From 1c4051cde076855ab7e15e6d4a2999d7de72db02 Mon Sep 17 00:00:00 2001 From: Sergei Vyshenski Date: Tue, 27 Jun 2023 17:36:54 +0200 Subject: [PATCH] security/p5-openxpki{-i18n}: Update to 3.24.2 - Update two ports sharing the same distribution to 3.24.2 - Add a new file: files/patch-Makefile.PL - Fix build for openssl 3+ - Fix pkg-plist to make portlint happy - Fix pkg-message about MariaDB and about new OpenSSL versions ChangeLog: https://github.com/openxpki/openxpki/compare/v3.22.1...v3.24.2 PR: 272248 --- security/p5-openxpki-i18n/Makefile | 2 +- security/p5-openxpki-i18n/distinfo | 6 +- security/p5-openxpki/Makefile | 42 +- security/p5-openxpki/distinfo | 6 +- security/p5-openxpki/files/openxpki.in | 2 +- security/p5-openxpki/files/patch-Makefile.PL | 126 ++ security/p5-openxpki/files/pkg-message.in | 53 +- security/p5-openxpki/pkg-plist | 1442 +++++++++++------- 8 files changed, 1125 insertions(+), 554 deletions(-) create mode 100644 security/p5-openxpki/files/patch-Makefile.PL diff --git a/security/p5-openxpki-i18n/Makefile b/security/p5-openxpki-i18n/Makefile index 0f620efd844dc..24f03f248f13e 100644 --- a/security/p5-openxpki-i18n/Makefile +++ b/security/p5-openxpki-i18n/Makefile @@ -1,6 +1,6 @@ PORTNAME= openxpki DISTVERSIONPREFIX= v -DISTVERSION= 3.24.1 +DISTVERSION= 3.24.2 CATEGORIES= security perl5 PKGNAMEPREFIX= p5- PKGNAMESUFFIX= -i18n diff --git a/security/p5-openxpki-i18n/distinfo b/security/p5-openxpki-i18n/distinfo index 7770de8e9db35..fb5ef8c8f9f9c 100644 --- a/security/p5-openxpki-i18n/distinfo +++ b/security/p5-openxpki-i18n/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1675078305 -SHA256 (openxpki-openxpki-v3.24.1_GH0.tar.gz) = 70ca49bb8cf4e7ae71362227fd397adfade2462b045331911e72320888872ea1 -SIZE (openxpki-openxpki-v3.24.1_GH0.tar.gz) = 34969532 +TIMESTAMP = 1687880023 +SHA256 (openxpki-openxpki-v3.24.2_GH0.tar.gz) = b7528d3dde96c33c56a5e99a44fb2896190625bf9abc9a8597d25ceabbba8531 +SIZE (openxpki-openxpki-v3.24.2_GH0.tar.gz) = 34969529 diff --git a/security/p5-openxpki/Makefile b/security/p5-openxpki/Makefile index 34249ae7a85f5..3bdd1c3aa1618 100644 --- a/security/p5-openxpki/Makefile +++ b/security/p5-openxpki/Makefile @@ -1,6 +1,6 @@ PORTNAME= openxpki DISTVERSIONPREFIX= v -DISTVERSION= 3.24.1 +DISTVERSION= 3.24.2 CATEGORIES= security perl5 PKGNAMEPREFIX= p5- @@ -11,9 +11,6 @@ WWW= https://www.openxpki.org/ LICENSE= APACHE20 LICENSE_FILE= ${WRKSRC}/LICENSE -BROKEN_SSL= openssl30 openssl31 -BROKEN_SSL_REASON= Fails to detect OpenSSL 3.0.0 and later - MY_DEPENDS= bash:shells/bash \ p5-Archive-Zip>=0:archivers/p5-Archive-Zip \ p5-Cache-LRU>=0:devel/p5-Cache-LRU \ @@ -42,6 +39,7 @@ MY_DEPENDS= bash:shells/bash \ p5-Data-UUID>=0:devel/p5-Data-UUID \ p5-DateTime-Format-DateParse>=0.04:devel/p5-DateTime-Format-DateParse \ p5-DBD-Mock>=1.45:databases/p5-DBD-Mock \ + p5-DBD-SQLite>=1.52:databases/p5-DBD-SQLite \ p5-DBIx-Handler>=0.14:databases/p5-DBIx-Handler \ p5-Devel-NYTProf>=0:devel/p5-Devel-NYTProf \ p5-Feature-Compat-Try>=0.05:devel/p5-Feature-Compat-Try \ @@ -78,6 +76,8 @@ MY_DEPENDS= bash:shells/bash \ p5-Switch>=0:lang/p5-Switch \ p5-Sys-SigAction>=0.06:devel/p5-Sys-SigAction \ p5-Template-Toolkit>=2.15:www/p5-Template-Toolkit \ + p5-Test-Pod-Coverage>=1.00:devel/p5-Test-Pod-Coverage \ + p5-Test-Pod>=1.00:devel/p5-Test-Pod \ p5-Text-CSV_XS>=0.23:textproc/p5-Text-CSV_XS \ p5-TimeDate>=0:devel/p5-TimeDate \ p5-Workflow>=1.60:devel/p5-Workflow \ @@ -86,10 +86,7 @@ MY_DEPENDS= bash:shells/bash \ p5-XML-Validator-Schema>=0:textproc/p5-XML-Validator-Schema BUILD_DEPENDS= ${MY_DEPENDS} RUN_DEPENDS= ${MY_DEPENDS} -TEST_DEPENDS= p5-DBD-SQLite>=1.52:databases/p5-DBD-SQLite \ - p5-Test-Pod-Coverage>=1.00:devel/p5-Test-Pod-Coverage \ - p5-Test-Pod>=1.00:devel/p5-Test-Pod \ - p5-Test-Prereq>=0:devel/p5-Test-Prereq +TEST_DEPENDS= p5-Test-Prereq>=0:devel/p5-Test-Prereq USES= gmake perl5 shebangfix ssl USE_GITHUB= yes @@ -99,12 +96,10 @@ _conf_VERSION= ${DISTVERSION:R} USE_PERL5= configure USE_RC_SUBR= openxpki -SHEBANG_FILES= bin/* -SHEBANG_GLOB= *.fcgi *.pl *.pm *.t* +SHEBANG_FILES= ../../* NO_ARCH= yes -# stay with stable versions only: -PORTSCOUT= limitw:1,even +PORTSCOUT= limitw:1,even # stay with stable versions only SUB_FILES= pkg-message WRKSRC_SUBDIR= core/server/ @@ -112,8 +107,6 @@ WRKSRC_SUBDIR= core/server/ USERS= openxpki GROUPS= openxpki -PORTDOCS= * -PORTEXAMPLES= * OPTIONS_DEFINE= DOCS EXAMPLES GRAPHVIZ GRAPHVIZ_DESC= With graphical visualization of workflows? @@ -121,28 +114,36 @@ GRAPHVIZ_RUN_DEPENDS= dot:graphics/graphviz \ imgsize:graphics/p5-Image-Size post-extract: - @${MV} ${WRKSRC_conf}/* ${WRKSRC}/../../config/ + @${MKDIR} ${WRKSRC}/config + @${MV} ${WRKSRC_conf}/* ${WRKSRC}/config/ post-patch: @${REINPLACE_CMD} -e 's|..ENV{PERL} .vergen --format version.|"${PORTVERSION}"|g' ${WRKSRC}/Makefile.PL @${REINPLACE_CMD} -e 's|..vergen --format version.|"${PORTVERSION}"|g' ${WRKSRC}/Makefile.PL + @${REINPLACE_CMD} -e 's|OPENSSLINC|${OPENSSLINC}|g' ${WRKSRC}/Makefile.PL + @${REINPLACE_CMD} -e 's|OPENSSLLIB|${OPENSSLLIB}|g' ${WRKSRC}/Makefile.PL + @${REINPLACE_CMD} -e 's|OPENSSLBINARY|${OPENSSLBASE}/bin/openssl|g' ${WRKSRC}/Makefile.PL @( \ cd ${WRKSRC}/../..; \ ${ECHO} "Patching dir names..."; \ - ${GREP} -RIFl -e "/etc/openxpki" config core/server doc qatest tools >filelist; \ + ${GREP} -RIFl -e "/etc/openxpki" core/server doc qatest tools >filelist; \ ${CAT} filelist | ${XARGS} -I % ${REINPLACE_CMD} -e 's|/etc/openxpki|${PREFIX}/etc/openxpki|g' "%"; \ ${CAT} filelist | ${XARGS} -I % ${RM} "%.bak"; \ - ${GREP} -RIFl -e "/run/openxpkid.pid" config core/server doc qatest tools >filelist; \ - ${CAT} filelist | ${XARGS} -I % ${REINPLACE_CMD} -e 's|/var/run/openxpkid.pid|/var/openxpki/openxpkid.pid|g' "%"; \ + ${GREP} -RIFl -e "/run/openxpkid.pid" core/server doc qatest tools >filelist; \ + ${CAT} filelist | ${XARGS} -I % ${REINPLACE_CMD} -e 's|/run/openxpkid.pid|/var/openxpki/openxpkid.pid|g' "%"; \ + ${CAT} filelist | ${XARGS} -I % ${RM} "%.bak"; \ + ${GREP} -RIFl -e "www-data" core/server doc qatest tools >filelist; \ + ${CAT} filelist | ${XARGS} -I % ${REINPLACE_CMD} -e 's|www-data|www|g' "%"; \ ${CAT} filelist | ${XARGS} -I % ${RM} "%.bak"; \ ${RM} filelist; \ ) + @${FIND} ${WRKSRC} -name "*.orig" -delete @${MKDIR} ${WRKSRC}/t/var/log/openxpki post-install: @${MKDIR} ${STAGEDIR}/var/openxpki/session @${MKDIR} ${STAGEDIR}/var/log/openxpki - @${MKDIR} ${STAGEDIR}${PREFIX}/etc/openxpki + @${MKDIR} ${STAGEDIR}${PREFIX}/etc/openxpki/local/keys post-install-DOCS-on: ${MKDIR} ${STAGEDIR}${DOCSDIR} @@ -150,7 +151,6 @@ post-install-DOCS-on: post-install-EXAMPLES-on: ${MKDIR} ${STAGEDIR}${EXAMPLESDIR} - (cd ${WRKSRC}/../.. && ${COPYTREE_SHARE} config ${STAGEDIR}${EXAMPLESDIR}) - (cd ${WRKSRC} && ${COPYTREE_SHARE} "htdocs cgi-bin" ${STAGEDIR}${EXAMPLESDIR}) + (cd ${WRKSRC} && ${COPYTREE_SHARE} "config htdocs cgi-bin" ${STAGEDIR}${EXAMPLESDIR} "! -name *\.orig") .include diff --git a/security/p5-openxpki/distinfo b/security/p5-openxpki/distinfo index 029d02b9d69db..dcb3dda4ccdd0 100644 --- a/security/p5-openxpki/distinfo +++ b/security/p5-openxpki/distinfo @@ -1,5 +1,5 @@ -TIMESTAMP = 1675078273 -SHA256 (openxpki-openxpki-v3.24.1_GH0.tar.gz) = 70ca49bb8cf4e7ae71362227fd397adfade2462b045331911e72320888872ea1 -SIZE (openxpki-openxpki-v3.24.1_GH0.tar.gz) = 34969532 +TIMESTAMP = 1677275136 +SHA256 (openxpki-openxpki-v3.24.2_GH0.tar.gz) = b7528d3dde96c33c56a5e99a44fb2896190625bf9abc9a8597d25ceabbba8531 +SIZE (openxpki-openxpki-v3.24.2_GH0.tar.gz) = 34969529 SHA256 (openxpki-openxpki-config-v3.24_GH0.tar.gz) = 677adc87fa8ccbf85ca7c0b42b61c3a628acc18fa57d091df9bfaf5a3ee86704 SIZE (openxpki-openxpki-config-v3.24_GH0.tar.gz) = 153657 diff --git a/security/p5-openxpki/files/openxpki.in b/security/p5-openxpki/files/openxpki.in index c226189de9a76..154acc6028e5d 100644 --- a/security/p5-openxpki/files/openxpki.in +++ b/security/p5-openxpki/files/openxpki.in @@ -10,7 +10,7 @@ # openxpki_enable="YES" # to ensure that openxpki starts at boot time. # Define and edit this variable in file /etc/rc.conf: -# openxpki_conf="%%PREFIX%%/etc/openxpki/config.git" +# openxpki_conf="%%PREFIX%%/etc/openxpki/config.d" # if your configuration is in different place. # # DO NOT CHANGE THESE DEFAULT VALUES HERE diff --git a/security/p5-openxpki/files/patch-Makefile.PL b/security/p5-openxpki/files/patch-Makefile.PL new file mode 100644 index 0000000000000..3518cb069e743 --- /dev/null +++ b/security/p5-openxpki/files/patch-Makefile.PL @@ -0,0 +1,126 @@ +--- Makefile.PL.orig 2023-06-21 23:40:24 UTC ++++ Makefile.PL +@@ -9,59 +9,11 @@ my $vergen = '../../tools/vergen'; + + ########################################################################### + # determine OpenSSL version +-## first we have to find a working OpenSSL + +-# OPENSSL_LIB +-# OPENSSL_INC +-# OPENSSL_PREFIX set +-# /usr/local/ssl +-# /usr/local +-# /usr +-# / +-# ... ++my $openssl_inc_dir = "OPENSSLINC"; ++my $openssl_lib_dir = "OPENSSLLIB"; ++my $openssl_binary = "OPENSSLBINARY"; + +-my $openssl_inc_dir = ''; +-my $openssl_lib_dir = ''; +-my $openssl_binary = ''; +- +-my @paths = qw( /usr/local/ssl +- /opt/local/ssl +- /usr/local +- /opt/local +- /usr +- /opt +- ); +- +-unshift @paths, $ENV{OPENSSL_PREFIX} +- if (exists $ENV{OPENSSL_PREFIX} and $ENV{OPENSSL_PREFIX} ne ''); +- +-my $tmp_ver; +- +-foreach my $path (@paths) { +- my $tmp_inc = File::Spec->catfile($path, 'include'); +- $tmp_ver = File::Spec->catfile($tmp_inc, 'openssl', 'opensslv.h'); +- my $tmp_lib = File::Spec->catfile($path, 'lib'); +- my $tmp_bin = File::Spec->catfile($path, 'bin', 'openssl'); +- +- if (-d $tmp_inc && +- -d $tmp_lib && +- -r $tmp_ver && +- -r $tmp_bin && -x $tmp_bin) { +- $openssl_inc_dir = $tmp_inc; +- $openssl_lib_dir = $tmp_lib; +- $openssl_binary = $tmp_bin; +- last; +- } +-} +- +-# accept settings from OPENSSL_INC and OPENSSL_LIB if BOTH exist +-if (exists $ENV{OPENSSL_INC} && $ENV{OPENSSL_INC} != "" && +- exists $ENV{OPENSSL_LIB} && $ENV{OPENSSL_LIB} != "" +-) { +- $openssl_inc_dir = $ENV{OPENSSL_INC}; +- $openssl_lib_dir = $ENV{OPENSSL_LIB}; +-} +- + die "Could not find usable OpenSSL installation. Stopped" + unless defined $openssl_inc_dir; + +@@ -72,60 +24,10 @@ print STDERR "OpenSSL library: $openssl_lib_dir\n"; + print STDERR "OpenSSL headers: $openssl_inc_dir\n"; + print STDERR "OpenSSL binary: $openssl_binary\n"; + +-# ask the binary for it's version +-# openssl version should produce output like this: +-# OpenSSL 0.9.7l 28 Sep 2006 +-# OpenSSL 1.0.0a 1 Jun 2010 +-my $openssl_version_string = `$openssl_binary version`; +-my ($openssl_version_major, $openssl_version_minor, $openssl_version_fix, $openssl_version_patch, $openssl_version_flavour); +-if ($openssl_version_string =~ m/\s*OpenSSL\s+(\d+)\.(\d+)\.(\d+)([a-zA-Z]+)/i) { +- # OpenSSL 0.9 +- $openssl_version_flavour = 'OpenSSL'; +- $openssl_version_major = $1; +- $openssl_version_minor = $2; +- $openssl_version_fix = $3; +- $openssl_version_patch = $4; +- print "$openssl_version_flavour version: major=$openssl_version_major, minor=$openssl_version_minor, fix=$openssl_version_fix, patch=$openssl_version_patch\n"; +- +-} elsif ($openssl_version_string =~ m/\s*(OpenSSL|LibreSSL)\s+(\d+)\.(\d+)\.(\d+)\s+/) { +- # OpenSSL 1.0 +- $openssl_version_flavour = $1; +- $openssl_version_major = $2; +- $openssl_version_minor = $3; +- $openssl_version_fix = $4; +- print "OpenSSL version: major=$openssl_version_major, minor=$openssl_version_minor, fix=$openssl_version_fix\n"; +-} else { +- print "Problem: malformed openssl version string!\n"; +- print STDERR "Consider setting OPENSSL_PREFIX correctly.\n\n"; +- exit 1; +-} +- +-# Warn on old openssl - should work but lacks support for some features +-if ($openssl_version_major == 0 && +- $openssl_version_minor == 9 && +- $openssl_version_fix == 8 +-) { +- print STDERR "Warning: openssl 0.9.8 found - this will work but lacks some features, e.g. server side key generation!"; +- +-} elsif ( $openssl_version_flavour =~ m/LibreSSL/i ) { +- print STDERR "Warning: LibreSSL found, support for LibreSSL is experimental!"; +- +-} elsif (not +- ($openssl_version_flavour =~ m/OpenSSL/i && +- $openssl_version_major == 1 && +- (($openssl_version_minor == 0) || ($openssl_version_minor == 1) )) +-) { +- print STDERR "\n"; +- print STDERR "ERROR: OpenSSL 0.9.8, 1.0 or 1.1 is required.\n"; +- print STDERR "Consider setting OPENSSL_PREFIX correctly.\n\n"; +- exit 1; +-} +- + # make OpenSSL binary location available to tests + open my $fh, ">", File::Spec->catfile("t", "cfg.binary.openssl"); + print $fh $openssl_binary; + close $fh; +- + + ########################################################################### + # determine OpenXPKI version diff --git a/security/p5-openxpki/files/pkg-message.in b/security/p5-openxpki/files/pkg-message.in index 9fe7e67ba963b..5fb3c1370b081 100644 --- a/security/p5-openxpki/files/pkg-message.in +++ b/security/p5-openxpki/files/pkg-message.in @@ -2,13 +2,21 @@ { type: install message: <