From owner-svn-ports-head@freebsd.org Tue Mar 30 12:10:32 2021 Return-Path: Delivered-To: svn-ports-head@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 691035C3F28; Tue, 30 Mar 2021 12:10:32 +0000 (UTC) (envelope-from danfe@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4F8pDm2ccBz4d1p; Tue, 30 Mar 2021 12:10:32 +0000 (UTC) (envelope-from danfe@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4CA51260B6; Tue, 30 Mar 2021 12:10:32 +0000 (UTC) (envelope-from danfe@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id 12UCAWaQ039013; Tue, 30 Mar 2021 12:10:32 GMT (envelope-from danfe@FreeBSD.org) Received: (from danfe@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id 12UCAVwr039009; Tue, 30 Mar 2021 12:10:31 GMT (envelope-from danfe@FreeBSD.org) Message-Id: <202103301210.12UCAVwr039009@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: danfe set sender to danfe@FreeBSD.org using -f From: Alexey Dokuchaev Date: Tue, 30 Mar 2021 12:10:31 +0000 (UTC) To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r569552 - in head/www/squid3: . files X-SVN-Group: ports-head X-SVN-Commit-Author: danfe X-SVN-Commit-Paths: in head/www/squid3: . files X-SVN-Commit-Revision: 569552 X-SVN-Commit-Repository: ports MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-ports-head@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: SVN commit messages for the ports tree for head List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 30 Mar 2021 12:10:32 -0000 Author: danfe Date: Tue Mar 30 12:10:31 2021 New Revision: 569552 URL: https://svnweb.freebsd.org/changeset/ports/569552 Log: Resolve contradiction between BROKEN_SSL=openssl and advice to add DEFAULT_VERSIONS+=ssl=openssl to /etc/make.conf as a workaround. Squid 3.5 requires pre-1.1 versions of OpenSSL, and that can be only satisfied by the base system on 11.x versions of FreeBSD; doing the DEFAULT_VERSIONS+=ssl=openssl would not work. Unfortunately, making proper conversion from CRYPTO_LOCK_SSL_* to new multi-threading API does not look feasible. Fortunately, LibreSSL could be used as a drop-in replacement. That said, change the advice to use DEFAULT_VERSIONS+=ssl=libressl instead, and add a couple of minor patches to unbreak the build. Added: head/www/squid3/files/patch-src_enums.h (contents, props changed) head/www/squid3/files/patch-src_ssl_gadgets.cc (contents, props changed) head/www/squid3/files/patch-src_ssl_support.cc (contents, props changed) Modified: head/www/squid3/Makefile Modified: head/www/squid3/Makefile ============================================================================== --- head/www/squid3/Makefile Tue Mar 30 12:08:22 2021 (r569551) +++ head/www/squid3/Makefile Tue Mar 30 12:10:31 2021 (r569552) @@ -283,7 +283,7 @@ WITH_DEBUG?= yes CONFIGURE_ARGS+= ${SQUID_CONFIGURE_ARGS} .if ${PORT_OPTIONS:MSSL} && ${OPSYS} == FreeBSD && ${OSVERSION} >= 1200085 && ${SSL_DEFAULT} == base -BROKEN= Does not build on FreeBSD 12 with OpenSSL 1.1. You may add DEFAULT_VERSIONS+=ssl=openssl to /etc/make.conf as a workaround +BROKEN= does not build with OpenSSL 1.1; you may add DEFAULT_VERSIONS+=ssl=libressl to /etc/make.conf as a workaround .endif post-patch: Added: head/www/squid3/files/patch-src_enums.h ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/www/squid3/files/patch-src_enums.h Tue Mar 30 12:10:31 2021 (r569552) @@ -0,0 +1,11 @@ +--- src/enums.h.orig 2018-07-15 20:46:55 UTC ++++ src/enums.h +@@ -9,6 +9,8 @@ + #ifndef SQUID_ENUMS_H + #define SQUID_ENUMS_H + ++#undef FD_NONE ++ + enum fd_type { + FD_NONE, + FD_LOG, Added: head/www/squid3/files/patch-src_ssl_gadgets.cc ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/www/squid3/files/patch-src_ssl_gadgets.cc Tue Mar 30 12:10:31 2021 (r569552) @@ -0,0 +1,11 @@ +--- src/ssl/gadgets.cc.orig 2018-07-15 20:46:55 UTC ++++ src/ssl/gadgets.cc +@@ -321,7 +321,7 @@ mimicExtensions(Ssl::X509_Pointer & cert, Ssl::X509_Po + &ext_der, + (const ASN1_ITEM *)ASN1_ITEM_ptr(method->it)); + +- ASN1_OCTET_STRING *ext_oct = M_ASN1_OCTET_STRING_new(); ++ ASN1_OCTET_STRING *ext_oct = ASN1_OCTET_STRING_new(); + ext_oct->data = ext_der; + ext_oct->length = ext_len; + X509_EXTENSION_set_data(ext, ext_oct); Added: head/www/squid3/files/patch-src_ssl_support.cc ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/www/squid3/files/patch-src_ssl_support.cc Tue Mar 30 12:10:31 2021 (r569552) @@ -0,0 +1,11 @@ +--- src/ssl/support.cc.orig 2018-07-15 20:46:55 UTC ++++ src/ssl/support.cc +@@ -2159,7 +2159,7 @@ remove_session_cb(SSL_CTX *, SSL_SESSION *sessionID) + } + + static SSL_SESSION * +-get_session_cb(SSL *, unsigned char *sessionID, int len, int *copy) ++get_session_cb(SSL *, const unsigned char *sessionID, int len, int *copy) + { + if (!SslSessionCache) + return NULL;