From owner-svn-ports-all@freebsd.org Wed Jul 26 11:57:02 2017 Return-Path: Delivered-To: svn-ports-all@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 1DB7BDBC4B9; Wed, 26 Jul 2017 11:57:02 +0000 (UTC) (envelope-from brnrd@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id B714C676; Wed, 26 Jul 2017 11:57:01 +0000 (UTC) (envelope-from brnrd@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id v6QBv0Le053474; Wed, 26 Jul 2017 11:57:00 GMT (envelope-from brnrd@FreeBSD.org) Received: (from brnrd@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id v6QBv0V2053473; Wed, 26 Jul 2017 11:57:00 GMT (envelope-from brnrd@FreeBSD.org) Message-Id: <201707261157.v6QBv0V2053473@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: brnrd set sender to brnrd@FreeBSD.org using -f From: Bernard Spil Date: Wed, 26 Jul 2017 11:57:00 +0000 (UTC) To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r446652 - head/net/haproxy/files X-SVN-Group: ports-head X-SVN-Commit-Author: brnrd X-SVN-Commit-Paths: head/net/haproxy/files X-SVN-Commit-Revision: 446652 X-SVN-Commit-Repository: ports MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-ports-all@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: SVN commit messages for the ports tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 26 Jul 2017 11:57:02 -0000 Author: brnrd Date: Wed Jul 26 11:57:00 2017 New Revision: 446652 URL: https://svnweb.freebsd.org/changeset/ports/446652 Log: net/haproxy: Fix build with LibreSSL 2.5.3+ - Add defines SSL_CTRL_GET_TLSEXT_STATUS_REQ_CB from OpenSSL 1.1 - Add 1.6 patch from OpenBSD (last 2 chunks) PR: 218586 Obtained from: OpenBSD Modified: head/net/haproxy/files/patch-src_ssl__sock.c Modified: head/net/haproxy/files/patch-src_ssl__sock.c ============================================================================== --- head/net/haproxy/files/patch-src_ssl__sock.c Wed Jul 26 09:04:24 2017 (r446651) +++ head/net/haproxy/files/patch-src_ssl__sock.c Wed Jul 26 11:57:00 2017 (r446652) @@ -1,20 +1,19 @@ ---- src/ssl_sock.c.orig 2017-04-03 08:28:32 UTC +--- src/ssl_sock.c.orig 2017-07-07 09:49:34 UTC +++ src/ssl_sock.c -@@ -794,8 +795,11 @@ static int ssl_sock_load_ocsp(SSL_CTX *c +@@ -794,8 +794,11 @@ static int ssl_sock_load_ocsp(SSL_CTX *c ocsp = NULL; #ifndef SSL_CTX_get_tlsext_status_cb --# define SSL_CTX_get_tlsext_status_cb(ctx, cb) \ -- *cb = (void (*) (void))ctx->tlsext_status_cb; +#ifndef SSL_CTRL_GET_TLSEXT_STATUS_REQ_CB +#define SSL_CTRL_GET_TLSEXT_STATUS_REQ_CB 128 +#endif -+#define SSL_CTX_get_tlsext_status_cb(ctx, cb) \ + # define SSL_CTX_get_tlsext_status_cb(ctx, cb) \ +- *cb = (void (*) (void))ctx->tlsext_status_cb; + *cb = SSL_CTX_ctrl(ctx,SSL_CTRL_GET_TLSEXT_STATUS_REQ_CB,0, (void (**)(void))cb) #endif SSL_CTX_get_tlsext_status_cb(ctx, &callback); -@@ -823,7 +827,10 @@ static int ssl_sock_load_ocsp(SSL_CTX *c +@@ -823,7 +826,10 @@ static int ssl_sock_load_ocsp(SSL_CTX *c int key_type; EVP_PKEY *pkey; @@ -26,7 +25,7 @@ SSL_CTX_ctrl(ctx, SSL_CTRL_GET_TLSEXT_STATUS_REQ_CB_ARG, 0, &cb_arg); #else cb_arg = ctx->tlsext_status_arg; -@@ -3539,7 +3546,7 @@ int ssl_sock_handshake(struct connection +@@ -3539,7 +3545,7 @@ int ssl_sock_handshake(struct connection OSSL_HANDSHAKE_STATE state = SSL_get_state((SSL *)conn->xprt_ctx); empty_handshake = state == TLS_ST_BEFORE; #else @@ -35,7 +34,7 @@ #endif if (empty_handshake) { -@@ -3617,7 +3624,7 @@ int ssl_sock_handshake(struct connection +@@ -3617,7 +3623,7 @@ int ssl_sock_handshake(struct connection state = SSL_get_state((SSL *)conn->xprt_ctx); empty_handshake = state == TLS_ST_BEFORE; #else