From owner-svn-ports-all@freebsd.org  Fri Oct 28 20:38:18 2016
Return-Path: <owner-svn-ports-all@freebsd.org>
Delivered-To: svn-ports-all@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 8399DC2525B;
 Fri, 28 Oct 2016 20:38:18 +0000 (UTC)
 (envelope-from naddy@FreeBSD.org)
Received: from repo.freebsd.org (repo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:0])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id 41AE9C3F;
 Fri, 28 Oct 2016 20:38:18 +0000 (UTC)
 (envelope-from naddy@FreeBSD.org)
Received: from repo.freebsd.org ([127.0.1.37])
 by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id u9SKcHbQ018576;
 Fri, 28 Oct 2016 20:38:17 GMT (envelope-from naddy@FreeBSD.org)
Received: (from naddy@localhost)
 by repo.freebsd.org (8.15.2/8.15.2/Submit) id u9SKcH9x018575;
 Fri, 28 Oct 2016 20:38:17 GMT (envelope-from naddy@FreeBSD.org)
Message-Id: <201610282038.u9SKcH9x018575@repo.freebsd.org>
X-Authentication-Warning: repo.freebsd.org: naddy set sender to
 naddy@FreeBSD.org using -f
From: Christian Weisgerber <naddy@FreeBSD.org>
Date: Fri, 28 Oct 2016 20:38:17 +0000 (UTC)
To: ports-committers@freebsd.org, svn-ports-all@freebsd.org,
 svn-ports-head@freebsd.org
Subject: svn commit: r424884 - head/net/openntpd
X-SVN-Group: ports-head
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-BeenThere: svn-ports-all@freebsd.org
X-Mailman-Version: 2.1.23
Precedence: list
List-Id: SVN commit messages for the ports tree <svn-ports-all.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/svn-ports-all>,
 <mailto:svn-ports-all-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-ports-all/>
List-Post: <mailto:svn-ports-all@freebsd.org>
List-Help: <mailto:svn-ports-all-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/svn-ports-all>,
 <mailto:svn-ports-all-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 28 Oct 2016 20:38:18 -0000

Author: naddy
Date: Fri Oct 28 20:38:17 2016
New Revision: 424884
URL: https://svnweb.freebsd.org/changeset/ports/424884

Log:
  Unblock the package build via static libressl.  Adapted from [1].
  
  OpenNTPD requires libtls, which is only available from LibreSSL.
  If LibreSSL is not the default SSL library, link with a static copy
  of the LibreSSL libraries.  This approach has the drawback that
  whenever there is an update to libressl, the openntpd port will
  require a PORTREVISION bump, otherwise it will not pick up the fixed
  library and continue to use the old code.
  
  Drop the RESSL option as LibreSSL is now always available.
  
  PR:		213691 [1]
  Submitted by:	jbeich

Modified:
  head/net/openntpd/Makefile

Modified: head/net/openntpd/Makefile
==============================================================================
--- head/net/openntpd/Makefile	Fri Oct 28 20:33:14 2016	(r424883)
+++ head/net/openntpd/Makefile	Fri Oct 28 20:38:17 2016	(r424884)
@@ -2,7 +2,7 @@
 
 PORTNAME=	openntpd
 PORTVERSION=	6.0p1
-PORTREVISION=	1
+PORTREVISION=	2
 PORTEPOCH=	2
 CATEGORIES=	net
 MASTER_SITES=	OPENBSD/OpenNTPD
@@ -12,24 +12,16 @@ COMMENT=	Network Time Protocol (NTP) dae
 
 LICENSE=	ISCL
 
+RUN_DEPENDS=	ca_root_nss>=0:security/ca_root_nss
+
+USE_RC_SUBR=	openntpd
 USERS=		_ntp
 GROUPS=		_ntp
 
-USE_RC_SUBR=	openntpd
+USES=		ssl
 
 GNU_CONFIGURE=	yes
-
-OPTIONS_DEFINE=		RESSL
-RESSL_DESC=		SSL/TLS support via LibreSSL
-
-OPTIONS_DEFAULT=	RESSL
-
-# Requires libtls from LibreSSL
-RESSL_USES=		ssl
-RESSL_CONFIGURE_WITH=	cacert=${LOCALBASE}/etc/ssl/cert.pem
-RESSL_CPPFLAGS=		-I${OPENSSLINC}
-RESSL_LDFLAGS=		-L${OPENSSLLIB}
-RESSL_RUN_DEPENDS=	ca_root_nss>=0:security/ca_root_nss
+CONFIGURE_ARGS=	--with-cacert=${LOCALBASE}/etc/ssl/cert.pem
 
 pre-build:
 	${REINPLACE_CMD} -e 's,%%PREFIX%%,${PREFIX},g' \
@@ -40,8 +32,25 @@ post-stage:
 
 .include <bsd.port.pre.mk>
 
-.if ${PORT_OPTIONS:MRESSL} && empty(SSL_DEFAULT:Mlibressl*)
-IGNORE=	Requires LibreSSL from ports, define DEFAULT_VERSIONS+=ssl=libressl in your make.conf and rebuild everything.
-.endif
+# Requires libtls from LibreSSL
+.if ${SSL_DEFAULT:Mlibressl*}
+CPPFLAGS+=		-I${OPENSSLINC}
+LDFLAGS+=		-L${OPENSSLLIB}
+.else # SSL_DEFAULT
+BUILD_DEPENDS+=		${NONEXISTENT}:security/libressl:stage
+CPPFLAGS+=		-I${WRKDIR}/libressl/include
+LDFLAGS+=		-L${WRKDIR}/libressl/lib
+# security/libressl ignores implicit SSP_UNSAFE, see Mk/bsd.ssp.mk
+. if ${OPSYS} == FreeBSD && ${OSVERSION} < 1000036 && ${ARCH} == i386
+SSP_CFLAGS?=	-fstack-protector
+CFLAGS+=	${SSP_CFLAGS}
+LDFLAGS+=	-fstack-protector
+LIBS+=		-lssp_nonshared
+. endif
+
+pre-configure:
+	@cd `${MAKE} -V STAGEDIR -C ${PORTSDIR}/security/libressl`${LOCALBASE} \
+	    && ${COPYTREE_SHARE} . ${WRKDIR}/libressl "! -name *.so*"
+.endif # SSL_DEFAULT
 
 .include <bsd.port.post.mk>