Date: Tue, 25 Jul 2017 12:31:03 +0000 (UTC) From: Bernard Spil <brnrd@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r446578 - in head/net/haproxy-devel: . files Message-ID: <201707251231.v6PCV34k074821@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: brnrd Date: Tue Jul 25 12:31:03 2017 New Revision: 446578 URL: https://svnweb.freebsd.org/changeset/ports/446578 Log: net/haproxy-devel: Fix build with LibreSSL PR: 219272 Approved by: maintainer timeout Added: head/net/haproxy-devel/files/patch-src_ssl__sock.c (contents, props changed) Modified: head/net/haproxy-devel/Makefile Modified: head/net/haproxy-devel/Makefile ============================================================================== --- head/net/haproxy-devel/Makefile Tue Jul 25 12:27:58 2017 (r446577) +++ head/net/haproxy-devel/Makefile Tue Jul 25 12:31:03 2017 (r446578) @@ -3,6 +3,7 @@ PORTNAME= haproxy DISTVERSION= 1.8-dev2 +PORTREVISION= 1 CATEGORIES= net www MASTER_SITES= http://www.haproxy.org/download/1.8/src/devel/ PKGNAMESUFFIX= -devel Added: head/net/haproxy-devel/files/patch-src_ssl__sock.c ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/net/haproxy-devel/files/patch-src_ssl__sock.c Tue Jul 25 12:31:03 2017 (r446578) @@ -0,0 +1,120 @@ +--- src/ssl_sock.c.orig 2017-06-02 13:59:51 UTC ++++ src/ssl_sock.c +@@ -56,7 +56,7 @@ + #include <openssl/engine.h> + #endif + +-#if OPENSSL_VERSION_NUMBER >= 0x1010000fL ++#if (OPENSSL_VERSION_NUMBER >= 0x1010000fL) && !defined(LIBRESSL_VERSION_NUMBER) + #include <openssl/async.h> + #endif + +@@ -362,7 +362,7 @@ fail_get: + } + #endif + +-#if OPENSSL_VERSION_NUMBER >= 0x1010000fL ++#if (OPENSSL_VERSION_NUMBER >= 0x1010000fL) && !defined(LIBRESSL_VERSION_NUMBER) + /* + * openssl async fd handler + */ +@@ -1034,10 +1034,13 @@ static int ssl_sock_load_ocsp(SSL_CTX *c + ocsp = NULL; + + #ifndef SSL_CTX_get_tlsext_status_cb +-# define SSL_CTX_get_tlsext_status_cb(ctx, cb) \ +- *cb = (void (*) (void))ctx->tlsext_status_cb; ++#ifndef SSL_CTRL_GET_TLSEXT_STATUS_REQ_CB ++#define SSL_CTRL_GET_TLSEXT_STATUS_REQ_CB 128 + #endif ++ callback = SSL_CTX_ctrl(ctx, SSL_CTRL_GET_TLSEXT_STATUS_REQ_CB, 0, callback); ++#else + SSL_CTX_get_tlsext_status_cb(ctx, &callback); ++#endif + + if (!callback) { + struct ocsp_cbk_arg *cb_arg = calloc(1, sizeof(*cb_arg)); +@@ -1063,7 +1066,10 @@ static int ssl_sock_load_ocsp(SSL_CTX *c + int key_type; + EVP_PKEY *pkey; + +-#ifdef SSL_CTX_get_tlsext_status_arg ++#if defined(SSL_CTX_get_tlsext_status_arg) || (LIBRESSL_VERSION_NUMBER >= 0x2050100fL) ++#ifndef SSL_CTRL_GET_TLSEXT_STATUS_REQ_CB_ARG ++#define SSL_CTRL_GET_TLSEXT_STATUS_REQ_CB_ARG 129 ++#endif + SSL_CTX_ctrl(ctx, SSL_CTRL_GET_TLSEXT_STATUS_REQ_CB_ARG, 0, &cb_arg); + #else + cb_arg = ctx->tlsext_status_arg; +@@ -3403,7 +3409,7 @@ int ssl_sock_load_cert_list_file(char *f + #define SSL_MODE_SMALL_BUFFERS 0 + #endif + +-#if (OPENSSL_VERSION_NUMBER < 0x1010000fL) && !defined(OPENSSL_IS_BORINGSSL) ++#if (OPENSSL_VERSION_NUMBER < 0x1010000fL) && !defined(OPENSSL_IS_BORINGSSL) || defined(LIBRESSL_VERSION_NUMBER) + static void ssl_set_SSLv3_func(SSL_CTX *ctx, int is_server) + { + #if SSL_OP_NO_SSLv3 +@@ -3560,7 +3566,7 @@ ssl_sock_initial_ctx(struct bind_conf *b + options &= ~SSL_OP_CIPHER_SERVER_PREFERENCE; + SSL_CTX_set_options(ctx, options); + +-#if OPENSSL_VERSION_NUMBER >= 0x1010000fL ++#if (OPENSSL_VERSION_NUMBER >= 0x1010000fL) && !defined(LIBRESSL_VERSION_NUMBER) + if (global_ssl.async) + mode |= SSL_MODE_ASYNC; + #endif +@@ -4010,7 +4016,7 @@ int ssl_sock_prepare_srv_ctx(struct serv + options |= SSL_OP_NO_TICKET; + SSL_CTX_set_options(ctx, options); + +-#if OPENSSL_VERSION_NUMBER >= 0x1010000fL ++#if (OPENSSL_VERSION_NUMBER >= 0x1010000fL) && !defined(LIBRESSL_VERSION_NUMBER) + if (global_ssl.async) + mode |= SSL_MODE_ASYNC; + #endif +@@ -4526,7 +4532,7 @@ int ssl_sock_handshake(struct connection + fd_cant_recv(conn->t.sock.fd); + return 0; + } +-#if OPENSSL_VERSION_NUMBER >= 0x1010000fL ++#if (OPENSSL_VERSION_NUMBER >= 0x1010000fL) && !defined(LIBRESSL_VERSION_NUMBER) + else if (ret == SSL_ERROR_WANT_ASYNC) { + ssl_async_process_fds(conn, conn->xprt_ctx); + return 0; +@@ -4610,7 +4616,7 @@ int ssl_sock_handshake(struct connection + fd_cant_recv(conn->t.sock.fd); + return 0; + } +-#if OPENSSL_VERSION_NUMBER >= 0x1010000fL ++#if (OPENSSL_VERSION_NUMBER >= 0x1010000fL) && !defined(LIBRESSL_VERSION_NUMBER) + else if (ret == SSL_ERROR_WANT_ASYNC) { + ssl_async_process_fds(conn, conn->xprt_ctx); + return 0; +@@ -4802,7 +4808,7 @@ static int ssl_sock_to_buf(struct connec + fd_cant_recv(conn->t.sock.fd); + break; + } +-#if OPENSSL_VERSION_NUMBER >= 0x1010000fL ++#if (OPENSSL_VERSION_NUMBER >= 0x1010000fL) && !defined(LIBRESSL_VERSION_NUMBER) + else if (ret == SSL_ERROR_WANT_ASYNC) { + ssl_async_process_fds(conn, conn->xprt_ctx); + break; +@@ -4910,7 +4916,7 @@ static int ssl_sock_from_buf(struct conn + __conn_sock_want_recv(conn); + break; + } +-#if OPENSSL_VERSION_NUMBER >= 0x1010000fL ++#if (OPENSSL_VERSION_NUMBER >= 0x1010000fL) && !defined(LIBRESSL_VERSION_NUMBER) + else if (ret == SSL_ERROR_WANT_ASYNC) { + ssl_async_process_fds(conn, conn->xprt_ctx); + break; +@@ -4933,7 +4939,7 @@ static int ssl_sock_from_buf(struct conn + static void ssl_sock_close(struct connection *conn) { + + if (conn->xprt_ctx) { +-#if OPENSSL_VERSION_NUMBER >= 0x1010000fL ++#if (OPENSSL_VERSION_NUMBER >= 0x1010000fL) && !defined(LIBRESSL_VERSION_NUMBER) + if (global_ssl.async) { + OSSL_ASYNC_FD all_fd[32], afd; + size_t num_all_fds = 0;
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201707251231.v6PCV34k074821>