mail/postfix-current: Fix runtime TLS failure with LibreSSL

   - Add LibreSSL checks to <> 1.1.0 OpenSSL checks
   - Bump portrevision

PR:		212223
Submitted by:	Markus Kohlmeier <rootservice@gmail.com>
Reported by:	Markus Kohlmeier <rootservice@gmail.com>
Approved by:	ohauer (via mail)
MFH:		2016Q3

6 files changed, 103 insertions, 0 deletions

diff --git a/mail/postfix-current/Makefile b/mail/postfix-current/Makefile
index 6f56ec9ce2bb..c7f0ab3683a5 100644
--- a/mail/postfix-current/Makefile
+++ b/mail/postfix-current/Makefile
@@ -4,6 +4,7 @@
 PORTNAME=	postfix
 DISTVERSION=	3.2-20160828
 PORTEPOCH=	4
+PORTREVISION=	1
 CATEGORIES=	mail ipv6
 MASTER_SITES=	ftp://ftp.porcupine.org/mirrors/postfix-release/ \
 		http://de.postfix.org/ftpmirror/ \
diff --git a/mail/postfix-current/files/patch-src_posttls-finger_posttls-finger.c b/mail/postfix-current/files/patch-src_posttls-finger_posttls-finger.c
new file mode 100644
index 000000000000..10f2e2d22d87
--- /dev/null
+++ b/mail/postfix-current/files/patch-src_posttls-finger_posttls-finger.c
@@ -0,0 +1,22 @@
+--- src/posttls-finger/posttls-finger.c.orig	2016-08-27 20:27:50 UTC
++++ src/posttls-finger/posttls-finger.c
+@@ -1511,7 +1511,8 @@ static int finger(STATE *state)
+     return (0);
+ }
+ 
+-#if defined(USE_TLS) && OPENSSL_VERSION_NUMBER < 0x10100000L
++#if defined(USE_TLS) && \
++    ( OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) )
+ 
+ /* ssl_cleanup - free memory allocated in the OpenSSL library */
+ 
+@@ -1958,7 +1959,8 @@ int     main(int argc, char *argv[])
+     cleanup(&state);
+ 
+     /* OpenSSL 1.1.0 and later (de)initialization is implicit */
+-#if defined(USE_TLS) && OPENSSL_VERSION_NUMBER < 0x10100000L
++#if defined(USE_TLS) && \
++    ( OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) )
+     ssl_cleanup();
+ #endif
+ 
diff --git a/mail/postfix-current/files/patch-src_tls_tls__client.c b/mail/postfix-current/files/patch-src_tls_tls__client.c
new file mode 100644
index 000000000000..4f63c0858b26
--- /dev/null
+++ b/mail/postfix-current/files/patch-src_tls_tls__client.c
@@ -0,0 +1,20 @@
+--- src/tls/tls_client.c.orig	2016-08-27 20:27:50 UTC
++++ src/tls/tls_client.c
+@@ -299,7 +299,7 @@ TLS_APPL_STATE *tls_client_init(const TL
+      */
+     tls_check_version();
+ 
+-#if OPENSSL_VERSION_NUMBER < 0x10100000L
++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
+ 
+     /*
+      * Initialize the OpenSSL library by the book! To start with, we must
+@@ -441,7 +441,7 @@ TLS_APPL_STATE *tls_client_init(const TL
+     /*
+      * 2015-12-05: Ephemeral RSA removed from OpenSSL 1.1.0-dev
+      */
+-#if OPENSSL_VERSION_NUMBER < 0x10100000L
++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
+ 
+     /*
+      * According to the OpenSSL documentation, temporary RSA key is needed
diff --git a/mail/postfix-current/files/patch-src_tls_tls__dane.c b/mail/postfix-current/files/patch-src_tls_tls__dane.c
new file mode 100644
index 000000000000..494c3598053d
--- /dev/null
+++ b/mail/postfix-current/files/patch-src_tls_tls__dane.c
@@ -0,0 +1,11 @@
+--- src/tls/tls_dane.c.orig	2016-08-27 20:27:50 UTC
++++ src/tls/tls_dane.c
+@@ -2163,7 +2163,7 @@ static SSL_CTX *ctx_init(const char *CAf
+     tls_param_init();
+     tls_check_version();
+ 
+-#if OPENSSL_VERSION_NUMBER < 0x10100000L
++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
+     SSL_load_error_strings();
+     SSL_library_init();
+ #endif
diff --git a/mail/postfix-current/files/patch-src_tls_tls__rsa.c b/mail/postfix-current/files/patch-src_tls_tls__rsa.c
new file mode 100644
index 000000000000..bbfd96134479
--- /dev/null
+++ b/mail/postfix-current/files/patch-src_tls_tls__rsa.c
@@ -0,0 +1,20 @@
+--- src/tls/tls_rsa.c.orig	2016-01-03 14:49:51 UTC
++++ src/tls/tls_rsa.c
+@@ -57,7 +57,7 @@
+  /*
+   * 2015-12-05: Ephemeral RSA removed from OpenSSL 1.1.0-dev
+   */
+-#if OPENSSL_VERSION_NUMBER < 0x10100000L
++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
+ 
+ /* tls_tmp_rsa_cb - call-back to generate ephemeral RSA key */
+ 
+@@ -109,7 +109,7 @@ int     main(int unused_argc, char *cons
+     /*
+      * 2015-12-05: Ephemeral RSA removed from OpenSSL 1.1.0-dev
+      */
+-#if OPENSSL_VERSION_NUMBER < 0x10100000L
++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
+     RSA    *rsa;
+ 
+     msg_vstream_init(argv[0], VSTREAM_ERR);
diff --git a/mail/postfix-current/files/patch-src_tls_tls__server.c b/mail/postfix-current/files/patch-src_tls_tls__server.c
new file mode 100644
index 000000000000..b9fb84e87acd
--- /dev/null
+++ b/mail/postfix-current/files/patch-src_tls_tls__server.c
@@ -0,0 +1,29 @@
+--- src/tls/tls_server.c.orig	2016-08-27 20:27:50 UTC
++++ src/tls/tls_server.c
+@@ -174,7 +174,7 @@ static const char server_session_id_cont
+ #endif					/* OPENSSL_VERSION_NUMBER */
+ 
+  /* OpenSSL 1.1.0 bitrot */
+-#if OPENSSL_VERSION_NUMBER >= 0x10100000L
++#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
+ typedef const unsigned char *session_id_t;
+ 
+ #else
+@@ -377,7 +377,7 @@ TLS_APPL_STATE *tls_server_init(const TL
+      */
+     tls_check_version();
+ 
+-#if OPENSSL_VERSION_NUMBER < 0x10100000L
++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
+ 
+     /*
+      * Initialize the OpenSSL library by the book! To start with, we must
+@@ -588,7 +588,7 @@ TLS_APPL_STATE *tls_server_init(const TL
+     /*
+      * 2015-12-05: Ephemeral RSA removed from OpenSSL 1.1.0-dev
+      */
+-#if OPENSSL_VERSION_NUMBER < 0x10100000L
++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
+ 
+     /*
+      * According to OpenSSL documentation, a temporary RSA key is needed when