From owner-freebsd-bugs@FreeBSD.ORG Sun May 27 22:30:02 2012 Return-Path: Delivered-To: freebsd-bugs@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 18C35106566C for ; Sun, 27 May 2012 22:30:02 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id E04BF8FC0C for ; Sun, 27 May 2012 22:30:01 +0000 (UTC) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.5/8.14.5) with ESMTP id q4RMU1U4095949 for ; Sun, 27 May 2012 22:30:01 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.14.5/8.14.5/Submit) id q4RMU1aT095934; Sun, 27 May 2012 22:30:01 GMT (envelope-from gnats) Resent-Date: Sun, 27 May 2012 22:30:01 GMT Resent-Message-Id: <201205272230.q4RMU1aT095934@freefall.freebsd.org> Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer) Resent-To: freebsd-bugs@FreeBSD.org Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org, Aragon Gouveia Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 477FF106568A for ; Sun, 27 May 2012 22:22:05 +0000 (UTC) (envelope-from nobody@FreeBSD.org) Received: from red.freebsd.org (red.freebsd.org [IPv6:2001:4f8:fff6::22]) by mx1.freebsd.org (Postfix) with ESMTP id 2D2D68FC19 for ; Sun, 27 May 2012 22:22:05 +0000 (UTC) Received: from red.freebsd.org (localhost [127.0.0.1]) by red.freebsd.org (8.14.4/8.14.4) with ESMTP id q4RMM4rs029601 for ; Sun, 27 May 2012 22:22:04 GMT (envelope-from nobody@red.freebsd.org) Received: (from nobody@localhost) by red.freebsd.org (8.14.4/8.14.4/Submit) id q4RMM4bj029600; Sun, 27 May 2012 22:22:04 GMT (envelope-from nobody) Message-Id: <201205272222.q4RMM4bj029600@red.freebsd.org> Date: Sun, 27 May 2012 22:22:04 GMT From: Aragon Gouveia To: freebsd-gnats-submit@FreeBSD.org X-Send-Pr-Version: www-3.1 Cc: Subject: bin/168396: [patch] src.conf tunables to enable zlib compression in openssl X-BeenThere: freebsd-bugs@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 27 May 2012 22:30:02 -0000 >Number: 168396 >Category: bin >Synopsis: [patch] src.conf tunables to enable zlib compression in openssl >Confidential: no >Severity: non-critical >Priority: medium >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: change-request >Submitter-Id: current-users >Arrival-Date: Sun May 27 22:30:01 UTC 2012 >Closed-Date: >Last-Modified: >Originator: Aragon Gouveia >Release: 9.0-STABLE >Organization: >Environment: FreeBSD igor.geek.sh 9.0-STABLE FreeBSD 9.0-STABLE #1: Sun May 27 11:38:17 SAST 2012 toor@igor.geek.sh:/usr/obj/usr/src/sys/IGOR amd64 >Description: Attached patch adds two new src.conf tunables: WITH_OPENSSL_ZLIB WITH_OPENSSL_ZLIB_SHARED The first enables zlib compression in the OpenSSL build, both combined makes zlib library load during runtime (dlopen()). More testing/review appreciated. Please consider this for commit. :) >How-To-Repeat: Testing for working compression can be done by with s_client: openssl s_client -no_ssl2 -no_ssl3 -connect issues.apache.org:443 >Fix: Patch attached with submission follows: --- secure/lib/libcrypto/Makefile.inc.orig 2012-05-28 00:12:13.000000000 +0200 +++ secure/lib/libcrypto/Makefile.inc 2012-05-28 00:12:16.000000000 +0200 @@ -21,6 +21,15 @@ CFLAGS+= -DL_ENDIAN .endif +.if ${MK_OPENSSL_ZLIB} == "yes" +CFLAGS+= -DZLIB +.if ${MK_OPENSSL_ZLIB_SHARED} == "yes" +CFLAGS+= -DZLIB_SHARED +.else +LDADD?= -lz +.endif +.endif + MANDIR= ${SHAREDIR}/openssl/man/man .if defined(LIB) --- share/mk/bsd.own.mk.orig 2012-05-27 17:31:58.000000000 +0200 +++ share/mk/bsd.own.mk 2012-05-28 00:11:44.000000000 +0200 @@ -420,7 +420,9 @@ IDEA \ LIBCPLUSPLUS \ OFED \ - SHARED_TOOLCHAIN + SHARED_TOOLCHAIN \ + OPENSSL_ZLIB \ + OPENSSL_ZLIB_SHARED # # Default behaviour of some options depends on the architecture. Unfortunately @@ -554,6 +556,10 @@ MK_KERBEROS:= no .endif +.if ${MK_OPENSSL_ZLIB} == "no" +MK_OPENSSL_ZLIB_SHARED:= no +.endif + .if ${MK_PF} == "no" MK_AUTHPF:= no .endif >Release-Note: >Audit-Trail: >Unformatted: