UPDATE: net/libstrophe

Thu, 15 Mar 2018 06:55:21 -0700 

Hi all,

update libstrophe to the latest stable version. See changelog:

- OpenSSL tls module verifies certificate by default. Set flag
  XMPP_CONN_FLAG_TRUST_TLS to ignore result of the verification
- Certificate hostname verification is forced for openssl-1.0.2
  and newer
- OpenSSL tls module disables insecure SSLv2 SSLv3 and TLSv1
- Support of handlers with the same callback function, but
  different userdata
- System handlers are deleted on xmpp_conn_t
  reconnection. Old system handlers could cause problems
- Default timeout for xmpp_run() is increased from
  1 millisecond to 1 second in order to reduce CPU consumption
- Reduced memory usage in expat module
- New functions: xmpp_ctx_set_timeout(), xmpp_sha1_digest()

Tested with the only consumer net/profanity on amd64.
All test passed.

Ok? Comments?

Rafael Sadowsi

Index: Makefile
===================================================================
RCS file: /cvs/ports/net/libstrophe/Makefile,v
retrieving revision 1.2
diff -u -p -u -p -r1.2 Makefile
--- Makefile    29 Nov 2016 22:24:40 -0000      1.2
+++ Makefile    15 Mar 2018 13:50:19 -0000
@@ -2,32 +2,32 @@
 
 COMMENT =      simple, lightweight XMPP C library
 
-GH_ACCOUNT =   strophe
-GH_PROJECT =   libstrophe
-GH_TAGNAME =   0.9.1
+V =            0.9.2
+DISTNAME =     libstrophe-${V}
 
-SHARED_LIBS =  strophe                 1.0 # 1.0
+SHARED_LIBS =  strophe                 2.0 # 1.0
 
 CATEGORIES =   net devel
 
 HOMEPAGE =     http://strophe.im/libstrophe/
 
-MAINTAINER =   Rafael Sadowski <raf...@sizeofvoid.org>
+MAINTAINER =   Rafael Sadowski <rsadow...@openbsd.org>
 
 # Dual licensed: MIT and GPLv3
 PERMIT_PACKAGE_CDROM = Yes
 
 WANTLIB += crypto expat ssl
 
-BUILD_DEPENDS =        ${MODGNU_AUTOCONF_DEPENDS} \
-               ${MODGNU_AUTOMAKE_DEPENDS} \
-               devel/libtool
+MASTER_SITES = https://github.com/strophe/libstrophe/releases/download/${V}/
+
+BUILD_DEPENDS =        devel/libtool
 
 # Only needed for tests, but cannot be a TEST_DEPENDS.
 # Check must be present at build time for tests to work.
 BUILD_DEPENDS +=       devel/check
 
 USE_GMAKE =            Yes
+
 CONFIGURE_STYLE =      gnu
 
 MAKE_FLAGS =           CC="${CC}" CFLAGS="${CFLAGS}"
@@ -35,14 +35,5 @@ MAKE_FLAGS =         CC="${CC}" CFLAGS="${CFLAG
 CONFIGURE_ENV +=       CPPFLAGS="-I${LOCALBASE}/include" \
                        LDFLAGS="-L${LOCALBASE}/lib"
 
-AUTOCONF_VERSION =     2.69
-AUTOMAKE_VERSION =     1.11
-
-post-patch:
-       @mkdir -p ${WRKSRC}/m4 # need for autoreconf
-
-pre-configure:
-       cd ${WRKSRC} && ${SETENV} AUTOMAKE_VERSION=${AUTOMAKE_VERSION} \
-               AUTOCONF_VERSION=${AUTOCONF_VERSION} autoreconf --install
 
 .include <bsd.port.mk>
Index: distinfo
===================================================================
RCS file: /cvs/ports/net/libstrophe/distinfo,v
retrieving revision 1.2
diff -u -p -u -p -r1.2 distinfo
--- distinfo    29 Nov 2016 22:24:40 -0000      1.2
+++ distinfo    15 Mar 2018 13:50:19 -0000
@@ -1,2 +1,2 @@
-SHA256 (libstrophe-0.9.1.tar.gz) = yQST+YblvUBxMsWj4XQ3jALLgPpOruKYdeBrS7pq/MM=
-SIZE (libstrophe-0.9.1.tar.gz) = 153142
+SHA256 (libstrophe-0.9.2.tar.gz) = eH5qO5K5i2HMToo+cWWTyYZOL+KlWl9JyecOzRfEdNc=
+SIZE (libstrophe-0.9.2.tar.gz) = 500459
Index: patches/patch-src_tls_openssl_c
===================================================================
RCS file: patches/patch-src_tls_openssl_c
diff -N patches/patch-src_tls_openssl_c
--- /dev/null   1 Jan 1970 00:00:00 -0000
+++ patches/patch-src_tls_openssl_c     15 Mar 2018 13:50:19 -0000
@@ -0,0 +1,41 @@
+$OpenBSD$
+
+Index: src/tls_openssl.c
+--- src/tls_openssl.c.orig
++++ src/tls_openssl.c
+@@ -51,7 +51,7 @@ static void _tls_log_error(xmpp_ctx_t *ctx);
+ 
+ void tls_initialize(void)
+ {
+-#if OPENSSL_VERSION_NUMBER < 0x10100000L
++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
+     SSL_library_init();
+     SSL_load_error_strings();
+ #else
+@@ -66,14 +66,14 @@ void tls_shutdown(void)
+      * openssl after libstrophe finalization. Maybe better leak some fixed
+      * memory rather than cause random crashes of the main program.
+      */
+-#if OPENSSL_VERSION_NUMBER < 0x10100000L
++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
+     ERR_free_strings();
+     EVP_cleanup();
+     CRYPTO_cleanup_all_ex_data();
+-#if OPENSSL_VERSION_NUMBER >= 0x10002000L
++#if OPENSSL_VERSION_NUMBER >= 0x10002000L && !defined(LIBRESSL_VERSION_NUMBER)
+     SSL_COMP_free_compression_methods();
+ #endif
+-#if OPENSSL_VERSION_NUMBER < 0x10000000L
++#if OPENSSL_VERSION_NUMBER < 0x10000000L || defined(LIBRESSL_VERSION_NUMBER)
+     ERR_remove_state(0);
+ #else
+     ERR_remove_thread_state(NULL);
+@@ -120,7 +120,7 @@ tls_t *tls_new(xmpp_conn_t *conn)
+         /* Trust server's certificate when user sets the flag explicitly. */
+         mode = conn->tls_trust ? SSL_VERIFY_NONE : SSL_VERIFY_PEER;
+         SSL_set_verify(tls->ssl, mode, 0);
+-#if OPENSSL_VERSION_NUMBER >= 0x10002000L
++#if OPENSSL_VERSION_NUMBER >= 0x10002000L || !defined(LIBRESSL_VERSION_NUMBER)
+         /* Hostname verification is supported in OpenSSL 1.0.2 and newer. */
+         X509_VERIFY_PARAM *param = SSL_get0_param(tls->ssl);
+

Reply via email to