Date: Tue, 30 Mar 2021 12:10:31 +0000 (UTC) From: Alexey Dokuchaev <danfe@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r569552 - in head/www/squid3: . files Message-ID: <202103301210.12UCAVwr039009@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: danfe Date: Tue Mar 30 12:10:31 2021 New Revision: 569552 URL: https://svnweb.freebsd.org/changeset/ports/569552 Log: Resolve contradiction between BROKEN_SSL=openssl and advice to add DEFAULT_VERSIONS+=ssl=openssl to /etc/make.conf as a workaround. Squid 3.5 requires pre-1.1 versions of OpenSSL, and that can be only satisfied by the base system on 11.x versions of FreeBSD; doing the DEFAULT_VERSIONS+=ssl=openssl would not work. Unfortunately, making proper conversion from CRYPTO_LOCK_SSL_* to new multi-threading API does not look feasible. Fortunately, LibreSSL could be used as a drop-in replacement. That said, change the advice to use DEFAULT_VERSIONS+=ssl=libressl instead, and add a couple of minor patches to unbreak the build. Added: head/www/squid3/files/patch-src_enums.h (contents, props changed) head/www/squid3/files/patch-src_ssl_gadgets.cc (contents, props changed) head/www/squid3/files/patch-src_ssl_support.cc (contents, props changed) Modified: head/www/squid3/Makefile Modified: head/www/squid3/Makefile ============================================================================== --- head/www/squid3/Makefile Tue Mar 30 12:08:22 2021 (r569551) +++ head/www/squid3/Makefile Tue Mar 30 12:10:31 2021 (r569552) @@ -283,7 +283,7 @@ WITH_DEBUG?= yes CONFIGURE_ARGS+= ${SQUID_CONFIGURE_ARGS} .if ${PORT_OPTIONS:MSSL} && ${OPSYS} == FreeBSD && ${OSVERSION} >= 1200085 && ${SSL_DEFAULT} == base -BROKEN= Does not build on FreeBSD 12 with OpenSSL 1.1. You may add DEFAULT_VERSIONS+=ssl=openssl to /etc/make.conf as a workaround +BROKEN= does not build with OpenSSL 1.1; you may add DEFAULT_VERSIONS+=ssl=libressl to /etc/make.conf as a workaround .endif post-patch: Added: head/www/squid3/files/patch-src_enums.h ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/www/squid3/files/patch-src_enums.h Tue Mar 30 12:10:31 2021 (r569552) @@ -0,0 +1,11 @@ +--- src/enums.h.orig 2018-07-15 20:46:55 UTC ++++ src/enums.h +@@ -9,6 +9,8 @@ + #ifndef SQUID_ENUMS_H + #define SQUID_ENUMS_H + ++#undef FD_NONE ++ + enum fd_type { + FD_NONE, + FD_LOG, Added: head/www/squid3/files/patch-src_ssl_gadgets.cc ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/www/squid3/files/patch-src_ssl_gadgets.cc Tue Mar 30 12:10:31 2021 (r569552) @@ -0,0 +1,11 @@ +--- src/ssl/gadgets.cc.orig 2018-07-15 20:46:55 UTC ++++ src/ssl/gadgets.cc +@@ -321,7 +321,7 @@ mimicExtensions(Ssl::X509_Pointer & cert, Ssl::X509_Po + &ext_der, + (const ASN1_ITEM *)ASN1_ITEM_ptr(method->it)); + +- ASN1_OCTET_STRING *ext_oct = M_ASN1_OCTET_STRING_new(); ++ ASN1_OCTET_STRING *ext_oct = ASN1_OCTET_STRING_new(); + ext_oct->data = ext_der; + ext_oct->length = ext_len; + X509_EXTENSION_set_data(ext, ext_oct); Added: head/www/squid3/files/patch-src_ssl_support.cc ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/www/squid3/files/patch-src_ssl_support.cc Tue Mar 30 12:10:31 2021 (r569552) @@ -0,0 +1,11 @@ +--- src/ssl/support.cc.orig 2018-07-15 20:46:55 UTC ++++ src/ssl/support.cc +@@ -2159,7 +2159,7 @@ remove_session_cb(SSL_CTX *, SSL_SESSION *sessionID) + } + + static SSL_SESSION * +-get_session_cb(SSL *, unsigned char *sessionID, int len, int *copy) ++get_session_cb(SSL *, const unsigned char *sessionID, int len, int *copy) + { + if (!SslSessionCache) + return NULL;
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202103301210.12UCAVwr039009>