From owner-svn-ports-all@FreeBSD.ORG Mon Mar 23 22:44:08 2015 Return-Path: Delivered-To: svn-ports-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 45544897; Mon, 23 Mar 2015 22:44:08 +0000 (UTC) Received: from mail.egr.msu.edu (boomhauer.egr.msu.edu [35.9.37.167]) by mx1.freebsd.org (Postfix) with ESMTP id 1DF37A3A; Mon, 23 Mar 2015 22:44:07 +0000 (UTC) Received: from boomhauer (localhost [127.0.0.1]) by mail.egr.msu.edu (Postfix) with ESMTP id 2980D33FB2; Mon, 23 Mar 2015 18:44:05 -0400 (EDT) X-Virus-Scanned: amavisd-new at egr.msu.edu Received: from mail.egr.msu.edu ([127.0.0.1]) by boomhauer (boomhauer.egr.msu.edu [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0gcsn25Ouh9i; Mon, 23 Mar 2015 18:44:04 -0400 (EDT) Received: from EGR authenticated sender mcdouga9 Message-ID: <55109734.4030604@egr.msu.edu> Date: Mon, 23 Mar 2015 18:44:04 -0400 From: Adam McDougall User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:31.0) Gecko/20100101 Thunderbird/31.5.0 MIME-Version: 1.0 To: Jung-uk Kim Subject: Re: svn commit: r382053 - head/mail/courier/files References: <201503232235.t2NMZhGl045433@svn.freebsd.org> In-Reply-To: <201503232235.t2NMZhGl045433@svn.freebsd.org> Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: 7bit Cc: svn-ports-all@freebsd.org X-BeenThere: svn-ports-all@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: SVN commit messages for the ports tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 23 Mar 2015 22:44:08 -0000 On 03/23/2015 18:35, Jung-uk Kim wrote: > Author: jkim > Date: Mon Mar 23 22:35:42 2015 > New Revision: 382053 > URL: https://svnweb.freebsd.org/changeset/ports/382053 > QAT: https://qat.redports.org/buildarchive/r382053/ > > Log: > Fix build on head with the base OpenSSL. SSLv2 is no longer available. > > Added: > head/mail/courier/files/patch-tcpd__libcouriertls.c (contents, props changed) > > Added: head/mail/courier/files/patch-tcpd__libcouriertls.c > ============================================================================== > --- /dev/null 00:00:00 1970 (empty, because file is newly added) > +++ head/mail/courier/files/patch-tcpd__libcouriertls.c Mon Mar 23 22:35:42 2015 (r382053) > @@ -0,0 +1,15 @@ > +--- tcpd/libcouriertls.c.orig 2009-11-21 15:07:32.000000000 -0500 > ++++ tcpd/libcouriertls.c 2015-03-23 18:04:57.776710000 -0400 > +@@ -551,8 +551,10 @@ > + if (!protocol || !*protocol) > + protocol="SSL23"; > + > +- ctx=SSL_CTX_new(protocol && strcmp(protocol, "SSL2") == 0 > +- ? SSLv2_method(): > ++ ctx=SSL_CTX_new( > ++#ifndef OPENSSL_NO_SSL2 > ++ protocol && strcmp(protocol, "SSL2") == 0 ? SSLv2_method(): > ++#endif > + protocol && strcmp(protocol, "SSL3") == 0 ? SSLv3_method(): > + protocol && strcmp(protocol, "SSL23") == 0 ? SSLv23_method(): > + TLSv1_method()); Could you please consider instead the more complete patch in Bug 198399? https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=198399 Lots of tested patches for SSL2 (and v3) already exist at: https://wiki.freebsd.org/LibreSSL and patches that only conditionalize SSL2 will make a previously prepared patch not apply, increasing future work. Thanks.