Commit 798f95b1 authored by Mike Hibler's avatar Mike Hibler
Browse files

Add an Emulab-specific py-m2crypto port.

All we really do is apply one non-standard patch to avoid SSL certificate
mismatches due to "www.emulab.net" vs. "boss.emulab.net".  In older versions
of m2crypto we just patched the installed library files, but the newer versions
get installed as a .egg file, so it is easiest to just patch it while the
port is being built.

I really don't like creating a separate port for this, but the alternative
was to modify the standard port, adding a new option.  That seemed even worse.
parent 0c4c4f75
......@@ -25,9 +25,9 @@ CATEGORIES= misc
MASTER_SITES= #none
DISTFILES= #none
EXTRACT_ONLY= #none
COMMENT= "Meta-port for an emulab boss node"
COMMENT= "Meta-port for an Emulab boss node"
MAINTAINER= ricci@cs.utah.edu
MAINTAINER= testbed-ops@flux.utah.edu
#
# We set this so that the mysql server port doesn't do name resolution
......@@ -124,28 +124,37 @@ RUN_DEPENDS= \
wget:${PORTSDIR}/ftp/wget \
${LOCALBASE}/lib/perl5/site_perl/${PERL_VER}/${PERL_ARCH}/XML/Parser:${PORTSDIR}/textproc/p5-XML-Parser \
${LOCALBASE}/lib/perl5/site_perl/${PERL_VER}/RPC/XML.pm:${PORTSDIR}/net/p5-RPC-XML \
${PYTHON_PKGNAMEPREFIX}m2crypto>0:${PORTSDIR}/security/py-m2crypto \
${LOCALBASE}/include/boost:${PORTSDIR}/devel/boost \
gmake:${PORTSDIR}/devel/gmake \
kmetis:${PORTSDIR}/math/metis \
curl:${PORTSDIR}/ftp/curl \
${PYTHON_SITELIBDIR}/MySQLdb/times.py:${PORTSDIR}/databases/py-MySQLdb \
mysqlhotcopy:${PORTSDIR}/databases/mysql50-scripts
.if ${PORTVERSION} == "3.0"
# must handle patching of m2crypto when the port is built
RUN_DEPENDS+= \
${PYTHON_PKGNAMEPREFIX}m2crypto>0:${PORTSDIR}/misc/emulab-py-m2crypto
.else
# for older version we can patch the standard m2crypto once installed
RUN_DEPENDS+= \
${PYTHON_PKGNAMEPREFIX}m2crypto>0:${PORTSDIR}/security/py-m2crypto
.endif
.if (${PORTVERSION} == "2.1" || ${PORTVERSION} == "3.0")
.if ${PORTVERSION} == "3.0"
RUN_DEPENDS+= \
dhcpd:${PORTSDIR}/net/isc-dhcp30-server \
${LOCALBASE}/include/boost:${PORTSDIR}/devel/boost
dhcpd:${PORTSDIR}/net/isc-dhcp30-server
.else
RUN_DEPENDS+= \
dhcpd:${PORTSDIR}/net/isc-dhcp3-server \
${LOCALBASE}/include/boost:${PORTSDIR}/devel/boost
dhcpd:${PORTSDIR}/net/isc-dhcp3-server
.endif
RUN_DEPENDS+= \
${LOCALBASE}/lib/perl5/site_perl/${PERL_VER}/${PERL_ARCH}/XML/Parser.pm:${PORTSDIR}/textproc/p5-XML-Parser
# not sure why this is just needed for 6.3
# not getting installed via dependencies?
RUN_DEPENDS+= \
${X11BASE}/libdata/xorg/libraries:${PORTSDIR}/x11/xorg-libraries
${X11BASE}/libdata/xorg/libraries:${PORTSDIR}/x11/xorg-libraries \
${LOCALBASE}/libexec/apache/libphp4.so:${PORTSDIR}/misc/emulab-php4
.endif
.if ${OSMAJOR} >= 6
......@@ -165,12 +174,6 @@ RUN_DEPENDS+= cvsup:${PORTSDIR}/net/cvsup-without-gui \
${LOCALBASE}/sbin/named:${PORTSDIR}/dns/bind9
.endif
# this wasn't getting installed correctly
.if ${OSMAJOR} >= 7
RUN_DEPENDS+= \
${LOCALBASE}/libexec/apache/libphp4.so:${PORTSDIR}/misc/emulab-php4
.endif
USE_PERL5= yes
USE_PYTHON= yes
......
......@@ -24,9 +24,9 @@ CATEGORIES= misc
MASTER_SITES= #none
DISTFILES= #none
EXTRACT_ONLY= #none
COMMENT= "Meta-port for an emulab ops node"
COMMENT= "Meta-port for an Emulab ops node"
MAINTAINER= ricci@cs.utah.edu
MAINTAINER= testbed-ops@flux.utah.edu
#
# We set this so that the mysql server port doesn't do name resolution
......@@ -103,13 +103,22 @@ RUN_DEPENDS= gmake:${PORTSDIR}/devel/gmake \
otclsh:${PORTSDIR}/lang/otcl \
${LOCALBASE}/lib/perl5/site_perl/${PERL_VER}/${PERL_ARCH}/BSD/Resource.pm:${PORTSDIR}/devel/p5-BSD-Resource \
${LOCALBASE}/lib/perl5/site_perl/${PERL_VER}/${PERL_ARCH}/Time/HiRes.pm:${PORTSDIR}/devel/p5-Time-HiRes \
wget:${PORTSDIR}/ftp/wget \
${PYTHON_PKGNAMEPREFIX}m2crypto>0:${PORTSDIR}/security/py-m2crypto
wget:${PORTSDIR}/ftp/wget
.if defined(ELVIN_COMPAT)
RUN_DEPENDS+= ${LOCALBASE}/libexec/elvind:${PORTSDIR}/misc/elvind
.endif
.if ${PORTVERSION} == "3.0"
# must handle patching of m2crypto when the port is built
RUN_DEPENDS+= \
${PYTHON_PKGNAMEPREFIX}m2crypto>0:${PORTSDIR}/misc/emulab-py-m2crypto
.else
# for older version we can patch the standard m2crypto once installed
RUN_DEPENDS+= \
${PYTHON_PKGNAMEPREFIX}m2crypto>0:${PORTSDIR}/security/py-m2crypto
.endif
.if ${OSMAJOR} >= 6
RUN_DEPENDS+= \
${LOCALBASE}/etc/apache/ssl.crl:${PORTSDIR}/www/apache13-modssl \
......
# New ports collection makefile for: emulab-py-m2crypto
# Date created: 06 January 2010
# Whom: mike@cs.utah.edu
#
# $FreeBSD: ports/security/py-m2crypto/Makefile,v 1.21 2009/01/27 10:20:52 mnag Exp $
#
# Our extra patch
EXTRA_PATCHES= $(FILESDIR)/emulab-patch-SSL-Connection
# Make sure we pick up all the standard port patches too
PATCHDIR= $(PORTSDIR)/security/py-m2crypto/files
.include "../../security/py-m2crypto/Makefile"
MD5 (python/M2Crypto-0.19.1.tar.gz) = c92286fdf0a75f017e72122c2832d5ff
SHA256 (python/M2Crypto-0.19.1.tar.gz) = a9cfce4ffc2690d35adf31e655fd89ee67590e222c84f75f2a62672e9c37aa27
SIZE (python/M2Crypto-0.19.1.tar.gz) = 390933
--- M2Crypto/SSL/Connection.py.orig 2008-10-12 22:47:33.000000000 -0600
+++ M2Crypto/SSL/Connection.py 2010-01-06 11:41:47.000000000 -0700
@@ -18,11 +18,14 @@
def _serverPostConnectionCheck(*args, **kw):
return 1
+def _clientPostConnectionCheck(*args, **kw):
+ return 1
+
class Connection:
"""An SSL connection."""
- clientPostConnectionCheck = Checker.Checker()
+ clientPostConnectionCheck = _clientPostConnectionCheck
serverPostConnectionCheck = _serverPostConnectionCheck
m2_bio_free = m2.bio_free
M2Crypto is the most complete Python wrapper for OpenSSL featuring RSA, DSA,
DH, HMACs, message digests, symmetric ciphers (including AES); SSL
functionality to implement clients and servers; HTTPS extensions to Python's
httplib, urllib, and xmlrpclib; unforgeable HMAC'ing AuthCookies for web
session management; FTP/TLS client and server; S/MIME; ZServerSSL: A HTTPS
server for Zope and ZSmime: An S/MIME messenger for Zope.
WWW: http://wiki.osafoundation.org/bin/view/Projects/MeTooCrypto
%%PYTHON_SITELIBDIR%%/%%PYEASYINSTALL_EGG%%
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment