Date: Sun, 1 Mar 2015 17:41:43 +0000 (UTC) From: Mark Felder <feld@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r380216 - head/www/apache22/files Message-ID: <201503011741.t21HfhU5079950@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: feld Date: Sun Mar 1 17:41:42 2015 New Revision: 380216 URL: https://svnweb.freebsd.org/changeset/ports/380216 QAT: https://qat.redports.org/buildarchive/r380216/ Log: Unbreak build with LibreSSL PR: 196256 Added: head/www/apache22/files/patch-acinclude.m4 (contents, props changed) head/www/apache22/files/patch-configure (contents, props changed) head/www/apache22/files/patch-include__ap_config_auto.h.in (contents, props changed) head/www/apache22/files/patch-modules__ssl__ssl_engine_init.c (contents, props changed) head/www/apache22/files/patch-modules__ssl__ssl_engine_rand.c (contents, props changed) head/www/apache22/files/patch-modules__ssl__ssl_engine_vars.c (contents, props changed) head/www/apache22/files/patch-modules__ssl__ssl_util_ssl.c (contents, props changed) head/www/apache22/files/patch-modules__ssl__ssl_util_ssl.h (contents, props changed) Added: head/www/apache22/files/patch-acinclude.m4 ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/www/apache22/files/patch-acinclude.m4 Sun Mar 1 17:41:42 2015 (r380216) @@ -0,0 +1,11 @@ +--- acinclude.m4.orig 2012-07-06 17:23:21.000000000 +0200 ++++ acinclude.m4 2015-02-28 10:22:26.577650967 +0100 +@@ -455,6 +455,8 @@ + AC_CHECK_HEADERS([openssl/engine.h]) + AC_CHECK_FUNCS([SSLeay_version SSL_CTX_new], [], [liberrors="yes"]) + AC_CHECK_FUNCS([ENGINE_init ENGINE_load_builtin_engines]) ++ AC_CHECK_FUNCS([SSL_CTX_use_certificate_chain]) ++ AC_CHECK_LIB(crypto, RAND_egd, AC_DEFINE(HAVE_SSL_RAND_EGD, 1, [Define if the libcrypto has RAND_egd])) + else + AC_CHECK_FUNCS([SSLC_library_version SSL_CTX_new], [], [liberrors="yes"]) + AC_CHECK_FUNCS(SSL_set_state) Added: head/www/apache22/files/patch-configure ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/www/apache22/files/patch-configure Sun Mar 1 17:41:42 2015 (r380216) @@ -0,0 +1,62 @@ +--- configure.orig 2014-08-22 19:54:19.000000000 +0200 ++++ configure 2015-02-28 10:22:46.822052140 +0100 +@@ -13853,6 +13922,59 @@ + fi + done + ++ for ac_func in SSL_CTX_use_certificate_chain ++do : ++ ac_fn_c_check_func "$LINENO" "SSL_CTX_use_certificate_chain" "ac_cv_func_SSL_CTX_use_certificate_chain" ++if test "x$ac_cv_func_SSL_CTX_use_certificate_chain" = xyes; then : ++ cat >>confdefs.h <<_ACEOF ++#define HAVE_SSL_CTX_USE_CERTIFICATE_CHAIN 1 ++_ACEOF ++ ++fi ++done ++ ++ { $as_echo "$as_me:${as_lineno-$LINENO}: checking for RAND_egd in -lcrypto" >&5 ++$as_echo_n "checking for RAND_egd in -lcrypto... " >&6; } ++if ${ac_cv_lib_crypto_RAND_egd+:} false; then : ++ $as_echo_n "(cached) " >&6 ++else ++ ac_check_lib_save_LIBS=$LIBS ++LIBS="-lcrypto $LIBS" ++cat confdefs.h - <<_ACEOF >conftest.$ac_ext ++/* end confdefs.h. */ ++ ++/* Override any GCC internal prototype to avoid an error. ++ Use char because int might match the return type of a GCC ++ builtin and then its argument prototype would still apply. */ ++#ifdef __cplusplus ++extern "C" ++#endif ++char RAND_egd (); ++int ++main () ++{ ++return RAND_egd (); ++ ; ++ return 0; ++} ++_ACEOF ++if ac_fn_c_try_link "$LINENO"; then : ++ ac_cv_lib_crypto_RAND_egd=yes ++else ++ ac_cv_lib_crypto_RAND_egd=no ++fi ++rm -f core conftest.err conftest.$ac_objext \ ++ conftest$ac_exeext conftest.$ac_ext ++LIBS=$ac_check_lib_save_LIBS ++fi ++{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_crypto_RAND_egd" >&5 ++$as_echo "$ac_cv_lib_crypto_RAND_egd" >&6; } ++if test "x$ac_cv_lib_crypto_RAND_egd" = xyes; then : ++ ++$as_echo "#define HAVE_SSL_RAND_EGD 1" >>confdefs.h ++ ++fi ++ + else + for ac_func in SSLC_library_version SSL_CTX_new + do : Added: head/www/apache22/files/patch-include__ap_config_auto.h.in ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/www/apache22/files/patch-include__ap_config_auto.h.in Sun Mar 1 17:41:42 2015 (r380216) @@ -0,0 +1,15 @@ +--- include/ap_config_auto.h.in.orig 2014-08-22 19:54:18.000000000 +0200 ++++ include/ap_config_auto.h.in 2015-02-28 10:25:55.191842645 +0100 +@@ -127,6 +127,12 @@ + /* Define to 1 if you have the `SSL_CTX_new' function. */ + #undef HAVE_SSL_CTX_NEW + ++/* Define to 1 if you run LibreSSL which defines SSL_CTX_use_certificate_chain as well */ ++#undef HAVE_SSL_CTX_USE_CERTIFICATE_CHAIN ++ ++/* Define to 1 if your OpenSSL library supports RAND_egd */ ++#undef HAVE_SSL_RAND_EGD ++ + /* Define to 1 if you have the `SSL_set_cert_store' function. */ + #undef HAVE_SSL_SET_CERT_STORE + Added: head/www/apache22/files/patch-modules__ssl__ssl_engine_init.c ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/www/apache22/files/patch-modules__ssl__ssl_engine_init.c Sun Mar 1 17:41:42 2015 (r380216) @@ -0,0 +1,38 @@ +--- modules/ssl/ssl_engine_init.c.orig 2014-07-16 08:04:38.000000000 +0200 ++++ modules/ssl/ssl_engine_init.c 2015-02-28 10:52:11.571641334 +0100 +@@ -406,9 +406,11 @@ + ssl_die(); + } + ++#ifdef ENGINE_CTRL_CHIL_SET_FORKCHECK + if (strEQ(mc->szCryptoDevice, "chil")) { + ENGINE_ctrl(e, ENGINE_CTRL_CHIL_SET_FORKCHECK, 1, 0, 0); + } ++#endif + + if (!ENGINE_set_default(e, ENGINE_METHOD_ALL)) { + ap_log_error(APLOG_MARK, APLOG_ERR, 0, s, +@@ -584,6 +586,10 @@ + #endif + + ++#ifdef SSL_NO_COMP ++#define OPENSSL_NO_COMP ++#endif ++ + #ifndef OPENSSL_NO_COMP + if (sc->compression != TRUE) { + #ifdef SSL_OP_NO_COMPRESSION +@@ -831,7 +837,11 @@ + } + } + +- n = SSL_CTX_use_certificate_chain(mctx->ssl_ctx, ++#ifndef HAVE_SSL_CTX_USE_CERTIFICATE_CHAIN ++ n = SSL_CTX_use_certificate_chain(mctx->ssl_ctx, ++#else ++ n = _SSL_CTX_use_certificate_chain(mctx->ssl_ctx, ++#endif + (char *)chain, + skip_first, NULL); + if (n < 0) { Added: head/www/apache22/files/patch-modules__ssl__ssl_engine_rand.c ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/www/apache22/files/patch-modules__ssl__ssl_engine_rand.c Sun Mar 1 17:41:42 2015 (r380216) @@ -0,0 +1,20 @@ +--- modules/ssl/ssl_engine_rand.c.orig 2006-07-12 05:38:44.000000000 +0200 ++++ modules/ssl/ssl_engine_rand.c 2015-02-28 10:47:35.481607754 +0100 +@@ -83,17 +83,6 @@ + nDone += ssl_rand_feedfp(p, fp, pRandSeed->nBytes); + ssl_util_ppclose(s, p, fp); + } +-#ifdef HAVE_SSL_RAND_EGD +- else if (pRandSeed->nSrc == SSL_RSSRC_EGD) { +- /* +- * seed in contents provided by the external +- * Entropy Gathering Daemon (EGD) +- */ +- if ((n = RAND_egd(pRandSeed->cpPath)) == -1) +- continue; +- nDone += n; +- } +-#endif + else if (pRandSeed->nSrc == SSL_RSSRC_BUILTIN) { + struct { + time_t t; Added: head/www/apache22/files/patch-modules__ssl__ssl_engine_vars.c ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/www/apache22/files/patch-modules__ssl__ssl_engine_vars.c Sun Mar 1 17:41:42 2015 (r380216) @@ -0,0 +1,11 @@ +--- modules/ssl/ssl_engine_vars.c.orig 2013-02-12 12:51:17.000000000 +0100 ++++ modules/ssl/ssl_engine_vars.c 2015-02-28 10:54:21.257798164 +0100 +@@ -832,7 +832,7 @@ + { + char *result = "NULL"; + #ifdef OPENSSL_VERSION_NUMBER +-#if (OPENSSL_VERSION_NUMBER >= 0x00908000) ++#if (OPENSSL_VERSION_NUMBER >= 0x00908000) && !defined(OPENSSL_NO_COMP) + SSL_SESSION *pSession = SSL_get_session(ssl); + + if (pSession) { Added: head/www/apache22/files/patch-modules__ssl__ssl_util_ssl.c ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/www/apache22/files/patch-modules__ssl__ssl_util_ssl.c Sun Mar 1 17:41:42 2015 (r380216) @@ -0,0 +1,14 @@ +--- modules/ssl/ssl_util_ssl.c.orig 2012-08-17 19:30:46.000000000 +0200 ++++ modules/ssl/ssl_util_ssl.c 2015-02-28 10:30:48.557501618 +0100 +@@ -492,7 +492,11 @@ + * format, possibly followed by a sequence of CA certificates that + * should be sent to the peer in the SSL Certificate message. + */ ++#ifndef HAVE_SSL_CTX_USE_CERTIFICATE_CHAIN + int SSL_CTX_use_certificate_chain( ++#else ++int _SSL_CTX_use_certificate_chain( ++#endif + SSL_CTX *ctx, char *file, int skipfirst, modssl_read_bio_cb_fn *cb) + { + BIO *bio; Added: head/www/apache22/files/patch-modules__ssl__ssl_util_ssl.h ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/www/apache22/files/patch-modules__ssl__ssl_util_ssl.h Sun Mar 1 17:41:42 2015 (r380216) @@ -0,0 +1,14 @@ +--- modules/ssl/ssl_util_ssl.h.orig 2012-08-17 19:30:46.000000000 +0200 ++++ modules/ssl/ssl_util_ssl.h 2015-02-28 10:33:07.042671521 +0100 +@@ -89,7 +89,11 @@ + BOOL SSL_X509_getCN(apr_pool_t *, X509 *, char **); + BOOL SSL_X509_INFO_load_file(apr_pool_t *, STACK_OF(X509_INFO) *, const char *); + BOOL SSL_X509_INFO_load_path(apr_pool_t *, STACK_OF(X509_INFO) *, const char *); ++#ifndef HAVE_SSL_CTX_USE_CERTIFICATE_CHAIN + int SSL_CTX_use_certificate_chain(SSL_CTX *, char *, int, modssl_read_bio_cb_fn *); ++#else ++int _SSL_CTX_use_certificate_chain(SSL_CTX *, char *, int, modssl_read_bio_cb_fn *); ++#endif + char *SSL_SESSION_id2sz(unsigned char *, int, char *, int); + + /** util functions for OpenSSL+sslc compat */
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201503011741.t21HfhU5079950>