devel/tcltls: fixes to the newly-added generation of DH-parameters

Specifically: - move the entire code to the post-configure target -- so that our own header will be newer than the Makefile generated by configure. Otherwise the authors' Makefile will (attempt to) regenerate the dh_param.h again. - use openssl's asnparse functionality to more reliably parse the generated prime -- and turn it into C. PR: 275160
freebsd · Nov 20, 2023 · d254524 · d254524
1 parent 2ed62c7
commit d254524
Showing 1 changed file with 7 additions and 5 deletions.
diff --git a/devel/tcltls/Makefile b/devel/tcltls/Makefile
@@ -38,15 +38,17 @@ CFLAGS+=       -Wno-error=int-conversion
 
 post-patch:
 	${MV} ${WRKSRC}/tests/ciphers.test ${WRKSRC}/tests/ciphers.test.broken
-	${CP} ${FILESDIR}/dh_params.h ${WRKSRC}/
 
 # Newer openssl-dhparam has no "-C" option, we emulate it here :-/
 post-configure:
+	${CP} ${FILESDIR}/dh_params.h ${WRKSRC}/
 	${OPENSSLBASE}/bin/openssl dhparam -text 2048 | \
-	    ${SED} -E -e '/^---/,/^---/d' \
-		-e '/(DH|prime|generator)/d' \
-		-e 's/([0-9a-h]{2})(:|$$)/0x\1, /g' \
-		-e w${WRKSRC}/generateddh.txt
+	    ${OPENSSLBASE}/bin/openssl asn1parse | \
+	    ${SED} -E \
+		-e '/^ .*(0|5):d=/d' \
+		-e 's/    4:d=1.*INTEGER *://' \
+		-e 's/([0-9A-H]{2})/0x\1, /g' \
+		-e 'w${WRKSRC}/generateddh.txt'
 
 post-install-DOCS-on:
 	${MKDIR} ${STAGEDIR}${DOCSDIR}