Update to wolfSSL (CyaSSL) Portfile

[jacob@…]

Hi,

We had a recent release of wolfSSL version 3.8.0 and I'm looking to update the Portfile to reflect this. It looks like it has been awhile since we sent in an update, so I changed the Portfile from cyassl -> wolfssl to be consistent with our name change back in January of 2015.

Regards, Jacob

[mf2k (Frank Schima)]

The Priority field is for use by Macports team members only.

[ryandesign (Ryan Carsten Schmidt)]

A cyassl port marked as replaced_by wolfssl needs to be maintained for a year to give people and upgrade path. See ​https://guide.macports.org/chunked/development.practices.html#development.practices.rename-replace-port.

[jacob@…]

Replying to ryandesign@…:

A cyassl port marked as replaced_by wolfssl needs to be maintained for a year to give people and upgrade path. See ​https://guide.macports.org/chunked/development.practices.html#development.practices.rename-replace-port.

Thanks for the heads up. Added a file called Portfile-maintain-cyassl that should allow existing cyassl users to upgrade to wolfssl. Regards, Jacob

[kurthindenburg (Kurt Hindenburg)]

Cc Me!

[kurthindenburg (Kurt Hindenburg)]

It looks like it is still installing the cyassl includes - is this expected?

/opt/local/include/cyassl         
callbacks.h             ocsp.h                  ssl.h
certs_test.h            openssl/                test.h
crl.h                   options.h               version.h
ctaocrypt/              sniffer.h
error-ssl.h             sniffer_error.h

[jacob@…]

Hello,

Yes the install of CyaSSL includes is expected. These files contain macros and includes to help with reverse compatibility on projects that use CyaSSL API and include paths. Redirecting the includes and API calls to wolfSSL, while allowing users to keep their application code relatively the same and just update the library being linked to.

Regards, Jacob

[kurthindenburg (Kurt Hindenburg)]

Thanks r146297 r146298

I enabled tests - one test failed on my system. "sudo port -v test wolfssl"

[kurthindenburg (Kurt Hindenburg)]

CERT EXT test failed!
 error = -227
FAIL testsuite/testsuite.test (exit status: 255)

[jacob@…]

Thanks for running the test on it.

Will investigate into the issue.

Regards, Jacob

[jacob@…]

Tracked down where the issue was happening. Our library no longer supports having both --enable-sep and --enable-scep. Portfile-wolfssl-2.diff removes --enable-sep and also removes gcc-hardening which is no longer a configure flag. While making these adjustments I noticed the E in opensslExtra needed to be lower cased to match our new library version.

Added a test option at the bottom of the Protfile. "make check" is going to be the best thing to run, for a portable test of the wolfSSL build.

Regards, Jacob

[jacob@…]

We are in the process of wrapping up a new release this week. Instead of 3.8.0 the most recent version of wolfSSL will be 3.9.0. Should this be closed and a new thread opened to reflect the new release?

Regards, Jacob

[kurthindenburg (Kurt Hindenburg)]

It doesn't build now for me - is this enough or do you need my main.log?

  CCLD     src/libwolfssl.la
clang: warning: argument unused during compilation: '-pthread'
clang: warning: argument unused during compilation: '-pthread'
ld: section __DATA/__thread_bss extends beyond end of file, file 'wolfcrypt/src/.libs/src_lib
wolfssl_la-ecc.o' for architecture x86_64
clang: error: linker command failed with exit code 1 (use -v to see invocation)
make[1]: *** [src/libwolfssl.la] Error 1

[jacob@…]

Hi,

Has there been any updates to OS or XCode on the machine running the tests since before the wolfSSL Portfile tests were added? From experience on my own machine I had to work at getting things setup for development (on all linking) after updating to El Capitan. Is it able to build on the machine without using MacPorts, just ./configure && make in a root wolfSSL directory?

Regards, Jacob

[kurthindenburg (Kurt Hindenburg)]

Yes, Apple pushed out updates last week. I'm puzzled on why this is failing to build after that though.

[kurthindenburg (Kurt Hindenburg)]

It does build outside macports w/o issue

macports: uses clang (configure: WARNING: unrecognized options: --enable-opensslExtra, --enable-gcc-hardening)

outside: uses g++

[jacob@…]

Hello, sorry for the delay in response.

It looks like the macports version is not using the most recent patch. The warnings of --enable-opensslExtra and --enable-gcc-hardening are two things that were changed with Portfile-wolfssl-2.diff. This though would not explain the linker problem. Is the previous version that was reporting the error = -227 still compiling? It would have had to compile previously to reach the CERT EXT test case and if the recent build has accidentally not applied the changes in Portfile-wolfssl-2.diff it should be the same build as from previous tests.

"CERT EXT test failed!

error = -227

FAIL testsuite/testsuite.test (exit status: 255)"

Is there a case here where it could be trying to link with an old/different version of wolfSSL after the changes are applied?

Regards, Jacob

[kurthindenburg (Kurt Hindenburg)]

I should have mentioned that the current Portfile (without this new patch) no longer builds as well - same error.

[jacob@…]

Ok, thanks. I have not been able to replicate it yet on my mac using the Portfile but will put some thought into the cause.

Do you use a clean or uninstall before trying the build? sudo port uninstall wolfssl or sudo port clean wolfssl?

Regards, Jacob

[kurthindenburg (Kurt Hindenburg)]

done r148674

please create a new ticket for the next release