving revision 1.2 diff -u -p -r1.2 PLIST --- pkg/PLIST 11 Mar 2022 19:53:37 -0000 1.2 +++ pkg/PLIST 12 Oct 2023 07:05:50 -0000 @@ -1,93 +1,93 @@ -include/eopenssl11/tls.h -@static-lib lib/eopenssl11/libtls.a -lib/eopenssl11/libtls.la -@lib lib/eopenssl11/libtls.so.${LIBtls_VERSION} -@man lib/eopenssl11/man/man3/tls_accept_cbs.3 -@man lib/eopenssl11/man/man3/tls_accept_fds.3 -@man lib/eopenssl11/man/man3/tls_accept_socket.3 -@man lib/eopenssl11/man/man3/tls_client.3 -@man lib/eopenssl11/man/man3/tls_close.3 -@man lib/eopenssl11/man/man3/tls_config_add_keypair_file.3 -@man lib/eopenssl11/man/man3/tls_config_add_keypair_mem.3 -@man lib/eopenssl11/man/man3/tls_config_add_keypair_ocsp_file.3 -@man lib/eopenssl11/man/man3/tls_config_add_keypair_ocsp_mem.3 -@man lib/eopenssl11/man/man3/tls_config_add_ticket_key.3 -@man lib/eopenssl11/man/man3/tls_config_clear_keys.3 -@man lib/eopenssl11/man/man3/tls_config_error.3 -@man lib/eopenssl11/man/man3/tls_config_free.3 -@man lib/eopenssl11/man/man3/tls_config_insecure_noverifycert.3 -@man lib/eopenssl11/man/man3/tls_config_insecure_noverifyname.3 -@man lib/eopenssl11/man/man3/tls_config_insecure_noverifytime.3 -@man lib/eopenssl11/man/man3/tls_config_new.3 -@man lib/eopenssl11/man/man3/tls_config_ocsp_require_stapling.3 -@man lib/eopenssl11/man/man3/tls_config_parse_protocols.3 -@man lib/eopenssl11/man/man3/tls_config_prefer_ciphers_client.3 -@man lib/eopenssl11/man/man3/tls_config_prefer_ciphers_server.3 -@man lib/eopenssl11/man/man3/tls_config_set_alpn.3 -@man lib/eopenssl11/man/man3/tls_config_set_ca_file.3 -@man lib/eopenssl11/man/man3/tls_config_set_ca_mem.3 -@man lib/eopenssl11/man/man3/tls_config_set_ca_path.3 -@man lib/eopenssl11/man/man3/tls_config_set_cert_file.3 -@man lib/eopenssl11/man/man3/tls_config_set_cert_mem.3 -@man lib/eopenssl11/man/man3/tls_config_set_ciphers.3 -@man lib/eopenssl11/man/man3/tls_config_set_crl_file.3 -@man lib/eopenssl11/man/man3/tls_config_set_crl_mem.3 -@man lib/eopenssl11/man/man3/tls_config_set_dheparams.3 -@man lib/eopenssl11/man/man3/tls_config_set_ecdhecurves.3 -@man lib/eopenssl11/man/man3/tls_config_set_key_file.3 -@man lib/eopenssl11/man/man3/tls_config_set_key_mem.3 -@man lib/eopenssl11/man/man3/tls_config_set_keypair_file.3 -@man lib/eopenssl11/man/man3/tls_config_set_keypair_mem.3 -@man lib/eopenssl11/man/man3/tls_config_set_keypair_ocsp_file.3 -@man lib/eopenssl11/man/man3/tls_config_set_keypair_ocsp_mem.3 -@man lib/eopenssl11/man/man3/tls_config_set_ocsp_staple_file.3 -@man lib/eopenssl11/man/man3/tls_config_set_ocsp_staple_mem.3 -@man lib/eopenssl11/man/man3/tls_config_set_protocols.3 -@man lib/eopenssl11/man/man3/tls_config_set_session_fd.3 -@man lib/eopenssl11/man/man3/tls_config_set_session_id.3 -@man lib/eopenssl11/man/man3/tls_config_set_session_lifetime.3 -@man lib/eopenssl11/man/man3/tls_config_set_verify_depth.3 -@man lib/eopenssl11/man/man3/tls_config_verify.3 -@man lib/eopenssl11/man/man3/tls_config_verify_client.3 -@man lib/eopenssl11/man/man3/tls_config_verify_client_optional.3 -@man lib/eopenssl11/man/man3/tls_configure.3 -@man lib/eopenssl11/man/man3/tls_conn_alpn_selected.3 -@man lib/eopenssl11/man/man3/tls_conn_cipher.3 -@man lib/eopenssl11/man/man3/tls_conn_cipher_strength.3 -@man lib/eopenssl11/man/man3/tls_conn_servername.3 -@man lib/eopenssl11/man/man3/tls_conn_session_resumed.3 -@man lib/eopenssl11/man/man3/tls_conn_version.3 -@man lib/eopenssl11/man/man3/tls_connect.3 -@man lib/eopenssl11/man/man3/tls_connect_cbs.3 -@man lib/eopenssl11/man/man3/tls_connect_fds.3 -@man lib/eopenssl11/man/man3/tls_connect_servername.3 -@man lib/eopenssl11/man/man3/tls_connect_socket.3 -@man lib/eopenssl11/man/man3/tls_default_ca_cert_file.3 -@man lib/eopenssl11/man/man3/tls_error.3 -@man lib/eopenssl11/man/man3/tls_free.3 -@man lib/eopenssl11/man/man3/tls_handshake.3 -@man lib/eopenssl11/man/man3/tls_init.3 -@man lib/eopenssl11/man/man3/tls_load_file.3 -@man lib/eopenssl11/man/man3/tls_ocsp_process_response.3 -@man lib/eopenssl11/man/man3/tls_peer_cert_chain_pem.3 -@man lib/eopenssl11/man/man3/tls_peer_cert_contains_name.3 -@man lib/eopenssl11/man/man3/tls_peer_cert_hash.3 -@man lib/eopenssl11/man/man3/tls_peer_cert_issuer.3 -@man lib/eopenssl11/man/man3/tls_peer_cert_notafter.3 -@man lib/eopenssl11/man/man3/tls_peer_cert_notbefore.3 -@man lib/eopenssl11/man/man3/tls_peer_cert_provided.3 -@man lib/eopenssl11/man/man3/tls_peer_cert_subject.3 -@man lib/eopenssl11/man/man3/tls_peer_ocsp_cert_status.3 -@man lib/eopenssl11/man/man3/tls_peer_ocsp_crl_reason.3 -@man lib/eopenssl11/man/man3/tls_peer_ocsp_next_update.3 -@man lib/eopenssl11/man/man3/tls_peer_ocsp_response_status.3 -@man lib/eopenssl11/man/man3/tls_peer_ocsp_result.3 -@man lib/eopenssl11/man/man3/tls_peer_ocsp_revocation_time.3 -@man lib/eopenssl11/man/man3/tls_peer_ocsp_this_update.3 -@man lib/eopenssl11/man/man3/tls_peer_ocsp_url.3 -@man lib/eopenssl11/man/man3/tls_read.3 -@man lib/eopenssl11/man/man3/tls_reset.3 -@man lib/eopenssl11/man/man3/tls_server.3 -@man lib/eopenssl11/man/man3/tls_unload_file.3 -@man lib/eopenssl11/man/man3/tls_write.3 +include/eopenssl31/tls.h +@static-lib lib/eopenssl31/libtls.a +lib/eopenssl31/libtls.la +@lib lib/eopenssl31/libtls.so.${LIBtls_VERSION} +@man lib/eopenssl31/man/man3/tls_accept_cbs.3 +@man lib/eopenssl31/man/man3/tls_accept_fds.3 +@man lib/eopenssl31/man/man3/tls_accept_socket.3 +@man lib/eopenssl31/man/man3/tls_client.3 +@man lib/eopenssl31/man/man3/tls_close.3 +@man lib/eopenssl31/man/man3/tls_config_add_keypair_file.3 +@man lib/eopenssl31/man/man3/tls_config_add_keypair_mem.3 +@man lib/eopenssl31/man/man3/tls_config_add_keypair_ocsp_file.3 +@man lib/eopenssl31/man/man3/tls_config_add_keypair_ocsp_mem.3 +@man lib/eopenssl31/man/man3/tls_config_add_ticket_key.3 +@man lib/eopenssl31/man/man3/tls_config_clear_keys.3 +@man lib/eopenssl31/man/man3/tls_config_error.3 +@man lib/eopenssl31/man/man3/tls_config_free.3 +@man lib/eopenssl31/man/man3/tls_config_insecure_noverifycert.3 +@man lib/eopenssl31/man/man3/tls_config_insecure_noverifyname.3 +@man lib/eopenssl31/man/man3/tls_config_insecure_noverifytime.3 +@man lib/eopenssl31/man/man3/tls_config_new.3 +@man lib/eopenssl31/man/man3/tls_config_ocsp_require_stapling.3 +@man lib/eopenssl31/man/man3/tls_config_parse_protocols.3 +@man lib/eopenssl31/man/man3/tls_config_prefer_ciphers_client.3 +@man lib/eopenssl31/man/man3/tls_config_prefer_ciphers_server.3 +@man lib/eopenssl31/man/man3/tls_config_set_alpn.3 +@man lib/eopenssl31/man/man3/tls_config_set_ca_file.3 +@man lib/eopenssl31/man/man3/tls_config_set_ca_mem.3 +@man lib/eopenssl31/man/man3/tls_config_set_ca_path.3 +@man lib/eopenssl31/man/man3/tls_config_set_cert_file.3 +@man lib/eopenssl31/man/man3/tls_config_set_cert_mem.3 +@man lib/eopenssl31/man/man3/tls_config_set_ciphers.3 +@man lib/eopenssl31/man/man3/tls_config_set_crl_file.3 +@man lib/eopenssl31/man/man3/tls_config_set_crl_mem.3 +@man lib/eopenssl31/man/man3/tls_config_set_dheparams.3 +@man lib/eopenssl31/man/man3/tls_config_set_ecdhecurves.3 +@man lib/eopenssl31/man/man3/tls_config_set_key_file.3 +@man lib/eopenssl31/man/man3/tls_config_set_key_mem.3 +@man lib/eopenssl31/man/man3/tls_config_set_keypair_file.3 +@man lib/eopenssl31/man/man3/tls_config_set_keypair_mem.3 +@man lib/eopenssl31/man/man3/tls_config_set_keypair_ocsp_file.3 +@man lib/eopenssl31/man/man3/tls_config_set_keypair_ocsp_mem.3 +@man lib/eopenssl31/man/man3/tls_config_set_ocsp_staple_file.3 +@man lib/eopenssl31/man/man3/tls_config_set_ocsp_staple_mem.3 +@man lib/eopenssl31/man/man3/tls_config_set_protocols.3 +@man lib/eopenssl31/man/man3/tls_config_set_session_fd.3 +@man lib/eopenssl31/man/man3/tls_config_set_session_id.3 +@man lib/eopenssl31/man/man3/tls_config_set_session_lifetime.3 +@man lib/eopenssl31/man/man3/tls_config_set_verify_depth.3 +@man lib/eopenssl31/man/man3/tls_config_verify.3 +@man lib/eopenssl31/man/man3/tls_config_verify_client.3 +@man lib/eopenssl31/man/man3/tls_config_verify_client_optional.3 +@man lib/eopenssl31/man/man3/tls_configure.3 +@man lib/eopenssl31/man/man3/tls_conn_alpn_selected.3 +@man lib/eopenssl31/man/man3/tls_conn_cipher.3 +@man lib/eopenssl31/man/man3/tls_conn_cipher_strength.3 +@man lib/eopenssl31/man/man3/tls_conn_servername.3 +@man lib/eopenssl31/man/man3/tls_conn_session_resumed.3 +@man lib/eopenssl31/man/man3/tls_conn_version.3 +@man lib/eopenssl31/man/man3/tls_connect.3 +@man lib/eopenssl31/man/man3/tls_connect_cbs.3 +@man lib/eopenssl31/man/man3/tls_connect_fds.3 +@man lib/eopenssl31/man/man3/tls_connect_servername.3 +@man lib/eopenssl31/man/man3/tls_connect_socket.3 +@man lib/eopenssl31/man/man3/tls_default_ca_cert_file.3 +@man lib/eopenssl31/man/man3/tls_error.3 +@man lib/eopenssl31/man/man3/tls_free.3 +@man lib/eopenssl31/man/man3/tls_handshake.3 +@man lib/eopenssl31/man/man3/tls_init.3 +@man lib/eopenssl31/man/man3/tls_load_file.3 +@man lib/eopenssl31/man/man3/tls_ocsp_process_response.3 +@man lib/eopenssl31/man/man3/tls_peer_cert_chain_pem.3 +@man lib/eopenssl31/man/man3/tls_peer_cert_contains_name.3 +@man lib/eopenssl31/man/man3/tls_peer_cert_hash.3 +@man lib/eopenssl31/man/man3/tls_peer_cert_issuer.3 +@man lib/eopenssl31/man/man3/tls_peer_cert_notafter.3 +@man lib/eopenssl31/man/man3/tls_peer_cert_notbefore.3 +@man lib/eopenssl31/man/man3/tls_peer_cert_provided.3 +@man lib/eopenssl31/man/man3/tls_peer_cert_subject.3 +@man lib/eopenssl31/man/man3/tls_peer_ocsp_cert_status.3 +@man lib/eopenssl31/man/man3/tls_peer_ocsp_crl_reason.3 +@man lib/eopenssl31/man/man3/tls_peer_ocsp_next_update.3 +@man lib/eopenssl31/man/man3/tls_peer_ocsp_response_status.3 +@man lib/eopenssl31/man/man3/tls_peer_ocsp_result.3 +@man lib/eopenssl31/man/man3/tls_peer_ocsp_revocation_time.3 +@man lib/eopenssl31/man/man3/tls_peer_ocsp_this_update.3 +@man lib/eopenssl31/man/man3/tls_peer_ocsp_url.3 +@man lib/eopenssl31/man/man3/tls_read.3 +@man lib/eopenssl31/man/man3/tls_reset.3 +@man lib/eopenssl31/man/man3/tls_server.3 +@man lib/eopenssl31/man/man3/tls_unload_file.3 +@man lib/eopenssl31/man/man3/tls_write.3 lib/pkgconfig/libetls.pc
