diff options
author | brnrd <brnrd@FreeBSD.org> | 2017-07-25 20:31:03 +0800 |
---|---|---|
committer | brnrd <brnrd@FreeBSD.org> | 2017-07-25 20:31:03 +0800 |
commit | 449d92239c9982df7a4a97d45cb411c8886f40a5 (patch) | |
tree | a5548d77cad099d944a68bb06a73922ad671c95f /net | |
parent | b7b642174b2978ccb6c686ccdfdbadc2883a9042 (diff) | |
download | freebsd-ports-gnome-449d92239c9982df7a4a97d45cb411c8886f40a5.tar.gz freebsd-ports-gnome-449d92239c9982df7a4a97d45cb411c8886f40a5.tar.zst freebsd-ports-gnome-449d92239c9982df7a4a97d45cb411c8886f40a5.zip |
net/haproxy-devel: Fix build with LibreSSL
PR: 219272
Approved by: maintainer timeout
Diffstat (limited to 'net')
-rw-r--r-- | net/haproxy-devel/Makefile | 1 | ||||
-rw-r--r-- | net/haproxy-devel/files/patch-src_ssl__sock.c | 120 |
2 files changed, 121 insertions, 0 deletions
diff --git a/net/haproxy-devel/Makefile b/net/haproxy-devel/Makefile index 5fa2f6063494..065a388fee5a 100644 --- a/net/haproxy-devel/Makefile +++ b/net/haproxy-devel/Makefile @@ -3,6 +3,7 @@ PORTNAME= haproxy DISTVERSION= 1.8-dev2 +PORTREVISION= 1 CATEGORIES= net www MASTER_SITES= http://www.haproxy.org/download/1.8/src/devel/ PKGNAMESUFFIX= -devel diff --git a/net/haproxy-devel/files/patch-src_ssl__sock.c b/net/haproxy-devel/files/patch-src_ssl__sock.c new file mode 100644 index 000000000000..83f1dcbb05bd --- /dev/null +++ b/net/haproxy-devel/files/patch-src_ssl__sock.c @@ -0,0 +1,120 @@ +--- src/ssl_sock.c.orig 2017-06-02 13:59:51 UTC ++++ src/ssl_sock.c +@@ -56,7 +56,7 @@ + #include <openssl/engine.h> + #endif + +-#if OPENSSL_VERSION_NUMBER >= 0x1010000fL ++#if (OPENSSL_VERSION_NUMBER >= 0x1010000fL) && !defined(LIBRESSL_VERSION_NUMBER) + #include <openssl/async.h> + #endif + +@@ -362,7 +362,7 @@ fail_get: + } + #endif + +-#if OPENSSL_VERSION_NUMBER >= 0x1010000fL ++#if (OPENSSL_VERSION_NUMBER >= 0x1010000fL) && !defined(LIBRESSL_VERSION_NUMBER) + /* + * openssl async fd handler + */ +@@ -1034,10 +1034,13 @@ static int ssl_sock_load_ocsp(SSL_CTX *c + ocsp = NULL; + + #ifndef SSL_CTX_get_tlsext_status_cb +-# define SSL_CTX_get_tlsext_status_cb(ctx, cb) \ +- *cb = (void (*) (void))ctx->tlsext_status_cb; ++#ifndef SSL_CTRL_GET_TLSEXT_STATUS_REQ_CB ++#define SSL_CTRL_GET_TLSEXT_STATUS_REQ_CB 128 + #endif ++ callback = SSL_CTX_ctrl(ctx, SSL_CTRL_GET_TLSEXT_STATUS_REQ_CB, 0, callback); ++#else + SSL_CTX_get_tlsext_status_cb(ctx, &callback); ++#endif + + if (!callback) { + struct ocsp_cbk_arg *cb_arg = calloc(1, sizeof(*cb_arg)); +@@ -1063,7 +1066,10 @@ static int ssl_sock_load_ocsp(SSL_CTX *c + int key_type; + EVP_PKEY *pkey; + +-#ifdef SSL_CTX_get_tlsext_status_arg ++#if defined(SSL_CTX_get_tlsext_status_arg) || (LIBRESSL_VERSION_NUMBER >= 0x2050100fL) ++#ifndef SSL_CTRL_GET_TLSEXT_STATUS_REQ_CB_ARG ++#define SSL_CTRL_GET_TLSEXT_STATUS_REQ_CB_ARG 129 ++#endif + SSL_CTX_ctrl(ctx, SSL_CTRL_GET_TLSEXT_STATUS_REQ_CB_ARG, 0, &cb_arg); + #else + cb_arg = ctx->tlsext_status_arg; +@@ -3403,7 +3409,7 @@ int ssl_sock_load_cert_list_file(char *f + #define SSL_MODE_SMALL_BUFFERS 0 + #endif + +-#if (OPENSSL_VERSION_NUMBER < 0x1010000fL) && !defined(OPENSSL_IS_BORINGSSL) ++#if (OPENSSL_VERSION_NUMBER < 0x1010000fL) && !defined(OPENSSL_IS_BORINGSSL) || defined(LIBRESSL_VERSION_NUMBER) + static void ssl_set_SSLv3_func(SSL_CTX *ctx, int is_server) + { + #if SSL_OP_NO_SSLv3 +@@ -3560,7 +3566,7 @@ ssl_sock_initial_ctx(struct bind_conf *b + options &= ~SSL_OP_CIPHER_SERVER_PREFERENCE; + SSL_CTX_set_options(ctx, options); + +-#if OPENSSL_VERSION_NUMBER >= 0x1010000fL ++#if (OPENSSL_VERSION_NUMBER >= 0x1010000fL) && !defined(LIBRESSL_VERSION_NUMBER) + if (global_ssl.async) + mode |= SSL_MODE_ASYNC; + #endif +@@ -4010,7 +4016,7 @@ int ssl_sock_prepare_srv_ctx(struct serv + options |= SSL_OP_NO_TICKET; + SSL_CTX_set_options(ctx, options); + +-#if OPENSSL_VERSION_NUMBER >= 0x1010000fL ++#if (OPENSSL_VERSION_NUMBER >= 0x1010000fL) && !defined(LIBRESSL_VERSION_NUMBER) + if (global_ssl.async) + mode |= SSL_MODE_ASYNC; + #endif +@@ -4526,7 +4532,7 @@ int ssl_sock_handshake(struct connection + fd_cant_recv(conn->t.sock.fd); + return 0; + } +-#if OPENSSL_VERSION_NUMBER >= 0x1010000fL ++#if (OPENSSL_VERSION_NUMBER >= 0x1010000fL) && !defined(LIBRESSL_VERSION_NUMBER) + else if (ret == SSL_ERROR_WANT_ASYNC) { + ssl_async_process_fds(conn, conn->xprt_ctx); + return 0; +@@ -4610,7 +4616,7 @@ int ssl_sock_handshake(struct connection + fd_cant_recv(conn->t.sock.fd); + return 0; + } +-#if OPENSSL_VERSION_NUMBER >= 0x1010000fL ++#if (OPENSSL_VERSION_NUMBER >= 0x1010000fL) && !defined(LIBRESSL_VERSION_NUMBER) + else if (ret == SSL_ERROR_WANT_ASYNC) { + ssl_async_process_fds(conn, conn->xprt_ctx); + return 0; +@@ -4802,7 +4808,7 @@ static int ssl_sock_to_buf(struct connec + fd_cant_recv(conn->t.sock.fd); + break; + } +-#if OPENSSL_VERSION_NUMBER >= 0x1010000fL ++#if (OPENSSL_VERSION_NUMBER >= 0x1010000fL) && !defined(LIBRESSL_VERSION_NUMBER) + else if (ret == SSL_ERROR_WANT_ASYNC) { + ssl_async_process_fds(conn, conn->xprt_ctx); + break; +@@ -4910,7 +4916,7 @@ static int ssl_sock_from_buf(struct conn + __conn_sock_want_recv(conn); + break; + } +-#if OPENSSL_VERSION_NUMBER >= 0x1010000fL ++#if (OPENSSL_VERSION_NUMBER >= 0x1010000fL) && !defined(LIBRESSL_VERSION_NUMBER) + else if (ret == SSL_ERROR_WANT_ASYNC) { + ssl_async_process_fds(conn, conn->xprt_ctx); + break; +@@ -4933,7 +4939,7 @@ static int ssl_sock_from_buf(struct conn + static void ssl_sock_close(struct connection *conn) { + + if (conn->xprt_ctx) { +-#if OPENSSL_VERSION_NUMBER >= 0x1010000fL ++#if (OPENSSL_VERSION_NUMBER >= 0x1010000fL) && !defined(LIBRESSL_VERSION_NUMBER) + if (global_ssl.async) { + OSSL_ASYNC_FD all_fd[32], afd; + size_t num_all_fds = 0; |