Opened 5 years ago

Closed 5 years ago

Last modified 3 years ago

#50214 closed update (fixed)

Update to wolfSSL (CyaSSL) Portfile

Reported by: jacob@… Owned by: chris@…
Priority: Normal Milestone:
Component: ports Version:
Keywords: haspatch Cc: ci42, ryandesign (Ryan Schmidt), kurthindenburg (Kurt Hindenburg)
Port: cyassl wolfSSL

Description

Hi,

We had a recent release of wolfSSL version 3.8.0 and I'm looking to update the Portfile to reflect this. It looks like it has been awhile since we sent in an update, so I changed the Portfile from cyassl -> wolfssl to be consistent with our name change back in January of 2015.

Regards, Jacob

Attachments (3)

Portfile-wolfssl.diff (3.3 KB) - added by jacob@… 5 years ago.
Portfile-maintain-cyassl (1.3 KB) - added by jacob@… 5 years ago.
Portfile-wolfssl-2.diff (1.3 KB) - added by jacob@… 5 years ago.

Download all attachments as: .zip

Change History (24)

Changed 5 years ago by jacob@…

Attachment: Portfile-wolfssl.diff added

comment:1 Changed 5 years ago by mf2k (Frank Schima)

Keywords: Update removed
Priority: HighNormal

The Priority field is for use by Macports team members only.

comment:2 Changed 5 years ago by ryandesign (Ryan Schmidt)

Cc: ciserlohn@… ryandesign@… added; ciserlohn@… ryandesign@… removed

A cyassl port marked as replaced_by wolfssl needs to be maintained for a year to give people and upgrade path. See https://guide.macports.org/chunked/development.practices.html#development.practices.rename-replace-port.

Changed 5 years ago by jacob@…

Attachment: Portfile-maintain-cyassl added

comment:3 in reply to:  2 Changed 5 years ago by jacob@…

Replying to ryandesign@…:

A cyassl port marked as replaced_by wolfssl needs to be maintained for a year to give people and upgrade path. See https://guide.macports.org/chunked/development.practices.html#development.practices.rename-replace-port.

Thanks for the heads up. Added a file called Portfile-maintain-cyassl that should allow existing cyassl users to upgrade to wolfssl. Regards, Jacob

comment:4 Changed 5 years ago by mf2k (Frank Schima)

Cc: chris@… removed
Owner: changed from macports-tickets@… to chris@…
Port: wolfSSL added; (wolfssl) removed
Version: 2.3.4

comment:5 Changed 5 years ago by kurthindenburg (Kurt Hindenburg)

Cc: khindenburg@… added

Cc Me!

comment:6 Changed 5 years ago by kurthindenburg (Kurt Hindenburg)

It looks like it is still installing the cyassl includes - is this expected?

/opt/local/include/cyassl         
callbacks.h             ocsp.h                  ssl.h
certs_test.h            openssl/                test.h
crl.h                   options.h               version.h
ctaocrypt/              sniffer.h
error-ssl.h             sniffer_error.h

comment:7 Changed 5 years ago by jacob@…

Hello,

Yes the install of CyaSSL includes is expected. These files contain macros and includes to help with reverse compatibility on projects that use CyaSSL API and include paths. Redirecting the includes and API calls to wolfSSL, while allowing users to keep their application code relatively the same and just update the library being linked to.

Regards, Jacob

comment:8 Changed 5 years ago by kurthindenburg (Kurt Hindenburg)

Resolution: fixed
Status: newclosed

Thanks r146297 r146298

I enabled tests - one test failed on my system. "sudo port -v test wolfssl"

comment:9 Changed 5 years ago by kurthindenburg (Kurt Hindenburg)

CERT EXT test failed!
 error = -227
FAIL testsuite/testsuite.test (exit status: 255)
Last edited 3 years ago by ryandesign (Ryan Schmidt) (previous) (diff)

comment:10 Changed 5 years ago by jacob@…

Thanks for running the test on it.

Will investigate into the issue.

Regards, Jacob

Changed 5 years ago by jacob@…

Attachment: Portfile-wolfssl-2.diff added

comment:11 Changed 5 years ago by jacob@…

Tracked down where the issue was happening. Our library no longer supports having both --enable-sep and --enable-scep. Portfile-wolfssl-2.diff removes --enable-sep and also removes gcc-hardening which is no longer a configure flag. While making these adjustments I noticed the E in opensslExtra needed to be lower cased to match our new library version.

Added a test option at the bottom of the Protfile. "make check" is going to be the best thing to run, for a portable test of the wolfSSL build.

Regards, Jacob

comment:12 Changed 5 years ago by mf2k (Frank Schima)

Keywords: haspatch added
Resolution: fixed
Status: closedreopened

comment:13 Changed 5 years ago by jacob@…

We are in the process of wrapping up a new release this week. Instead of 3.8.0 the most recent version of wolfSSL will be 3.9.0. Should this be closed and a new thread opened to reflect the new release?

Regards, Jacob

comment:14 Changed 5 years ago by kurthindenburg (Kurt Hindenburg)

It doesn't build now for me - is this enough or do you need my main.log?

  CCLD     src/libwolfssl.la
clang: warning: argument unused during compilation: '-pthread'
clang: warning: argument unused during compilation: '-pthread'
ld: section __DATA/__thread_bss extends beyond end of file, file 'wolfcrypt/src/.libs/src_lib
wolfssl_la-ecc.o' for architecture x86_64
clang: error: linker command failed with exit code 1 (use -v to see invocation)
make[1]: *** [src/libwolfssl.la] Error 1

comment:15 Changed 5 years ago by jacob@…

Hi,

Has there been any updates to OS or XCode on the machine running the tests since before the wolfSSL Portfile tests were added? From experience on my own machine I had to work at getting things setup for development (on all linking) after updating to El Capitan. Is it able to build on the machine without using MacPorts, just ./configure && make in a root wolfSSL directory?

Regards, Jacob

comment:16 Changed 5 years ago by kurthindenburg (Kurt Hindenburg)

Yes, Apple pushed out updates last week. I'm puzzled on why this is failing to build after that though.

comment:17 Changed 5 years ago by kurthindenburg (Kurt Hindenburg)

It does build outside macports w/o issue

macports: uses clang (configure: WARNING: unrecognized options: --enable-opensslExtra, --enable-gcc-hardening)

outside: uses g++

comment:18 Changed 5 years ago by jacob@…

Hello, sorry for the delay in response.

It looks like the macports version is not using the most recent patch. The warnings of --enable-opensslExtra and --enable-gcc-hardening are two things that were changed with Portfile-wolfssl-2.diff. This though would not explain the linker problem. Is the previous version that was reporting the error = -227 still compiling? It would have had to compile previously to reach the CERT EXT test case and if the recent build has accidentally not applied the changes in Portfile-wolfssl-2.diff it should be the same build as from previous tests.

"CERT EXT test failed!

error = -227

FAIL testsuite/testsuite.test (exit status: 255)"

Is there a case here where it could be trying to link with an old/different version of wolfSSL after the changes are applied?

Regards, Jacob

Version 0, edited 5 years ago by jacob@… (next)

comment:19 Changed 5 years ago by kurthindenburg (Kurt Hindenburg)

I should have mentioned that the current Portfile (without this new patch) no longer builds as well - same error.

comment:20 Changed 5 years ago by jacob@…

Ok, thanks. I have not been able to replicate it yet on my mac using the Portfile but will put some thought into the cause.

Do you use a clean or uninstall before trying the build? sudo port uninstall wolfssl or sudo port clean wolfssl?

Regards, Jacob

comment:21 Changed 5 years ago by kurthindenburg (Kurt Hindenburg)

Resolution: fixed
Status: reopenedclosed

done r148674

please create a new ticket for the next release

Note: See TracTickets for help on using tickets.