Re: UPDATE: security/luasec-0.9

[Lucas]

Gleydson Soares  wrote:
> > Regarding setting NO_TEST, bsd.port.mk(5) says it should be set to Yes
> > "only for ports with no regression test", so I'm not sure if using Yes
> > here would be an abuse.
> 
> yes, right. 
> maybe we should add a comment showing that failure is kwown.

Sure, no problem. Feel free to commit it.

-Lucas

Re: UPDATE: security/luasec-0.9

[Gleydson Soares]

> Deployed this on my server and I don't see any issue so far. In fact,
> prosody is communicating over TLS without problems, so I'd it's OK
> from prosody side.

thanks for testing, i have just committed the luasec update.

> Regarding setting NO_TEST, bsd.port.mk(5) says it should be set to Yes
> "only for ports with no regression test", so I'm not sure if using Yes
> here would be an abuse.

yes, right. 
maybe we should add a comment showing that failure is kwown.
? prosofy.diff
Index: Makefile
===
RCS file: /cvs/ports/net/prosody/Makefile,v
retrieving revision 1.57
diff -u -p -r1.57 Makefile
--- Makefile2 Jun 2020 07:22:46 -   1.57
+++ Makefile23 Jun 2020 11:16:39 -
@@ -20,7 +20,10 @@ MODLUA_RUN_DEPENDS+= databases/luadbi \
devel/luafs \
security/luasec \
textproc/luaexpat>=1.3.0
+
+# fails, depends on busted not yet in
 TEST_DEPENDS = ${MODLUA_RUN_DEPENDS}
+
 WANTLIB+=  crypto idn
 
 CONFIGURE_STYLE=simple

Re: UPDATE: security/luasec-0.9

[Lucas]

Hi Gleydson,

thanks for reaching out.

> the following diff updates luasec to 0.9.
> 
> the only consumer of luasec on ports is net/prosody

Deployed this on my server and I don't see any issue so far. In fact,
prosody is communicating over TLS without problems, so I'd it's OK
from prosody side.

> looks like regress is broken though, see:
> 
> ===>  Regression tests for prosody-0.11.5
> busted --lua=lua51
> /bin/sh: busted: not found
> 
> seems lua-busted is not in ports yet, so maybe we should
> set NO_TEST until busted is in.

I'm aware of this. I took a quick glance on how to port it in my first
days at ports, but got kinda stuck because it's a luarocks-only
package.

>From a quick overview at the dependencies for busted, we would need to
import luasystem, dkjson, say, luassert and mediator_lua before
importing it, and I don't know if there are other lua ports that
require busted for tests.

Right now, I feel I can tackle it, but dunno if it's worth doing so
much work for a package only used for tests for a single port.

Regarding setting NO_TEST, bsd.port.mk(5) says it should be set to Yes
"only for ports with no regression test", so I'm not sure if using Yes
here would be an abuse.

-Lucas

UPDATE: security/luasec-0.9

[Gleydson Soares]

the following diff updates luasec to 0.9.

the only consumer of luasec on ports is net/prosody
looks like regress is broken though, see:

===>  Regression tests for prosody-0.11.5
busted --lua=lua51
/bin/sh: busted: not found

seems lua-busted is not in ports yet, so maybe we should
set NO_TEST until busted is in.
? luasec-0.9.diff
Index: Makefile
===
RCS file: /cvs/ports/security/luasec/Makefile,v
retrieving revision 1.22
diff -u -p -r1.22 Makefile
--- Makefile12 Jul 2019 20:49:05 -  1.22
+++ Makefile21 Jun 2020 20:45:41 -
@@ -4,8 +4,7 @@ COMMENT=lua binding to OpenSSL to provi
 
 GH_ACCOUNT=brunoos
 GH_PROJECT=luasec
-GH_TAGNAME=luasec-0.7
-DISTNAME=  ${GH_TAGNAME}
+GH_TAGNAME=v0.9
 
 CATEGORIES=security
 
Index: distinfo
===
RCS file: /cvs/ports/security/luasec/distinfo,v
retrieving revision 1.7
diff -u -p -r1.7 distinfo
--- distinfo8 Sep 2018 17:21:14 -   1.7
+++ distinfo21 Jun 2020 20:45:41 -
@@ -1,2 +1,2 @@
-SHA256 (luasec-0.7.tar.gz) = IXbpWx0qcqMjXt5dKqmDgFD+7lXa3o/b3kvn/cZvOjE=
-SIZE (luasec-0.7.tar.gz) = 47965
+SHA256 (luasec-0.9.tar.gz) = a2uU6FF79rr1RfrSmiES+ax5V62FtKro4HJ77HfXoyU=
+SIZE (luasec-0.9.tar.gz) = 52163
Index: patches/patch-src_Makefile
===
RCS file: /cvs/ports/security/luasec/patches/patch-src_Makefile,v
retrieving revision 1.6
diff -u -p -r1.6 patch-src_Makefile
--- patches/patch-src_Makefile  8 Sep 2018 17:21:14 -   1.6
+++ patches/patch-src_Makefile  21 Jun 2020 20:45:41 -
@@ -2,7 +2,7 @@ $OpenBSD: patch-src_Makefile,v 1.6 2018/
 Index: src/Makefile
 --- src/Makefile.orig
 +++ src/Makefile
-@@ -12,8 +12,8 @@ LIBS=-lssl -lcrypto -lluasocket
+@@ -13,8 +13,8 @@ LIBS=-lssl -lcrypto -lluasocket
  
  WARN=-Wall -pedantic
  
Index: pkg/PLIST
===
RCS file: /cvs/ports/security/luasec/pkg/PLIST,v
retrieving revision 1.8
diff -u -p -r1.8 PLIST
--- pkg/PLIST   8 Sep 2018 17:21:14 -   1.8
+++ pkg/PLIST   21 Jun 2020 20:45:41 -
@@ -1,9 +1,13 @@
 @comment $OpenBSD: PLIST,v 1.8 2018/09/08 17:21:14 gsoares Exp $
-lib/lua/${MODLUA_VERSION}/ssl.so
+@so lib/lua/${MODLUA_VERSION}/ssl.so
 share/examples/${FULLPKGNAME}/
 share/examples/${FULLPKGNAME}/README
+share/examples/${FULLPKGNAME}/alpn/
+share/examples/${FULLPKGNAME}/alpn/client.lua
+share/examples/${FULLPKGNAME}/alpn/server.lua
 share/examples/${FULLPKGNAME}/certs/
 share/examples/${FULLPKGNAME}/certs/all.bat
+share/examples/${FULLPKGNAME}/certs/all.sh
 share/examples/${FULLPKGNAME}/certs/clientA.bat
 share/examples/${FULLPKGNAME}/certs/clientA.cnf
 share/examples/${FULLPKGNAME}/certs/clientA.sh
@@ -29,6 +33,8 @@ share/examples/${FULLPKGNAME}/chain/util
 share/examples/${FULLPKGNAME}/curve-negotiation/
 share/examples/${FULLPKGNAME}/curve-negotiation/client.lua
 share/examples/${FULLPKGNAME}/curve-negotiation/server.lua
+share/examples/${FULLPKGNAME}/dane/
+share/examples/${FULLPKGNAME}/dane/client.lua
 share/examples/${FULLPKGNAME}/dhparam/
 share/examples/${FULLPKGNAME}/dhparam/client.lua
 share/examples/${FULLPKGNAME}/dhparam/params.sh
@@ -54,6 +60,11 @@ share/examples/${FULLPKGNAME}/loop/serve
 share/examples/${FULLPKGNAME}/luaossl/
 share/examples/${FULLPKGNAME}/luaossl/client.lua
 share/examples/${FULLPKGNAME}/luaossl/server.lua
+share/examples/${FULLPKGNAME}/multicert/
+share/examples/${FULLPKGNAME}/multicert/client-ecdsa.lua
+share/examples/${FULLPKGNAME}/multicert/client-rsa.lua
+share/examples/${FULLPKGNAME}/multicert/gencerts.sh
+share/examples/${FULLPKGNAME}/multicert/server.lua
 share/examples/${FULLPKGNAME}/oneshot/
 share/examples/${FULLPKGNAME}/oneshot/client.lua
 share/examples/${FULLPKGNAME}/oneshot/server.lua