kpriv/freebsd-ports
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

security/testssl.sh: Use security/openssl-unsafe

Browse source 
This greatly simplifies the port and we can stop building our own
unsafe openssl version.

PR:		223457
Submitted by:	brnrd
This commit is contained in:
Tobias Kortkamp 2017-11-06 20:33:12 +00:00
parent a75c8d5ebf
commit b83a47b65a
Notes: svn2git 2021-03-31 03:12:20 +00:00 
svn path=/head/; revision=453645
4 changed files with 21 additions and 55 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

59
security/testssl.sh/Makefile
View file

@ -3,6 +3,7 @@
PORTNAME= testssl.sh
DISTVERSIONPREFIX= v
DISTVERSION= 2.9.5-1
PORTREVISION= 1
CATEGORIES= security
MAINTAINER= tobik@FreeBSD.org
@ -11,73 +12,29 @@ COMMENT= Test TLS/SSL encryption anywhere on any port
LICENSE= GPLv2
LICENSE_FILE= ${WRKSRC}/LICENSE
RUN_DEPENDS= bash:shells/bash
RUN_DEPENDS= bash:shells/bash \
${LOCALBASE}/openssl-unsafe/bin/openssl:security/openssl-unsafe
USES= perl5 shebangfix ssl:build
USES= shebangfix
USE_GITHUB= yes
GH_ACCOUNT= drwetter
GH_TUPLE= drwetter:openssl-pm-snapshot:a9396aaef81d5c1ed714fc625b593522d25914b1:openssl
USE_PERL5= build
NO_BUILD= yes
SHEBANG_FILES= testssl.sh utils/*
# We deliberately want to build an OpenSSL binary with the most
# insecure and obsolete ciphers available for testing purposes! See
# ${WRKSRC_testssl}/bin/Readme.md and utils/make-openssl.sh for more
# details.
HAS_CONFIGURE= yes
CONFIGURE_ARGS= --openssldir=${OPENSSLDIR} \
enable-zlib \
enable-ssl2 \
enable-ssl3 \
enable-ssl-trace \
enable-rc5 \
enable-rc2 \
enable-gost \
enable-cms \
enable-md2 \
enable-mdc2 \
enable-ec \
enable-ec2m \
enable-ecdh \
enable-ecdsa \
enable-seed \
enable-camellia \
enable-idea \
enable-rfc3779 \
experimental-jpake \
-DOPENSSL_USE_IPV6
CONFIGURE_ENV= PERL="${PERL}"
CONFIGURE_SCRIPT= config
BUILD_WRKSRC= ${WRKSRC_openssl}
CONFIGURE_WRKSRC= ${WRKSRC_openssl}
# The build randomly fails sometimes when building in parallel for
# unknown reasons.
MAKE_JOBS_UNSAFE= yes
.include <bsd.port.pre.mk>
.if ${ARCH} == "amd64"
CONFIGURE_ARGS+= enable-ec_nistp_64_gcc_128
.else
CONFIGURE_ARGS+= no-ec_nistp_64_gcc_128
.endif
post-patch:
@${REINPLACE_CMD} -e '/elif test_openssl_suffix/d' \
-e 's@: \# 5. we tried.*$$@else OPENSSL="${PREFIX}/libexec/openssl.testssl.sh"@' \
-e 's@OPENSSL=PREFIX@OPENSSL=${PREFIX}@' \
-e 's@$${TESTSSL_INSTALL_DIR:-""}@$${TESTSSL_INSTALL_DIR:-"${DATADIR}"}@' \
-e '/check_bsd_mount$$/d' \
${WRKSRC}/testssl.sh
do-install:
${INSTALL_PROGRAM} ${WRKSRC_openssl}/apps/openssl ${STAGEDIR}${PREFIX}/libexec/openssl.testssl.sh
${INSTALL_SCRIPT} ${WRKSRC}/testssl.sh ${STAGEDIR}${PREFIX}/bin
${INSTALL_MAN} ${WRKSRC}/doc/testssl.1 ${STAGEDIR}${MAN1PREFIX}/man/man1
@${MKDIR} ${STAGEDIR}${DATADIR}/etc ${STAGEDIR}${DATADIR}/utils
@cd ${WRKSRC}/etc && ${COPYTREE_SHARE} . ${STAGEDIR}${DATADIR}/etc
@cd ${WRKSRC}/utils && ${COPYTREE_SHARE} . ${STAGEDIR}${DATADIR}/utils
.include <bsd.port.post.mk>
.include <bsd.port.mk>

4
security/testssl.sh/distinfo
View file

@ -1,5 +1,3 @@
TIMESTAMP = 1505985513
TIMESTAMP = 1509917288
SHA256 (drwetter-testssl.sh-v2.9.5-1_GH0.tar.gz) = 505ba9400e1a49759ba84d0cf6ae79f3787f111c64a319094de69635b786c72a
SIZE (drwetter-testssl.sh-v2.9.5-1_GH0.tar.gz) = 8955528
SHA256 (drwetter-openssl-pm-snapshot-a9396aaef81d5c1ed714fc625b593522d25914b1_GH0.tar.gz) = 798230c8dc8d7723fff5f6687b1150a3165254eb65c4f6875b7b6b66a53f9c47
SIZE (drwetter-openssl-pm-snapshot-a9396aaef81d5c1ed714fc625b593522d25914b1_GH0.tar.gz) = 5491000

12
security/testssl.sh/files/patch-testssl.sh Normal file
View file

@ -0,0 +1,12 @@
--- testssl.sh.orig 2017-11-05 21:50:58 UTC
+++ testssl.sh
@@ -164,6 +164,9 @@ TERM_CURRPOS=0
## CONFIGURATION PART ##
# following variables make use of $ENV, e.g. OPENSSL=<myprivate_path_to_openssl> ./testssl.sh <host>
# 0 means (normally) true here. Some of the variables are also accessible with a command line switch, see --help
+if [[ -z "$OPENSSL" ]] ; then
+ OPENSSL=PREFIX/openssl-unsafe/bin/openssl
+fi
declare -x OPENSSL OPENSSL_TIMEOUT
FAST_SOCKET=${FAST_SOCKET:-false} # EXPERIMENTAL feature to accelerate sockets -- DO NOT USE it for production
COLOR=${COLOR:-2} # 2: Full color, 1: b/w+positioning, 0: no ESC at all

1
security/testssl.sh/pkg-plist
View file

@ -1,5 +1,4 @@
bin/testssl.sh
libexec/openssl.testssl.sh
man/man1/testssl.1.gz
%%DATADIR%%/etc/Apple.pem
%%DATADIR%%/etc/ca_hashes.txt