New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix incomplete no-nextprotoneg build option #757

Closed
wants to merge 2 commits into
base: master
from

Conversation

Projects
None yet
4 participants
@Sp1l
Copy link
Contributor

Sp1l commented Feb 28, 2016

When building -pre3 configured with no-nextprotoneg, I ran into issues with build errors.

1.-DOPENSSL_NO_NEXTPROTONEG is not added to the CFLAGS, fixed in util/mk1mf.pl
2. ssl/t1_ext.c build fails, added missing #ifndef OPENSSL_NO_NEXTPROTONEG guard
3. apps/s_client build fails, added missing #ifndef OPENSSL_NO_NEXTPROTONEG guard

With these patches, I can build without NPN on FreeBSD 10.2 amd64

@@ -304,6 +304,7 @@
$cflags.=" -DOPENSSL_NO_ASYNC" if $no_async;
$cflags.=" -DOPENSSL_NO_AUTOALGINIT" if $no_autoalginit;
$cflags.=" -DOPENSSL_NO_AUTOERRINIT" if $no_autoerrinit;
$cflags.=" -DOPENSSL_NO_NEXTPROTONEG" if $no_nextprotoneg;

This comment has been minimized.

@ajmohan

ajmohan Mar 1, 2016

Contributor

I do not think this change is required as this definition gets generated in include/openssl/opensslconf.h

This comment has been minimized.

@kroeckx

kroeckx Mar 5, 2016

Member

@levitte probably knows this better, but I think it also requires a change in the valid_options

This comment has been minimized.

@levitte

levitte Mar 5, 2016

Member

You are both correct. Toss the $cflags.=... line, but add this in %valid_options:

        "no-nextprotoneg" => 0,
@ajmohan

This comment has been minimized.

Copy link
Contributor

ajmohan commented Mar 1, 2016

ssl/t1_trce.c also need to be modified at line 500 (compiles when built with enable-ssl-trace)

uqs pushed a commit to freebsd/freebsd-ports that referenced this pull request Mar 3, 2016

brnrd
security/openssl-devel: Create OpenSSL 1.1.0 Alpha port
 - Repo-copy of security/openssl
 - Remove unneeded USE_OPENSSL check
 - Add and normalize CONFLICTS
 - Put OPTIONS into GROUPS for ciphers, hashes, protocols and optimizations
 - Add more configurable ciphers, hashes and protocols
 - Sort <OPT>_DESC alphabetically
 - Reword <OPT>_DESC after grouping, add (comment)
 - Rewrite ${PORT_OPTIONS:M<OPT>} to <OPT>_<FEATURE>_* where possible
 - Rewrite ${PORT_OPTIONS:M<OPT>} to target-<OPT>-on where possible
 - Rewrite do-configure target to HAS_CONFIGURE/CONFIGURE_SCRIPT
 - Rewrite (regression-)test target to TEST_TARGET
 - Add NPN support patch from [1]
 - Remove 1.0.2 specific patches (Padlock and EVP_MD_CTX_FLAG_ONESHOT)
 - Disable obsolete, broken and obscure features

[1] openssl/openssl#757

Reviewed by:	koobs (mentor)
Approved by:	koobs (mentor)
Differential Revision:	D5484


git-svn-id: svn+ssh://svn.freebsd.org/ports/head@410042 35697150-7ecd-e111-bb59-0022644237b5

uqs pushed a commit to freebsd/freebsd-ports that referenced this pull request Mar 3, 2016

security/openssl-devel: Create OpenSSL 1.1.0 Alpha port
 - Repo-copy of security/openssl
 - Remove unneeded USE_OPENSSL check
 - Add and normalize CONFLICTS
 - Put OPTIONS into GROUPS for ciphers, hashes, protocols and optimizations
 - Add more configurable ciphers, hashes and protocols
 - Sort <OPT>_DESC alphabetically
 - Reword <OPT>_DESC after grouping, add (comment)
 - Rewrite ${PORT_OPTIONS:M<OPT>} to <OPT>_<FEATURE>_* where possible
 - Rewrite ${PORT_OPTIONS:M<OPT>} to target-<OPT>-on where possible
 - Rewrite do-configure target to HAS_CONFIGURE/CONFIGURE_SCRIPT
 - Rewrite (regression-)test target to TEST_TARGET
 - Add NPN support patch from [1]
 - Remove 1.0.2 specific patches (Padlock and EVP_MD_CTX_FLAG_ONESHOT)
 - Disable obsolete, broken and obscure features

[1] openssl/openssl#757

Reviewed by:	koobs (mentor)
Approved by:	koobs (mentor)
Differential Revision:	D5484

mat813 pushed a commit to mat813/freebsd-ports that referenced this pull request Mar 7, 2016

brnrd
security/openssl-devel: Create OpenSSL 1.1.0 Alpha port
 - Repo-copy of security/openssl
 - Remove unneeded USE_OPENSSL check
 - Add and normalize CONFLICTS
 - Put OPTIONS into GROUPS for ciphers, hashes, protocols and optimizations
 - Add more configurable ciphers, hashes and protocols
 - Sort <OPT>_DESC alphabetically
 - Reword <OPT>_DESC after grouping, add (comment)
 - Rewrite ${PORT_OPTIONS:M<OPT>} to <OPT>_<FEATURE>_* where possible
 - Rewrite ${PORT_OPTIONS:M<OPT>} to target-<OPT>-on where possible
 - Rewrite do-configure target to HAS_CONFIGURE/CONFIGURE_SCRIPT
 - Rewrite (regression-)test target to TEST_TARGET
 - Add NPN support patch from [1]
 - Remove 1.0.2 specific patches (Padlock and EVP_MD_CTX_FLAG_ONESHOT)
 - Disable obsolete, broken and obscure features

[1] openssl/openssl#757

Reviewed by:	koobs (mentor)
Approved by:	koobs (mentor)
Differential Revision:	D5484


git-svn-id: svn+ssh://repo.freebsd.org/ports/head@410042 35697150-7ecd-e111-bb59-0022644237b5

@richsalz richsalz changed the title Fix incomplete no-nextprotoneg option Fix incomplete no-nextprotoneg build option Mar 19, 2016

@levitte

This comment has been minimized.

Copy link
Member

levitte commented May 3, 2016

This has been fixed by now.

@levitte levitte closed this May 3, 2016

mat813 pushed a commit to mat813/freebsd-ports that referenced this pull request Oct 10, 2016

brnrd
security/openssl-devel: Create OpenSSL 1.1.0 Alpha port
 - Repo-copy of security/openssl
 - Remove unneeded USE_OPENSSL check
 - Add and normalize CONFLICTS
 - Put OPTIONS into GROUPS for ciphers, hashes, protocols and optimizations
 - Add more configurable ciphers, hashes and protocols
 - Sort <OPT>_DESC alphabetically
 - Reword <OPT>_DESC after grouping, add (comment)
 - Rewrite ${PORT_OPTIONS:M<OPT>} to <OPT>_<FEATURE>_* where possible
 - Rewrite ${PORT_OPTIONS:M<OPT>} to target-<OPT>-on where possible
 - Rewrite do-configure target to HAS_CONFIGURE/CONFIGURE_SCRIPT
 - Rewrite (regression-)test target to TEST_TARGET
 - Add NPN support patch from [1]
 - Remove 1.0.2 specific patches (Padlock and EVP_MD_CTX_FLAG_ONESHOT)
 - Disable obsolete, broken and obscure features

[1] openssl/openssl#757

Reviewed by:	koobs (mentor)
Approved by:	koobs (mentor)
Differential Revision:	D5484


git-svn-id: https://svn.freebsd.org/ports/head@410042 35697150-7ecd-e111-bb59-0022644237b5
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment