Date: Mon, 19 Jun 2023 12:21:35 GMT From: Mateusz Piotrowski <0mp@FreeBSD.org> To: ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-main@FreeBSD.org Subject: git: c9ba90c07ddc - main - net/relayd: Update to 7.3.2023.05.09-p2 Message-ID: <202306191221.35JCLZpI065769@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help
The branch main has been updated by 0mp: URL: https://cgit.FreeBSD.org/ports/commit/?id=c9ba90c07ddc5b9f4232f831cf301fdc939303f3 commit c9ba90c07ddc5b9f4232f831cf301fdc939303f3 Author: Mateusz Piotrowski <0mp@FreeBSD.org> AuthorDate: 2023-06-19 12:20:35 +0000 Commit: Mateusz Piotrowski <0mp@FreeBSD.org> CommitDate: 2023-06-19 12:20:35 +0000 net/relayd: Update to 7.3.2023.05.09-p2 This version is in sync with the relayd version present in the OpenBSD main branch as of 2023.05.09. While here: - Switch to a new repository where FreeBSD relayd is now maintained. This is where we moved many of the port's patches to clean up the files/ directory. - Take maintainership as agreed via email with the current maintainer. Sponsored by: Modirum MDPay Sponsored by: Klara, Inc. Co-authored-by: Dave Cottlehuber <dch@FreeBSD.org> --- net/relayd/Makefile | 63 ++++++++++----------- net/relayd/distinfo | 6 +- net/relayd/files/patch-relayd_Makefile | 12 ---- net/relayd/files/patch-relayd_parse.y | 11 ---- net/relayd/files/patch-relayd_relay.c | 49 ---------------- net/relayd/files/patch-relayd_relayd.8 | 20 ------- net/relayd/files/patch-relayd_relayd.c | 12 ---- net/relayd/files/patch-relayd_relayd.conf.5 | 88 ----------------------------- net/relayd/files/patch-relayd_relayd.h | 62 -------------------- 9 files changed, 33 insertions(+), 290 deletions(-) diff --git a/net/relayd/Makefile b/net/relayd/Makefile index 953174fc3bbe..1f7dbc25a9e1 100644 --- a/net/relayd/Makefile +++ b/net/relayd/Makefile @@ -1,57 +1,54 @@ PORTNAME= relayd -PORTVERSION= 5.5.20140810 -PORTREVISION= 8 +DISTVERSION= 7.3.2023.05.09-p2 CATEGORIES= net +MASTER_SITES= https://github.com/KlaraSystems/freebsd-relayd/releases/download/${DISTVERSION}/ -MAINTAINER= koue@chaosophia.net +MAINTAINER= 0mp@FreeBSD.org COMMENT= OpenBSD relay daemon -WWW= https://github.com/mmatuska/relayd +WWW= https://github.com/KlaraSystems/freebsd-relayd LICENSE= ISCL -BROKEN= fails to build - USES= ssl uidfix -BROKEN_SSL= openssl30 openssl31 -BROKEN_SSL_REASON= Fails to build with OpenSSL 3.0.0 and later -USE_GITHUB= yes -GH_ACCOUNT= mmatuska - USE_RC_SUBR= relayd -MAKE_ARGS+= BINDIR=${PREFIX}/sbin \ - MANDIR=${PREFIX}/man/man -CFLAGS+= -Wall - -WRKSRC_SUBDIR= src/usr.sbin +HAS_CONFIGURE= yes USERS= _relayd GROUPS= _relayd -post-install: - ${INSTALL_DATA} ${WRKSRC}/../etc/relayd.conf \ - ${STAGEDIR}${PREFIX}/etc/relayd.conf.sample - .include <bsd.port.pre.mk> -.if ! ${SSL_DEFAULT:Mlibressl*} +.if !${SSL_DEFAULT:Mlibressl*} +_LIBRESSL_ORIGIN= security/libressl . ifnmake describe -STAGEDIR_libressl!= ${MAKE} -V STAGEDIR -C ${PORTSDIR}/security/libressl +STAGEDIR_libressl!= ${MAKE} -V STAGEDIR -C ${PORTSDIR}/${_LIBRESSL_ORIGIN} . endif -BUILD_DEPENDS+= ${NONEXISTENT}:security/libressl:stage +BUILD_DEPENDS+= ${NONEXISTENT}:${_LIBRESSL_ORIGIN}:stage .endif # SSL_DEFAULT -CFLAGS+= -I${STAGEDIR_libressl}${LOCALBASE}/include +MAKE_ENV= LIBCRYPTO=${STAGEDIR_libressl}${LOCALBASE}/lib/libcrypto.a \ + LIBSSL=${STAGEDIR_libressl}${LOCALBASE}/lib/libssl.a \ + LIBTLS=${STAGEDIR_libressl}${LOCALBASE}/lib/libtls.a \ + OPENSSLINCDIR=${STAGEDIR_libressl}${LOCALBASE}/include -post-configure: +post-patch: ${REINPLACE_CMD} -e 's|%%PREFIX%%|${PREFIX}|g' \ - ${WRKSRC}/relayd/relay.c \ - ${WRKSRC}/relayd/relayd.h \ - ${WRKSRC}/relayd/relayd.conf.5 \ - ${WRKSRC}/relayd/relayd.8 - ${REINPLACE_CMD} 's|-lssl|${STAGEDIR_libressl}${LOCALBASE}/lib/libssl.a|g' \ - ${WRKSRC}/relayd/Makefile - ${REINPLACE_CMD} 's|-lcrypto|${STAGEDIR_libressl}${LOCALBASE}/lib/libcrypto.a|g' \ - ${WRKSRC}/relayd/Makefile + ${WRKSRC}/usr.sbin/relayd/relayd.conf.5 \ + ${WRKSRC}/usr.sbin/relayd/relayd.8 + +do-install: + ${INSTALL_DATA} ${WRKSRC}/etc/examples/relayd.conf \ + ${STAGEDIR}${PREFIX}/etc/relayd.conf.sample + ${INSTALL_MAN} ${WRKSRC}/usr.sbin/relayctl/relayctl.8 \ + ${STAGEDIR}${MANPREFIX}/man/man8/ + ${INSTALL_MAN} ${WRKSRC}/usr.sbin/relayd/relayd.8 \ + ${STAGEDIR}${MANPREFIX}/man/man8/ + ${INSTALL_MAN} ${WRKSRC}/usr.sbin/relayd/relayd.conf.5 \ + ${STAGEDIR}${MANPREFIX}/man/man5/ + ${INSTALL_PROGRAM} ${WRKSRC}/usr.sbin/relayctl/relayctl \ + ${STAGEDIR}${PREFIX}/sbin/ + ${INSTALL_PROGRAM} ${WRKSRC}/usr.sbin/relayd/relayd \ + ${STAGEDIR}${PREFIX}/sbin/ .include <bsd.port.post.mk> diff --git a/net/relayd/distinfo b/net/relayd/distinfo index 03f684a49645..137ee8c01045 100644 --- a/net/relayd/distinfo +++ b/net/relayd/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1557969145 -SHA256 (mmatuska-relayd-5.5.20140810_GH0.tar.gz) = 7acde883a8ee35b65dd58ac56d344f374eb15755bfb27310ce2c0bc6ebe87588 -SIZE (mmatuska-relayd-5.5.20140810_GH0.tar.gz) = 179424 +TIMESTAMP = 1686938968 +SHA256 (relayd-7.3.2023.05.09-p2.tar.gz) = c1bcd2cf6bdbbc32b776e8b73832a63923db4c0702c1a1f85868cff9777685f7 +SIZE (relayd-7.3.2023.05.09-p2.tar.gz) = 1308160 diff --git a/net/relayd/files/patch-relayd_Makefile b/net/relayd/files/patch-relayd_Makefile deleted file mode 100644 index 08b89f0f61c9..000000000000 --- a/net/relayd/files/patch-relayd_Makefile +++ /dev/null @@ -1,12 +0,0 @@ ---- relayd/Makefile.orig 2014-08-10 20:08:47 UTC -+++ relayd/Makefile -@@ -28,8 +28,7 @@ SRCS+= parse.y \ - relay_udp.c \ - relayd.c \ - shuffle.c \ -- ssl.c \ -- ssl_privsep.c -+ ssl.c - - .PATH: ${.CURDIR}/../../../libevent - SRCS+= buffer.c \ diff --git a/net/relayd/files/patch-relayd_parse.y b/net/relayd/files/patch-relayd_parse.y deleted file mode 100644 index bb3b1f8eb912..000000000000 --- a/net/relayd/files/patch-relayd_parse.y +++ /dev/null @@ -1,11 +0,0 @@ ---- relayd/parse.y.orig 2014-08-10 20:08:47 UTC -+++ relayd/parse.y -@@ -55,6 +55,8 @@ - - #include <openssl/ssl.h> - -+#define IN_MAIN -+ - #include "relayd.h" - #include "http.h" - // FreeBSD #include "snmp.h" diff --git a/net/relayd/files/patch-relayd_relay.c b/net/relayd/files/patch-relayd_relay.c deleted file mode 100644 index cb0c2378a152..000000000000 --- a/net/relayd/files/patch-relayd_relay.c +++ /dev/null @@ -1,49 +0,0 @@ ---- relayd/relay.c.orig 2014-08-10 20:08:47 UTC -+++ relayd/relay.c -@@ -2097,7 +2097,7 @@ relay_ssl_ctx_create(struct relay *rlay) - /* Verify the server certificate if we have a CA chain */ - if ((rlay->rl_conf.flags & F_SSLCLIENT) && - (rlay->rl_ssl_ca != NULL)) { -- if (!ssl_ctx_load_verify_memory(ctx, -+ if (!SSL_CTX_load_verify_mem(ctx, - rlay->rl_ssl_ca, rlay->rl_conf.ssl_ca_len)) - goto err; - SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER, NULL); -@@ -2107,7 +2107,7 @@ relay_ssl_ctx_create(struct relay *rlay) - return (ctx); - - log_debug("%s: loading certificate", __func__); -- if (!ssl_ctx_use_certificate_chain(ctx, -+ if (!SSL_CTX_use_certificate_chain_mem(ctx, - rlay->rl_ssl_cert, rlay->rl_conf.ssl_cert_len)) - goto err; - -@@ -2716,12 +2716,12 @@ relay_load_certfiles(struct relay *rlay) - return (-1); - - if (snprintf(certfile, sizeof(certfile), -- "/usr/local/etc/ssl/%s:%u.crt", hbuf, useport) == -1) -+ "%%PREFIX%%/etc/ssl/%s:%u.crt", hbuf, useport) == -1) - return (-1); - if ((rlay->rl_ssl_cert = relay_load_file(certfile, - &rlay->rl_conf.ssl_cert_len)) == NULL) { - if (snprintf(certfile, sizeof(certfile), -- "/usr/local/etc/ssl/%s.crt", hbuf) == -1) -+ "%%PREFIX%%/etc/ssl/%s.crt", hbuf) == -1) - return (-1); - if ((rlay->rl_ssl_cert = relay_load_file(certfile, - &rlay->rl_conf.ssl_cert_len)) == NULL) -@@ -2732,11 +2732,11 @@ relay_load_certfiles(struct relay *rlay) - - if (useport) { - if (snprintf(certfile, sizeof(certfile), -- "/usr/local/etc/ssl/private/%s:%u.key", hbuf, useport) == -1) -+ "%%PREFIX%%/etc/ssl/private/%s:%u.key", hbuf, useport) == -1) - return -1; - } else { - if (snprintf(certfile, sizeof(certfile), -- "/usr/local/etc/ssl/private/%s.key", hbuf) == -1) -+ "%%PREFIX%%/etc/ssl/private/%s.key", hbuf) == -1) - return -1; - } - if ((rlay->rl_ssl_key = ssl_load_key(env, certfile, diff --git a/net/relayd/files/patch-relayd_relayd.8 b/net/relayd/files/patch-relayd_relayd.8 deleted file mode 100644 index 81b0079f9f6b..000000000000 --- a/net/relayd/files/patch-relayd_relayd.8 +++ /dev/null @@ -1,20 +0,0 @@ ---- relayd/relayd.8.orig 2014-08-10 20:08:47 UTC -+++ relayd/relayd.8 -@@ -114,7 +114,7 @@ will run in the foreground and log to - .It Fl f Ar file - Specify an alternative configuration file. - The default is --.Pa /usr/local/etc/relayd.conf . -+.Pa %%PREFIX%%/etc/relayd.conf . - .It Fl n - Configtest mode. - Only check the configuration file for validity. -@@ -123,7 +123,7 @@ Produce more verbose output. - .El - .Sh FILES - .Bl -tag -width "/var/run/relayd.sockXX" -compact --.It /usr/local/etc/relayd.conf -+.It %%PREFIX%%/etc/relayd.conf - Default configuration file. - .It /var/run/relayd.sock - .Ux Ns -domain diff --git a/net/relayd/files/patch-relayd_relayd.c b/net/relayd/files/patch-relayd_relayd.c deleted file mode 100644 index 41218a84b767..000000000000 --- a/net/relayd/files/patch-relayd_relayd.c +++ /dev/null @@ -1,12 +0,0 @@ ---- relayd/relayd.c.orig 2014-08-10 20:08:47 UTC -+++ relayd/relayd.c -@@ -241,8 +241,7 @@ main(int argc, char *argv[]) - log_info("startup"); - - #ifdef __FreeBSD__ --#if __FreeBSD_version > 800040 -- arc4random_stir(); -+#if __FreeBSD_version > 1000002 - arc4random_buf(rnd, sizeof(rnd)); - RAND_seed(rnd, sizeof(rnd)); - #else diff --git a/net/relayd/files/patch-relayd_relayd.conf.5 b/net/relayd/files/patch-relayd_relayd.conf.5 deleted file mode 100644 index de5730cdb6e7..000000000000 --- a/net/relayd/files/patch-relayd_relayd.conf.5 +++ /dev/null @@ -1,88 +0,0 @@ ---- relayd/relayd.conf.5.orig 2014-08-10 20:08:47 UTC -+++ relayd/relayd.conf.5 -@@ -90,7 +90,7 @@ Additional configuration files can be included with th - .Ic include - keyword, for example: - .Bd -literal -offset indent --include "/usr/local/etc/relayd.conf.local" -+include "%%PREFIX%%/etc/relayd.conf.local" - .Ed - .Sh MACROS - Macros can be defined that will later be expanded in context. -@@ -304,7 +304,7 @@ Execute an external program to check the host state. - The program will be executed for each host by specifying the hostname - on the command line: - .Bd -literal -offset indent --/usr/local/bin/checkload.pl front-www1.private.example.com -+%%PREFIX%%/bin/checkload.pl front-www1.private.example.com - .Ed - .Pp - .Xr relayd 8 -@@ -624,18 +624,18 @@ If the - keyword is present, the relay will accept connections using the - encrypted SSL protocol. - The relay will attempt to look up a private key in --.Pa /usr/local/etc/ssl/private/address:port.key -+.Pa %%PREFIX%%/etc/ssl/private/address:port.key - and a public certificate in --.Pa /usr/local/etc/ssl/address:port.crt , -+.Pa %%PREFIX%%/etc/ssl/address:port.crt , - where - .Ar address - is the specified IP address and - .Ar port - is the specified port that the relay listens on. - If these files are not present, the relay will continue to look in --.Pa /usr/local/etc/ssl/private/address.key -+.Pa %%PREFIX%%/etc/ssl/private/address.key - and --.Pa /usr/local/etc/ssl/address.crt . -+.Pa %%PREFIX%%/etc/ssl/address.crt . - See - .Xr ssl 8 - for details about SSL server certificates. -@@ -1256,18 +1256,18 @@ as detailed for the - directive above. - .El - .Sh FILES --.Bl -tag -width "/usr/local/etc/ssl/private/address.keyXX" -compact --.It Pa /usr/local/etc/relayd.conf -+.Bl -tag -width "%%PREFIX%%/etc/ssl/private/address.keyXX" -compact -+.It Pa %%PREFIX%%/etc/relayd.conf - .Xr relayd 8 - configuration file. - .Pp - .It Pa /etc/services - Service name database. - .Pp --.It Pa /usr/local/etc/ssl/address.crt --.It Pa /usr/local/etc/ssl/address:port.crt --.It Pa /usr/local/etc/ssl/private/address.key --.It Pa /usr/local/etc/ssl/private/address:port.key -+.It Pa %%PREFIX%%/etc/ssl/address.crt -+.It Pa %%PREFIX%%/etc/ssl/address:port.crt -+.It Pa %%PREFIX%%/etc/ssl/private/address.key -+.It Pa %%PREFIX%%/etc/ssl/private/address:port.key - Location of the relay SSL server certificates, where - .Ar address - is the configured IP address -@@ -1275,7 +1275,7 @@ and - .Ar port - is the configured port number of the relay. - .Pp --.It Pa /usr/local/etc/ssl/cert.pem -+.It Pa %%PREFIX%%/etc/ssl/cert.pem - Default location of the CA bundle that can be used with - .Xr relayd 8 . - .El -@@ -1383,8 +1383,8 @@ section. - To start, first generate a new local CA key and certificate: - .Bd -literal -offset indent - # openssl req -x509 -days 365 -newkey rsa:2048 \e -- -keyout /usr/local/etc/ssl/private/ca.key \e -- -out /usr/local/etc/etc/ssl/ca.crt -+ -keyout %%PREFIX%%/etc/ssl/private/ca.key \e -+ -out %%PREFIX%%/etc/etc/ssl/ca.crt - .Ed - .Pp - An SSL server key and self-signed cert for 127.0.0.1 are also required; diff --git a/net/relayd/files/patch-relayd_relayd.h b/net/relayd/files/patch-relayd_relayd.h deleted file mode 100644 index cbde779fb369..000000000000 --- a/net/relayd/files/patch-relayd_relayd.h +++ /dev/null @@ -1,62 +0,0 @@ ---- relayd/relayd.h.orig 2014-08-10 20:08:47 UTC -+++ relayd/relayd.h -@@ -21,6 +21,12 @@ - #ifndef _RELAYD_H - #define _RELAYD_H - -+#ifdef IN_MAIN -+#define EXTERN -+#else -+#define EXTERN extern -+#endif -+ - #include <sys/tree.h> - - #include <sys/param.h> /* MAXHOSTNAMELEN */ -@@ -34,7 +40,7 @@ - #include <imsg.h> - - #ifdef __FreeBSD__ --#define CONF_FILE "/usr/local/etc/relayd.conf" -+#define CONF_FILE "%%PREFIX%%/etc/relayd.conf" - #else - #define CONF_FILE "/etc/relayd.conf" - #endif -@@ -867,11 +873,13 @@ struct control_sock { - }; - TAILQ_HEAD(control_socks, control_sock); - --struct { -+struct control_state { - struct event ev; - int fd; --} control_state; -+}; - -+EXTERN struct control_state control_state; -+ - enum blockmodes { - BM_NORMAL, - BM_NONBLOCK -@@ -978,7 +986,9 @@ enum privsep_procid { - PROC_PFE, - PROC_CA, - PROC_MAX --} privsep_process; -+}; -+ -+EXTERN enum privsep_procid privsep_process; - - /* Attach the control socket to the following process */ - #define PROC_CONTROL PROC_PFE -@@ -1242,10 +1252,6 @@ int ssl_load_pkey(const void *, size_t, char *, off_t - X509 **, EVP_PKEY **); - int ssl_ctx_fake_private_key(SSL_CTX *, const void *, size_t, - char *, off_t, X509 **, EVP_PKEY **); -- --/* ssl_privsep.c */ --int ssl_ctx_use_certificate_chain(SSL_CTX *, char *, off_t); --int ssl_ctx_load_verify_memory(SSL_CTX *, char *, off_t); - - /* ca.c */ - pid_t ca(struct privsep *, struct privsep_proc *);
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202306191221.35JCLZpI065769>