Date: Fri, 27 Jan 2017 20:52:43 +0000 (UTC) From: Sunpoet Po-Chuan Hsieh <sunpoet@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r432575 - head/www/nghttp2/files Message-ID: <201701272052.v0RKqhwJ085280@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: sunpoet Date: Fri Jan 27 20:52:43 2017 New Revision: 432575 URL: https://svnweb.freebsd.org/changeset/ports/432575 Log: Fix build with LibreSSL Differential Revision: https://reviews.FreeBSD.org/D9334 Submitted by: brnrd Obtained from: https://github.com/nghttp2/nghttp2/commit/16be89f9ccba4d37e34ef03f20009a9845efeb99 https://github.com/nghttp2/nghttp2/commit/1cc08c0a51d273afc0e7b4e11eeb0b889d154ee0 Added: head/www/nghttp2/files/patch-src-shrpx_config.cc (contents, props changed) head/www/nghttp2/files/patch-src-shrpx_ssl.cc (contents, props changed) Added: head/www/nghttp2/files/patch-src-shrpx_config.cc ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/www/nghttp2/files/patch-src-shrpx_config.cc Fri Jan 27 20:52:43 2017 (r432575) @@ -0,0 +1,55 @@ +Obtained from: https://github.com/nghttp2/nghttp2/commit/16be89f9ccba4d37e34ef03f20009a9845efeb99 + https://github.com/nghttp2/nghttp2/commit/1cc08c0a51d273afc0e7b4e11eeb0b889d154ee0 + +--- src/shrpx_config.cc.orig 2017-01-25 11:30:16 UTC ++++ src/shrpx_config.cc +@@ -1199,6 +1199,7 @@ int read_tls_sct_from_dir(std::vector<ui + } + } // namespace + ++#if !LIBRESSL_IN_USE + namespace { + // Reads PSK secrets from path, and parses each line. The result is + // directly stored into config->tls.psk_secrets. This function +@@ -1262,7 +1263,9 @@ int parse_psk_secrets(Config *config, co + return 0; + } + } // namespace ++#endif // !LIBRESSL_IN_USE + ++#if !LIBRESSL_IN_USE + namespace { + // Reads PSK secrets from path, and parses each line. The result is + // directly stored into config->tls.client.psk. This function returns +@@ -1322,6 +1325,7 @@ int parse_client_psk_secrets(Config *con + return 0; + } + } // namespace ++#endif // !LIBRESSL_IN_USE + + // generated by gennghttpxfun.py + int option_lookup_token(const char *name, size_t namelen) { +@@ -3284,9 +3288,23 @@ int parse_config(Config *config, int opt + return parse_duration(&config->conn.upstream.timeout.idle_read, opt, + optarg); + case SHRPX_OPTID_PSK_SECRETS: ++#if !LIBRESSL_IN_USE + return parse_psk_secrets(config, optarg); ++#else // LIBRESSL_IN_USE ++ LOG(WARN) ++ << opt ++ << ": ignored because underlying TLS library does not support PSK"; ++ return 0; ++#endif // LIBRESSL_IN_USE + case SHRPX_OPTID_CLIENT_PSK_SECRETS: ++#if !LIBRESSL_IN_USE + return parse_client_psk_secrets(config, optarg); ++#else // LIBRESSL_IN_USE ++ LOG(WARN) ++ << opt ++ << ": ignored because underlying TLS library does not support PSK"; ++ return 0; ++#endif // LIBRESSL_IN_USE + case SHRPX_OPTID_CLIENT_NO_HTTP2_CIPHER_BLACK_LIST: + config->tls.client.no_http2_cipher_black_list = + util::strieq_l("yes", optarg); Added: head/www/nghttp2/files/patch-src-shrpx_ssl.cc ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/www/nghttp2/files/patch-src-shrpx_ssl.cc Fri Jan 27 20:52:43 2017 (r432575) @@ -0,0 +1,50 @@ +Obtained from: https://github.com/nghttp2/nghttp2/commit/16be89f9ccba4d37e34ef03f20009a9845efeb99 + +--- src/shrpx_ssl.cc.orig 2017-01-25 11:30:16 UTC ++++ src/shrpx_ssl.cc +@@ -525,6 +525,7 @@ int sct_parse_cb(SSL *ssl, unsigned int + } // namespace + #endif // !LIBRESSL_IN_USE && OPENSSL_VERSION_NUMBER >= 0x10002000L + ++#if !LIBRESSL_IN_USE + namespace { + unsigned int psk_server_cb(SSL *ssl, const char *identity, unsigned char *psk, + unsigned int max_psk_len) { +@@ -548,7 +549,9 @@ unsigned int psk_server_cb(SSL *ssl, con + return static_cast<unsigned int>(secret.size()); + } + } // namespace ++#endif // !LIBRESSL_IN_USE + ++#if !LIBRESSL_IN_USE + namespace { + unsigned int psk_client_cb(SSL *ssl, const char *hint, char *identity_out, + unsigned int max_identity_len, unsigned char *psk, +@@ -581,6 +584,7 @@ unsigned int psk_client_cb(SSL *ssl, con + return (unsigned int)secret.size(); + } + } // namespace ++#endif // !LIBRESSL_IN_USE + + struct TLSProtocol { + StringRef name; +@@ -784,7 +788,9 @@ SSL_CTX *create_ssl_context(const char * + } + #endif // !LIBRESSL_IN_USE && OPENSSL_VERSION_NUMBER >= 0x10002000L + ++#if !LIBRESSL_IN_USE + SSL_CTX_set_psk_server_callback(ssl_ctx, psk_server_cb); ++#endif // !LIBRESSL_IN_USE + + auto tls_ctx_data = new TLSContextData(); + tls_ctx_data->cert_file = cert_file; +@@ -919,7 +925,9 @@ SSL_CTX *create_ssl_client_context( + #endif // HAVE_NEVERBLEED + } + ++#if !LIBRESSL_IN_USE + SSL_CTX_set_psk_client_callback(ssl_ctx, psk_client_cb); ++#endif // !LIBRESSL_IN_USE + + // NPN selection callback. This is required to set SSL_CTX because + // OpenSSL does not offer SSL_set_next_proto_select_cb.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201701272052.v0RKqhwJ085280>