From owner-svn-ports-head@freebsd.org  Sun Dec  4 12:13:42 2016
Return-Path: <owner-svn-ports-head@freebsd.org>
Delivered-To: svn-ports-head@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 2F527C66D11;
 Sun,  4 Dec 2016 12:13:42 +0000 (UTC)
 (envelope-from olivierd@FreeBSD.org)
Received: from repo.freebsd.org (repo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:0])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id 09E35B33;
 Sun,  4 Dec 2016 12:13:41 +0000 (UTC)
 (envelope-from olivierd@FreeBSD.org)
Received: from repo.freebsd.org ([127.0.1.37])
 by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id uB4CDfVx086398;
 Sun, 4 Dec 2016 12:13:41 GMT (envelope-from olivierd@FreeBSD.org)
Received: (from olivierd@localhost)
 by repo.freebsd.org (8.15.2/8.15.2/Submit) id uB4CDfLs086396;
 Sun, 4 Dec 2016 12:13:41 GMT (envelope-from olivierd@FreeBSD.org)
Message-Id: <201612041213.uB4CDfLs086396@repo.freebsd.org>
X-Authentication-Warning: repo.freebsd.org: olivierd set sender to
 olivierd@FreeBSD.org using -f
From: Olivier Duchateau <olivierd@FreeBSD.org>
Date: Sun, 4 Dec 2016 12:13:41 +0000 (UTC)
To: ports-committers@freebsd.org, svn-ports-all@freebsd.org,
 svn-ports-head@freebsd.org
Subject: svn commit: r427776 - in head/www/netsurf: . files
X-SVN-Group: ports-head
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-BeenThere: svn-ports-head@freebsd.org
X-Mailman-Version: 2.1.23
Precedence: list
List-Id: SVN commit messages for the ports tree for head
 <svn-ports-head.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/svn-ports-head>, 
 <mailto:svn-ports-head-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-ports-head/>
List-Post: <mailto:svn-ports-head@freebsd.org>
List-Help: <mailto:svn-ports-head-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/svn-ports-head>,
 <mailto:svn-ports-head-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 04 Dec 2016 12:13:42 -0000

Author: olivierd
Date: Sun Dec  4 12:13:40 2016
New Revision: 427776
URL: https://svnweb.freebsd.org/changeset/ports/427776

Log:
  - Add patch, which fixes X509 cert API detection for OpenSSL >= 1.1.x
  and LibreSSL
  - Bump PORTREVISION
  
  While I'm here, unset GSTREAMER option, it causes build failure
  
  Obtained from:	Upstream repository

Added:
  head/www/netsurf/files/patch-content_fetchers_curl.c   (contents, props changed)
Modified:
  head/www/netsurf/Makefile

Modified: head/www/netsurf/Makefile
==============================================================================
--- head/www/netsurf/Makefile	Sun Dec  4 11:29:10 2016	(r427775)
+++ head/www/netsurf/Makefile	Sun Dec  4 12:13:40 2016	(r427776)
@@ -3,6 +3,7 @@
 
 PORTNAME=	netsurf
 PORTVERSION=	3.6
+PORTREVISION=	1
 CATEGORIES=	www
 MASTER_SITES=	http://download.netsurf-browser.org/netsurf/releases/source/
 DISTNAME=	${PORTNAME}-${PORTVERSION}-src
@@ -50,7 +51,8 @@ SHEBANG_FILES=	utils/split-messages.pl
 perl_CMD=	${SETENV} perl
 
 OPTIONS_DEFINE=	GSTREAMER
-GSTREAMER_USE=		GSTREAMER=yes
+OPTIONS_EXCLUDE=	GSTREAMER
+GSTREAMER_USE=		GSTREAMER=yes, good
 
 .include <bsd.port.pre.mk>
 

Added: head/www/netsurf/files/patch-content_fetchers_curl.c
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/www/netsurf/files/patch-content_fetchers_curl.c	Sun Dec  4 12:13:40 2016	(r427776)
@@ -0,0 +1,64 @@
+--- content/fetchers/curl.c.orig	2016-11-19 13:37:41 UTC
++++ content/fetchers/curl.c
+@@ -128,6 +128,28 @@ static char fetch_error_buffer[CURL_ERRO
+ static char fetch_proxy_userpwd[100];
+ 
+ 
++/* OpenSSL 1.0.x to 1.1.0 certificate reference counting changed
++ * LibreSSL declares its OpenSSL version as 2.1 but only supports the old way
++ */
++#if (defined(LIBRESSL_VERSION_NUMBER) || (OPENSSL_VERSION_NUMBER < 0x1010000fL))
++static int ns_X509_up_ref(X509 *cert)
++{
++	cert->references++;
++	return 1;
++}
++
++static void ns_X509_free(X509 *cert)
++{
++	cert->references--;
++	if (cert->references == 0) {
++		X509_free(cert);
++	}
++}
++#else
++#define ns_X509_up_ref X509_up_ref
++#define ns_X509_free X509_free
++#endif
++
+ /**
+  * Initialise a cURL fetcher.
+  */
+@@ -438,7 +460,7 @@ fetch_curl_verify_callback(int verify_ok
+ 	 */
+ 	if (!fetch->cert_data[depth].cert) {
+ 		fetch->cert_data[depth].cert = X509_STORE_CTX_get_current_cert(x509_ctx);
+-		fetch->cert_data[depth].cert->references++;
++		ns_X509_up_ref(fetch->cert_data[depth].cert);
+ 		fetch->cert_data[depth].err = X509_STORE_CTX_get_error(x509_ctx);
+ 	}
+ 
+@@ -815,10 +837,7 @@ static void fetch_curl_free(void *vf)
+ 	}
+ 
+ 	for (i = 0; i < MAX_CERTS && f->cert_data[i].cert; i++) {
+-		f->cert_data[i].cert->references--;
+-		if (f->cert_data[i].cert->references == 0) {
+-			X509_free(f->cert_data[i].cert);
+-		}
++		ns_X509_free(f->cert_data[i].cert);
+ 	}
+ 
+ 	free(f);
+@@ -986,10 +1005,7 @@ curl_start_cert_validate(struct curl_fet
+ 					      X509_get_pubkey(certs[depth].cert));
+ 
+ 		/* and clean up */
+-		certs[depth].cert->references--;
+-		if (certs[depth].cert->references == 0) {
+-			X509_free(certs[depth].cert);
+-		}
++		ns_X509_free(certs[depth].cert);
+ 	}
+ 
+ 	msg.type = FETCH_CERT_ERR;