From owner-svn-ports-head@freebsd.org Wed Oct 11 07:17:16 2017 Return-Path: Delivered-To: svn-ports-head@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 39F12E48BA1; Wed, 11 Oct 2017 07:17:16 +0000 (UTC) (envelope-from madpilot@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id EE78F81998; Wed, 11 Oct 2017 07:17:15 +0000 (UTC) (envelope-from madpilot@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id v9B7HF3N038195; Wed, 11 Oct 2017 07:17:15 GMT (envelope-from madpilot@FreeBSD.org) Received: (from madpilot@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id v9B7HFJd038194; Wed, 11 Oct 2017 07:17:15 GMT (envelope-from madpilot@FreeBSD.org) Message-Id: <201710110717.v9B7HFJd038194@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: madpilot set sender to madpilot@FreeBSD.org using -f From: Guido Falsi Date: Wed, 11 Oct 2017 07:17:15 +0000 (UTC) To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r451734 - head/net/pjsip/files X-SVN-Group: ports-head X-SVN-Commit-Author: madpilot X-SVN-Commit-Paths: head/net/pjsip/files X-SVN-Commit-Revision: 451734 X-SVN-Commit-Repository: ports MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-ports-head@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: SVN commit messages for the ports tree for head List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 11 Oct 2017 07:17:16 -0000 Author: madpilot Date: Wed Oct 11 07:17:14 2017 New Revision: 451734 URL: https://svnweb.freebsd.org/changeset/ports/451734 Log: Update pjsip patch to work with libressl after the latest update to 2.7, which broke it. PR: 216898 Submitted by: OlivierW Modified: head/net/pjsip/files/patch-pjlib_src_pj_ssl__sock__ossl.c Modified: head/net/pjsip/files/patch-pjlib_src_pj_ssl__sock__ossl.c ============================================================================== --- head/net/pjsip/files/patch-pjlib_src_pj_ssl__sock__ossl.c Wed Oct 11 05:30:48 2017 (r451733) +++ head/net/pjsip/files/patch-pjlib_src_pj_ssl__sock__ossl.c Wed Oct 11 07:17:14 2017 (r451734) @@ -1,7 +1,7 @@ ---- pjlib/src/pj/ssl_sock_ossl.c.orig 2017-01-24 05:41:05 UTC +--- pjlib/src/pj/ssl_sock_ossl.c.orig 2017-09-14 05:03:45 UTC +++ pjlib/src/pj/ssl_sock_ossl.c -@@ -54,7 +54,7 @@ - #include +@@ -53,7 +53,7 @@ + #include #include -#if !defined(OPENSSL_NO_EC) && OPENSSL_VERSION_NUMBER >= 0x1000200fL @@ -9,7 +9,7 @@ # include -@@ -112,7 +112,7 @@ static unsigned get_nid_from_cid(unsigned cid) +@@ -111,7 +111,7 @@ static unsigned get_nid_from_cid(unsigned cid) #endif @@ -18,8 +18,42 @@ # define OPENSSL_NO_SSL2 /* seems to be removed in 1.1.0 */ # define M_ASN1_STRING_data(x) ASN1_STRING_get0_data(x) # define M_ASN1_STRING_length(x) ASN1_STRING_length(x) -@@ -452,7 +452,7 @@ static pj_status_t init_openssl(void) +@@ -126,7 +126,7 @@ static unsigned get_nid_from_cid(unsigned cid) + + #ifdef _MSC_VER +-# if OPENSSL_VERSION_NUMBER >= 0x10100000L ++# if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) + # pragma comment(lib, "libcrypto") + # pragma comment(lib, "libssl") + # pragma comment(lib, "crypt32") +@@ -535,13 +535,13 @@ static pj_status_t init_openssl(void) + pj_assert(status == PJ_SUCCESS); + + /* Init OpenSSL lib */ +-#if OPENSSL_VERSION_NUMBER < 0x10100000L ++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) + SSL_library_init(); + SSL_load_error_strings(); + #else + OPENSSL_init_ssl(0, NULL); + #endif +-#if OPENSSL_VERSION_NUMBER < 0x009080ffL ++#if OPENSSL_VERSION_NUMBER < 0x009080ffL || defined(LIBRESSL_VERSION_NUMBER) + /* This is now synonym of SSL_library_init() */ + OpenSSL_add_all_algorithms(); + #endif +@@ -556,7 +556,7 @@ static pj_status_t init_openssl(void) + int nid; + const char *cname; + +-#if OPENSSL_VERSION_NUMBER < 0x10100000L ++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) + meth = (SSL_METHOD*)SSLv23_server_method(); + if (!meth) + meth = (SSL_METHOD*)TLSv1_server_method(); +@@ -599,7 +599,7 @@ static pj_status_t init_openssl(void) + SSL_set_session(ssl, SSL_SESSION_new()); -#if !defined(OPENSSL_NO_EC) && OPENSSL_VERSION_NUMBER >= 0x1000200fL @@ -27,8 +61,44 @@ openssl_curves_num = SSL_get_shared_curve(ssl,-1); if (openssl_curves_num > PJ_ARRAY_SIZE(openssl_curves)) openssl_curves_num = PJ_ARRAY_SIZE(openssl_curves); -@@ -1069,7 +1069,7 @@ static pj_status_t set_cipher_list(pj_ssl_sock_t *ssoc +@@ -768,7 +768,7 @@ static pj_status_t create_ssl(pj_ssl_sock_t *ssock) + BIO *bio; + DH *dh; + long options; +-#if !defined(OPENSSL_NO_ECDH) && OPENSSL_VERSION_NUMBER >= 0x10000000L ++#if !defined(OPENSSL_NO_ECDH) && OPENSSL_VERSION_NUMBER >= 0x10000000L && !defined(LIBRESSL_VERSION_NUMBER) + EC_KEY *ecdh; + #endif + SSL_METHOD *ssl_method = NULL; +@@ -791,7 +791,7 @@ static pj_status_t create_ssl(pj_ssl_sock_t *ssock) + ssock->param.proto = PJ_SSL_SOCK_PROTO_SSL23; + /* Determine SSL method to use */ +-#if OPENSSL_VERSION_NUMBER < 0x10100000L ++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) + switch (ssock->param.proto) { + case PJ_SSL_SOCK_PROTO_TLS1: + ssl_method = (SSL_METHOD*)TLSv1_method(); +@@ -927,7 +927,7 @@ static pj_status_t create_ssl(pj_ssl_sock_t *ssock) + if (dh != NULL) { + if (SSL_CTX_set_tmp_dh(ctx, dh)) { + options = SSL_OP_CIPHER_SERVER_PREFERENCE | +- #if !defined(OPENSSL_NO_ECDH) && OPENSSL_VERSION_NUMBER >= 0x10000000L ++ #if !defined(OPENSSL_NO_ECDH) && OPENSSL_VERSION_NUMBER >= 0x10000000L && !defined(LIBRESSL_VERSION_NUMBER) + SSL_OP_SINGLE_ECDH_USE | + #endif + SSL_OP_SINGLE_DH_USE; +@@ -995,7 +995,7 @@ static pj_status_t create_ssl(pj_ssl_sock_t *ssock) + if (SSL_CTX_ctrl(ctx, SSL_CTRL_SET_ECDH_AUTO, 1, NULL)) { + PJ_LOG(4,(ssock->pool->obj_name, "SSL ECDH initialized " + "(automatic), faster PFS ciphers enabled")); +- #if !defined(OPENSSL_NO_ECDH) && OPENSSL_VERSION_NUMBER >= 0x10000000L ++ #if !defined(OPENSSL_NO_ECDH) && OPENSSL_VERSION_NUMBER >= 0x10000000L && !defined(LIBRESSL_VERSION_NUMBER) + } else { + /* enables AES-128 ciphers, to get AES-256 use NID_secp384r1 */ + ecdh = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1); +@@ -1228,7 +1228,7 @@ static pj_status_t set_cipher_list(pj_ssl_sock_t *ssoc + static pj_status_t set_curves_list(pj_ssl_sock_t *ssock) { -#if !defined(OPENSSL_NO_EC) && OPENSSL_VERSION_NUMBER >= 0x1000200fL @@ -36,7 +106,7 @@ int ret; int curves[PJ_SSL_SOCK_MAX_CURVES]; unsigned cnt; -@@ -1100,7 +1100,7 @@ static pj_status_t set_curves_list(pj_ssl_sock_t *ssoc +@@ -1259,7 +1259,7 @@ static pj_status_t set_curves_list(pj_ssl_sock_t *ssoc static pj_status_t set_sigalgs(pj_ssl_sock_t *ssock) {