NEW: perl websocket/tls ports

classic Classic list List threaded Threaded
6 messages Options
Reply | Threaded
Open this post in threaded view
|

NEW: perl websocket/tls ports

Anthony J. Bentley-4
Hi,

Henning sent these ports a few months back. I've attached revised
versions to this mail; they needed only minor cleanup.

net/p5-Net-WebSocket-Server
net/p5-Protocol-WebSocket
security/p5-Crypt-LE
security/p5-Crypt-PKCS10
security/p5-Crypt-X509

I'm told these are blockers for HTTPS on open{ntp,bgp}d.org.

ok?

--
Anthony J. Bentley

p5-Net-WebSocket-Server.tar.gz (1K) Download Attachment
p5-Protocol-WebSocket.tar.gz (1K) Download Attachment
p5-Crypt-LE.tar.gz (1K) Download Attachment
p5-Crypt-PKCS10.tar.gz (1K) Download Attachment
p5-Crypt-X509.tar.gz (1K) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: NEW: perl websocket/tls ports

Stuart Henderson
On 2019/10/28 23:29, Anthony J. Bentley wrote:

> Hi,
>
> Henning sent these ports a few months back. I've attached revised
> versions to this mail; they needed only minor cleanup.
>
> net/p5-Net-WebSocket-Server
> net/p5-Protocol-WebSocket
> security/p5-Crypt-LE
> security/p5-Crypt-PKCS10
> security/p5-Crypt-X509
>
> I'm told these are blockers for HTTPS on open{ntp,bgp}d.org.
>
> ok?
>
> --
> Anthony J. Bentley





p5-Crypt-X509 is already committed. I'll look at the others in a bit,
it's less hassle to review multiple connected ports if they are in a
single tar with category/port (rather than have to extract them
separately, figure out the category for each, move them into place..)

Reply | Threaded
Open this post in threaded view
|

Re: NEW: perl websocket/tls ports

Stuart Henderson
In reply to this post by Anthony J. Bentley-4
On 2019/10/28 23:29, Anthony J. Bentley wrote:
> Hi,
>
> Henning sent these ports a few months back. I've attached revised
> versions to this mail; they needed only minor cleanup.
>
> net/p5-Net-WebSocket-Server

- cc'ing afresh1 for comment, but rather than listing devel/p5-Test-Pod and
devel/p5-Test-Pod-Coverage in TEST_DEPENDS the usual approach in cpan ports
seems to be "MAKE_ENV= TEST_POD=Yes" which adds the deps automatically

> net/p5-Protocol-WebSocket

- drop BUILD_DEPENDS, use CONFIGURE_STYLE = modbuild tiny

> security/p5-Crypt-LE

- drop p5-JSON dep; it's unused; Crypt::LE diverts all JSON via
JSON::MaybeXS which depends on Cpanel::JSON::XS and uses it preferentially

- maybe worth adding a HOMEPAGE? the cpan meta just has https://do-know.com
and there's also https://zerossl.com/, but one of these might be better ..
https://do-know.com/guides/blog-Get-free-SSL-Certificates-with-Perl.html
https://github.com/do-know/Crypt-LE

> security/p5-Crypt-PKCS10

- outdated - please bump to 2.001 (straightforward update, no big changes)

- s/PERMIT_PACKAGE_CDROM/PERMIT_PACKAGE/

- definitely missing a dep on converters/p5-Convert-ASN1

- also needs either security/p5-Crypt-OpenSSL-DSA or
security/p5-Crypt-OpenSSL-RSA or Crypt::PK::ECC (not ported) to do
anything; maybe add a run dep on security/p5-Crypt-OpenSSL-RSA as that's
still what most people will need?

> security/p5-Crypt-X509

already in tree

> I'm told these are blockers for HTTPS on open{ntp,bgp}d.org.

sounds fair to me, cert verification is often more sane if you can use
DNS-01.

Reply | Threaded
Open this post in threaded view
|

Re: NEW: perl websocket/tls ports

Anthony J. Bentley-4
Stuart Henderson writes:
> > net/p5-Net-WebSocket-Server
>
> - cc'ing afresh1 for comment, but rather than listing devel/p5-Test-Pod and
> devel/p5-Test-Pod-Coverage in TEST_DEPENDS the usual approach in cpan ports
> seems to be "MAKE_ENV= TEST_POD=Yes" which adds the deps automatically

Done.

> > net/p5-Protocol-WebSocket
>
> - drop BUILD_DEPENDS, use CONFIGURE_STYLE = modbuild tiny

Done.

> > security/p5-Crypt-LE
>
> - drop p5-JSON dep; it's unused; Crypt::LE diverts all JSON via
> JSON::MaybeXS which depends on Cpanel::JSON::XS and uses it preferentially
>
> - maybe worth adding a HOMEPAGE? the cpan meta just has https://do-know.com
> and there's also https://zerossl.com/, but one of these might be better ..
> https://do-know.com/guides/blog-Get-free-SSL-Certificates-with-Perl.html
> https://github.com/do-know/Crypt-LE

Went with GitHub.

> > security/p5-Crypt-PKCS10
>
> - outdated - please bump to 2.001 (straightforward update, no big changes)
>
> - s/PERMIT_PACKAGE_CDROM/PERMIT_PACKAGE/
>
> - definitely missing a dep on converters/p5-Convert-ASN1
>
> - also needs either security/p5-Crypt-OpenSSL-DSA or
> security/p5-Crypt-OpenSSL-RSA or Crypt::PK::ECC (not ported)
You must be looking at an older port, the tarball I sent had all the
changes listed here already.

Crypt::PK::ECC is in ports, included in security/p5-CryptX.

New tarball attached, relative to /usr/ports.

--
Anthony J. Bentley

perl-websocket.tar.gz (4K) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: NEW: perl websocket/tls ports

Stuart Henderson
On 2019/10/30 01:37, Anthony J. Bentley wrote:
> > > net/p5-Net-WebSocket-Server
> > > net/p5-Protocol-WebSocket
> > > security/p5-Crypt-LE

OK.

> > > security/p5-Crypt-PKCS10
> >
> > - outdated - please bump to 2.001 (straightforward update, no big changes)
> >
> > - s/PERMIT_PACKAGE_CDROM/PERMIT_PACKAGE/
> >
> > - definitely missing a dep on converters/p5-Convert-ASN1
> >
> > - also needs either security/p5-Crypt-OpenSSL-DSA or
> > security/p5-Crypt-OpenSSL-RSA or Crypt::PK::ECC (not ported)
>
> You must be looking at an older port, the tarball I sent had all the
> changes listed here already.
>
> Crypt::PK::ECC is in ports, included in security/p5-CryptX.

Oh oops! Not sure how that happened. Please drop the duplicate
devel/p5-Module-Build-Tiny BUILD_DEPENDS (already added from CONFIGURE_STYLE)
then it's OK.

Mind the CVS directories when importing, I don't know whether cvs import copes
with them.

> New tarball attached, relative to /usr/ports.

Thank you :)

Reply | Threaded
Open this post in threaded view
|

Re: NEW: perl websocket/tls ports

Andrew Hewus Fresh
In reply to this post by Anthony J. Bentley-4
On Wed, Oct 30, 2019 at 01:37:38AM -0600, Anthony J. Bentley wrote:
> Stuart Henderson writes:
> > > net/p5-Net-WebSocket-Server
> >
> > - cc'ing afresh1 for comment, but rather than listing devel/p5-Test-Pod and
> > devel/p5-Test-Pod-Coverage in TEST_DEPENDS the usual approach in cpan ports
> > seems to be "MAKE_ENV= TEST_POD=Yes" which adds the deps automatically
>
> Done.

OK afresh1@

 
> > > net/p5-Protocol-WebSocket
> >
> > - drop BUILD_DEPENDS, use CONFIGURE_STYLE = modbuild tiny
>
> Done.

OK afresh1@


> > > security/p5-Crypt-LE
> >
> > - drop p5-JSON dep; it's unused; Crypt::LE diverts all JSON via
> > JSON::MaybeXS which depends on Cpanel::JSON::XS and uses it preferentially

Tests for this require https access to
'acme-staging.api.letsencrypt.org:443', not sure if that means we need
to set "manual testing" or whatever, but tests fail for me with
PORTS_PRIVSEP.


OK afresh1@ if that's not a problem, or if it is fixed.


> >
> > - maybe worth adding a HOMEPAGE? the cpan meta just has https://do-know.com
> > and there's also https://zerossl.com/, but one of these might be better ..
> > https://do-know.com/guides/blog-Get-free-SSL-Certificates-with-Perl.html
> > https://github.com/do-know/Crypt-LE
>
> Went with GitHub.
>
> > > security/p5-Crypt-PKCS10

OK afresh1@


> > - outdated - please bump to 2.001 (straightforward update, no big changes)
> >
> > - s/PERMIT_PACKAGE_CDROM/PERMIT_PACKAGE/
> >
> > - definitely missing a dep on converters/p5-Convert-ASN1
> >
> > - also needs either security/p5-Crypt-OpenSSL-DSA or
> > security/p5-Crypt-OpenSSL-RSA or Crypt::PK::ECC (not ported)
>
> You must be looking at an older port, the tarball I sent had all the
> changes listed here already.
>
> Crypt::PK::ECC is in ports, included in security/p5-CryptX.
>
> New tarball attached, relative to /usr/ports.
>
> --
> Anthony J. Bentley



--
andrew - http://afresh1.com

Life's unfair - but root password helps!