From owner-svn-ports-head@freebsd.org  Sun Mar 17 00:54:17 2019
Return-Path: <owner-svn-ports-head@freebsd.org>
Delivered-To: svn-ports-head@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 9B80C154449E;
 Sun, 17 Mar 2019 00:54:17 +0000 (UTC) (envelope-from hrs@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
 [IPv6:2610:1c1:1:606c::19:3])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 server-signature RSA-PSS (4096 bits)
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "mxrelay.nyi.freebsd.org",
 Issuer "Let's Encrypt Authority X3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 35839850E4;
 Sun, 17 Mar 2019 00:54:17 +0000 (UTC) (envelope-from hrs@FreeBSD.org)
Received: from repo.freebsd.org (repo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:0])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 1514B202C;
 Sun, 17 Mar 2019 00:54:17 +0000 (UTC) (envelope-from hrs@FreeBSD.org)
Received: from repo.freebsd.org ([127.0.1.37])
 by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id x2H0sG9I075326;
 Sun, 17 Mar 2019 00:54:16 GMT (envelope-from hrs@FreeBSD.org)
Received: (from hrs@localhost)
 by repo.freebsd.org (8.15.2/8.15.2/Submit) id x2H0sFgh075314;
 Sun, 17 Mar 2019 00:54:15 GMT (envelope-from hrs@FreeBSD.org)
Message-Id: <201903170054.x2H0sFgh075314@repo.freebsd.org>
X-Authentication-Warning: repo.freebsd.org: hrs set sender to hrs@FreeBSD.org
 using -f
From: Hiroki Sato <hrs@FreeBSD.org>
Date: Sun, 17 Mar 2019 00:54:15 +0000 (UTC)
To: ports-committers@freebsd.org, svn-ports-all@freebsd.org,
 svn-ports-head@freebsd.org
Subject: svn commit: r496010 - in head/multimedia/librtmp: . files
X-SVN-Group: ports-head
X-SVN-Commit-Author: hrs
X-SVN-Commit-Paths: in head/multimedia/librtmp: . files
X-SVN-Commit-Revision: 496010
X-SVN-Commit-Repository: ports
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-Rspamd-Queue-Id: 35839850E4
X-Spamd-Bar: --
Authentication-Results: mx1.freebsd.org
X-Spamd-Result: default: False [-2.96 / 15.00];
 local_wl_from(0.00)[FreeBSD.org];
 NEURAL_HAM_MEDIUM(-1.00)[-0.998,0];
 NEURAL_HAM_SHORT(-0.97)[-0.967,0];
 NEURAL_HAM_LONG(-1.00)[-1.000,0];
 ASN(0.00)[asn:11403, ipnet:2610:1c1:1::/48, country:US]
X-BeenThere: svn-ports-head@freebsd.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: SVN commit messages for the ports tree for head
 <svn-ports-head.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/svn-ports-head>, 
 <mailto:svn-ports-head-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-ports-head/>
List-Post: <mailto:svn-ports-head@freebsd.org>
List-Help: <mailto:svn-ports-head-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/svn-ports-head>,
 <mailto:svn-ports-head-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 17 Mar 2019 00:54:17 -0000

Author: hrs
Date: Sun Mar 17 00:54:15 2019
New Revision: 496010
URL: https://svnweb.freebsd.org/changeset/ports/496010

Log:
  Add a new OpenSSL 1.1.x patchset and revert broken one imported
  in r482967 which had SIGSEGV issue.
  
  PR:	232901

Added:
  head/multimedia/librtmp/files/patch-librtmp-dh.h   (contents, props changed)
  head/multimedia/librtmp/files/patch-librtmp-handshake.h   (contents, props changed)
  head/multimedia/librtmp/files/patch-librtmp-hashswf.c   (contents, props changed)
Deleted:
  head/multimedia/librtmp/files/patch-openssl-1.1
Modified:
  head/multimedia/librtmp/Makefile
  head/multimedia/librtmp/distinfo
  head/multimedia/librtmp/files/patch-librtmp-Makefile
  head/multimedia/librtmp/files/patch-librtmp-librtmp.pc.in

Modified: head/multimedia/librtmp/Makefile
==============================================================================
--- head/multimedia/librtmp/Makefile	Sun Mar 17 00:45:41 2019	(r496009)
+++ head/multimedia/librtmp/Makefile	Sun Mar 17 00:54:15 2019	(r496010)
@@ -2,7 +2,7 @@
 
 PORTNAME=	librtmp
 PORTVERSION=	2.4.20151223
-PORTREVISION=	3
+PORTREVISION=	4
 CATEGORIES=	multimedia net
 MASTER_SITES=	LOCAL/hrs
 DISTNAME=	rtmpdump-2.4.fa8646da
@@ -18,6 +18,7 @@ USE_LDCONFIG=	yes
 
 CFLAGS+=	-I${OPENSSLINC}
 LDFLAGS+=	-L${OPENSSLLIB}
-WRKSRC=		${WRKDIR}/${DISTNAME}/librtmp
+PATCH_WRKSRC=	${WRKDIR}/${DISTNAME}
+WRKSRC=		${WRKDIR}/${DISTNAME}/${PORTNAME}
 
 .include <bsd.port.mk>

Modified: head/multimedia/librtmp/distinfo
==============================================================================
--- head/multimedia/librtmp/distinfo	Sun Mar 17 00:45:41 2019	(r496009)
+++ head/multimedia/librtmp/distinfo	Sun Mar 17 00:54:15 2019	(r496010)
@@ -1,2 +1,3 @@
+TIMESTAMP = 1552725310
 SHA256 (rtmpdump-2.4.fa8646da.tar.bz2) = 2d37a0db88477c580d3d7226bf8606444fdb130008ee5256bf0ddaf00c76d771
 SIZE (rtmpdump-2.4.fa8646da.tar.bz2) = 110969

Modified: head/multimedia/librtmp/files/patch-librtmp-Makefile
==============================================================================
--- head/multimedia/librtmp/files/patch-librtmp-Makefile	Sun Mar 17 00:45:41 2019	(r496009)
+++ head/multimedia/librtmp/files/patch-librtmp-Makefile	Sun Mar 17 00:54:15 2019	(r496010)
@@ -1,5 +1,5 @@
---- Makefile.orig	2016-02-29 01:15:13 UTC
-+++ Makefile
+--- librtmp/Makefile.orig	2016-02-29 01:15:13 UTC
++++ librtmp/Makefile
 @@ -1,19 +1,21 @@
  VERSION=v2.4
  

Added: head/multimedia/librtmp/files/patch-librtmp-dh.h
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/multimedia/librtmp/files/patch-librtmp-dh.h	Sun Mar 17 00:54:15 2019	(r496010)
@@ -0,0 +1,116 @@
+--- librtmp/dh.h.orig	2016-02-29 01:15:13 UTC
++++ librtmp/dh.h
+@@ -194,7 +194,7 @@ typedef BIGNUM * MP_t;
+ 
+ /* RFC 2631, Section 2.1.5, http://www.ietf.org/rfc/rfc2631.txt */
+ static int
+-isValidPublicKey(MP_t y, MP_t p, MP_t q)
++isValidPublicKey(const MP_t y, const MP_t p, const MP_t q)
+ {
+   int ret = TRUE;
+   MP_t bn;
+@@ -253,20 +253,43 @@ DHInit(int nKeyBits)
+   if (!dh)
+     goto failed;
+ 
++#if !defined(USE_OPENSSL) || defined(LIBRESSL_VERSION_NUMBER) || !defined(OPENSSL_VERSION_NUMBER) || OPENSSL_VERSION_NUMBER < 0x10100000L
+   MP_new(dh->g);
+ 
+   if (!dh->g)
+     goto failed;
++#else
++  BIGNUM *g;
+ 
++  MP_new(g);
++  if (g == NULL)
++    goto failed;
++#endif
++
++#if !defined(USE_OPENSSL) || defined(LIBRESSL_VERSION_NUMBER) || !defined(OPENSSL_VERSION_NUMBER) || OPENSSL_VERSION_NUMBER < 0x10100000L
+   MP_gethex(dh->p, P1024, res);	/* prime P1024, see dhgroups.h */
++#else
++  const BIGNUM *p = DH_get0_p(dh);
++
++  MP_gethex(p, P1024, res);	/* prime P1024, see dhgroups.h */
++#endif
+   if (!res)
+     {
+       goto failed;
+     }
+ 
++#if !defined(USE_OPENSSL) || defined(LIBRESSL_VERSION_NUMBER) || !defined(OPENSSL_VERSION_NUMBER) || OPENSSL_VERSION_NUMBER < 0x10100000L
+   MP_set_w(dh->g, 2);	/* base 2 */
++#else
++  MP_set_w(g, 2);	/* base 2 */
++  DH_set0_pqg(dh, p, NULL, g);
++#endif
+ 
++#if !defined(USE_OPENSSL) || defined(LIBRESSL_VERSION_NUMBER) || !defined(OPENSSL_VERSION_NUMBER) || OPENSSL_VERSION_NUMBER < 0x10100000L
+   dh->length = nKeyBits;
++#else
++  DH_set_length(dh, nKeyBits);
++#endif
+   return dh;
+ 
+ failed:
+@@ -293,12 +316,20 @@ DHGenerateKey(MDH *dh)
+       MP_gethex(q1, Q1024, res);
+       assert(res);
+ 
++#if !defined(USE_OPENSSL) || defined(LIBRESSL_VERSION_NUMBER) || !defined(OPENSSL_VERSION_NUMBER) || OPENSSL_VERSION_NUMBER < 0x10100000L
+       res = isValidPublicKey(dh->pub_key, dh->p, q1);
++#else
++      res = isValidPublicKey(DH_get0_pub_key(dh), DH_get0_p(dh), q1);
++#endif
+       if (!res)
+ 	{
++#if !defined(USE_OPENSSL) || defined(LIBRESSL_VERSION_NUMBER) || !defined(OPENSSL_VERSION_NUMBER) || OPENSSL_VERSION_NUMBER < 0x10100000L
+ 	  MP_free(dh->pub_key);
+ 	  MP_free(dh->priv_key);
+ 	  dh->pub_key = dh->priv_key = 0;
++#else
++          DH_set0_key(dh, NULL, NULL);
++#endif
+ 	}
+ 
+       MP_free(q1);
+@@ -314,15 +345,27 @@ static int
+ DHGetPublicKey(MDH *dh, uint8_t *pubkey, size_t nPubkeyLen)
+ {
+   int len;
++#if !defined(USE_OPENSSL) || defined(LIBRESSL_VERSION_NUMBER) || !defined(OPENSSL_VERSION_NUMBER) || OPENSSL_VERSION_NUMBER < 0x10100000L
+   if (!dh || !dh->pub_key)
++#else
++  if (!dh || !DH_get0_pub_key(dh))
++#endif
+     return 0;
+ 
++#if !defined(USE_OPENSSL) || defined(LIBRESSL_VERSION_NUMBER) || !defined(OPENSSL_VERSION_NUMBER) || OPENSSL_VERSION_NUMBER < 0x10100000L
+   len = MP_bytes(dh->pub_key);
++#else
++  len = MP_bytes(DH_get0_pub_key(dh));
++#endif
+   if (len <= 0 || len > (int) nPubkeyLen)
+     return 0;
+ 
+   memset(pubkey, 0, nPubkeyLen);
++#if !defined(USE_OPENSSL) || defined(LIBRESSL_VERSION_NUMBER) || !defined(OPENSSL_VERSION_NUMBER) || OPENSSL_VERSION_NUMBER < 0x10100000L
+   MP_setbin(dh->pub_key, pubkey + (nPubkeyLen - len), len);
++#else
++  MP_setbin(DH_get0_pub_key(dh), pubkey + (nPubkeyLen - len), len);
++#endif
+   return 1;
+ }
+ 
+@@ -364,7 +407,11 @@ DHComputeSharedSecretKey(MDH *dh, uint8_
+   MP_gethex(q1, Q1024, len);
+   assert(len);
+ 
++#if !defined(USE_OPENSSL) || defined(LIBRESSL_VERSION_NUMBER) || !defined(OPENSSL_VERSION_NUMBER) || OPENSSL_VERSION_NUMBER < 0x10100000L
+   if (isValidPublicKey(pubkeyBn, dh->p, q1))
++#else
++  if (isValidPublicKey(pubkeyBn, DH_get0_p(dh), q1))
++#endif
+     res = MDH_compute_key(secret, nPubkeyLen, pubkeyBn, dh);
+   else
+     res = -1;

Added: head/multimedia/librtmp/files/patch-librtmp-handshake.h
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/multimedia/librtmp/files/patch-librtmp-handshake.h	Sun Mar 17 00:54:15 2019	(r496010)
@@ -0,0 +1,100 @@
+--- librtmp/handshake.h.orig	2016-02-29 01:15:13 UTC
++++ librtmp/handshake.h
+@@ -31,9 +31,13 @@
+ #define SHA256_DIGEST_LENGTH	32
+ #endif
+ #define HMAC_CTX	sha2_context
+-#define HMAC_setup(ctx, key, len)	sha2_hmac_starts(&ctx, (unsigned char *)key, len, 0)
+-#define HMAC_crunch(ctx, buf, len)	sha2_hmac_update(&ctx, buf, len)
+-#define HMAC_finish(ctx, dig, dlen)	dlen = SHA256_DIGEST_LENGTH; sha2_hmac_finish(&ctx, dig)
++#define HMAC_setup(ctx, key, len)	do { \
++		if (ctx == NULL) \
++			ctx = calloc(1, sizeof(*ctx)); \
++		sha2_hmac_starts(ctx, (unsigned char *)key, len, 0); \
++	} while (0)
++#define HMAC_crunch(ctx, buf, len)	sha2_hmac_update(ctx, buf, len)
++#define HMAC_finish(ctx, dig, dlen)	dlen = SHA256_DIGEST_LENGTH; sha2_hmac_finish(ctx, dig)
+ 
+ typedef arc4_context *	RC4_handle;
+ #define RC4_alloc(h)	*h = malloc(sizeof(arc4_context))
+@@ -50,10 +54,17 @@ typedef arc4_context *	RC4_handle;
+ #endif
+ #undef HMAC_CTX
+ #define HMAC_CTX	struct hmac_sha256_ctx
+-#define HMAC_setup(ctx, key, len)	hmac_sha256_set_key(&ctx, len, key)
+-#define HMAC_crunch(ctx, buf, len)	hmac_sha256_update(&ctx, len, buf)
+-#define HMAC_finish(ctx, dig, dlen)	dlen = SHA256_DIGEST_LENGTH; hmac_sha256_digest(&ctx, SHA256_DIGEST_LENGTH, dig)
+-#define HMAC_close(ctx)
++#define HMAC_setup(ctx, key, len)	do { \
++		if (ctx == NULL) \
++			ctx = calloc(1, sizeof(*ctx)); \
++		hmac_sha256_set_key(ctx, len, key); \
++	} while (0)
++#define HMAC_crunch(ctx, buf, len)	hmac_sha256_update(ctx, len, buf)
++#define HMAC_finish(ctx, dig, dlen)	dlen = SHA256_DIGEST_LENGTH; hmac_sha256_digest(ctx, SHA256_DIGEST_LENGTH, dig)
++#define HMAC_close(ctx)	do { \
++		free(ctx); \
++		ctx = NULL; \
++	} while (0)
+ 
+ typedef struct arcfour_ctx*	RC4_handle;
+ #define RC4_alloc(h)	*h = malloc(sizeof(struct arcfour_ctx))
+@@ -69,9 +80,37 @@ typedef struct arcfour_ctx*	RC4_handle;
+ #if OPENSSL_VERSION_NUMBER < 0x0090800 || !defined(SHA256_DIGEST_LENGTH)
+ #error Your OpenSSL is too old, need 0.9.8 or newer with SHA256
+ #endif
+-#define HMAC_setup(ctx, key, len)	HMAC_CTX_init(&ctx); HMAC_Init_ex(&ctx, key, len, EVP_sha256(), 0)
+-#define HMAC_crunch(ctx, buf, len)	HMAC_Update(&ctx, buf, len)
+-#define HMAC_finish(ctx, dig, dlen)	HMAC_Final(&ctx, dig, &dlen); HMAC_CTX_cleanup(&ctx)
++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
++#define HMAC_setup(ctx, key, len)	do { \
++		if (ctx == NULL) \
++			ctx = calloc(1, sizeof(*ctx)); \
++		HMAC_CTX_init(ctx); \
++		HMAC_Init_ex(ctx, key, len, EVP_sha256(), 0); \
++	} while (0)
++#else
++#define HMAC_setup(ctx, key, len)	do { \
++		if (ctx == NULL) \
++			ctx = HMAC_CTX_new(); \
++		else \
++			HMAC_CTX_reset(ctx); \
++		HMAC_Init_ex(ctx, key, len, EVP_sha256(), 0); \
++	} while (0)
++#endif
++#define HMAC_crunch(ctx, buf, len)	HMAC_Update(ctx, buf, len)
++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
++#define HMAC_finish(ctx, dig, dlen)	do { \
++		HMAC_Final(ctx, dig, &dlen); \
++		HMAC_CTX_cleanup(ctx); \
++		free(ctx); \
++		ctx = NULL; \
++	} while (0)
++#else
++#define HMAC_finish(ctx, dig, dlen)	do { \
++		HMAC_Final(ctx, dig, &dlen); \
++		HMAC_CTX_free(ctx); \
++		ctx = NULL; \
++	} while (0)
++#endif
+ 
+ typedef RC4_KEY *	RC4_handle;
+ #define RC4_alloc(h)	*h = malloc(sizeof(RC4_KEY))
+@@ -117,7 +156,7 @@ static void InitRC4Encryption
+ {
+   uint8_t digest[SHA256_DIGEST_LENGTH];
+   unsigned int digestLen = 0;
+-  HMAC_CTX ctx;
++  HMAC_CTX *ctx = NULL;
+ 
+   RC4_alloc(rc4keyIn);
+   RC4_alloc(rc4keyOut);
+@@ -266,7 +305,7 @@ HMACsha256(const uint8_t *message, size_
+ 	   size_t keylen, uint8_t *digest)
+ {
+   unsigned int digestLen;
+-  HMAC_CTX ctx;
++  HMAC_CTX *ctx = NULL;
+ 
+   HMAC_setup(ctx, key, keylen);
+   HMAC_crunch(ctx, message, messageLen);

Added: head/multimedia/librtmp/files/patch-librtmp-hashswf.c
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/multimedia/librtmp/files/patch-librtmp-hashswf.c	Sun Mar 17 00:54:15 2019	(r496010)
@@ -0,0 +1,93 @@
+--- librtmp/hashswf.c.orig	2016-02-29 01:15:13 UTC
++++ librtmp/hashswf.c
+@@ -37,10 +37,17 @@
+ #define SHA256_DIGEST_LENGTH	32
+ #endif
+ #define HMAC_CTX	sha2_context
+-#define HMAC_setup(ctx, key, len)	sha2_hmac_starts(&ctx, (unsigned char *)key, len, 0)
+-#define HMAC_crunch(ctx, buf, len)	sha2_hmac_update(&ctx, buf, len)
+-#define HMAC_finish(ctx, dig, dlen)	dlen = SHA256_DIGEST_LENGTH; sha2_hmac_finish(&ctx, dig)
+-#define HMAC_close(ctx)
++#define HMAC_setup(ctx, key, len)	do { \
++		if (ctx == NULL) \
++			ctx = calloc(1, sizeof(*ctx)); \
++		sha2_hmac_starts(ctx, (unsigned char *)key, len, 0); \
++	} while (0);
++#define HMAC_crunch(ctx, buf, len)	sha2_hmac_update(ctx, buf, len)
++#define HMAC_finish(ctx, dig, dlen)	dlen = SHA256_DIGEST_LENGTH; sha2_hmac_finish(ctx, dig)
++#define HMAC_close(ctx)	do { \
++		free(ctx); \
++		ctx = NULL; \
++	} while (0)
+ #elif defined(USE_GNUTLS)
+ #include <nettle/hmac.h>
+ #ifndef SHA256_DIGEST_LENGTH
+@@ -48,19 +55,51 @@
+ #endif
+ #undef HMAC_CTX
+ #define HMAC_CTX	struct hmac_sha256_ctx
+-#define HMAC_setup(ctx, key, len)	hmac_sha256_set_key(&ctx, len, key)
+-#define HMAC_crunch(ctx, buf, len)	hmac_sha256_update(&ctx, len, buf)
+-#define HMAC_finish(ctx, dig, dlen)	dlen = SHA256_DIGEST_LENGTH; hmac_sha256_digest(&ctx, SHA256_DIGEST_LENGTH, dig)
+-#define HMAC_close(ctx)
++#define HMAC_setup(ctx, key, len)	do { \
++		if (ctx == NULL) \
++			ctx = calloc(1, sizeof(*ctx)); \
++		hmac_sha256_set_key(ctx, len, key); \
++	} while (0)
++#define HMAC_crunch(ctx, buf, len)	hmac_sha256_update(ctx, len, buf)
++#define HMAC_finish(ctx, dig, dlen)	dlen = SHA256_DIGEST_LENGTH; hmac_sha256_digest(ctx, SHA256_DIGEST_LENGTH, dig)
++#define HMAC_close(ctx)	do { \
++		free(ctx); \
++		ctx = NULL; \
++	} while (0)
+ #else	/* USE_OPENSSL */
+ #include <openssl/ssl.h>
+ #include <openssl/sha.h>
+ #include <openssl/hmac.h>
+ #include <openssl/rc4.h>
+-#define HMAC_setup(ctx, key, len)	HMAC_CTX_init(&ctx); HMAC_Init_ex(&ctx, (unsigned char *)key, len, EVP_sha256(), 0)
+-#define HMAC_crunch(ctx, buf, len)	HMAC_Update(&ctx, (unsigned char *)buf, len)
+-#define HMAC_finish(ctx, dig, dlen)	HMAC_Final(&ctx, (unsigned char *)dig, &dlen);
+-#define HMAC_close(ctx)	HMAC_CTX_cleanup(&ctx)
++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
++#define HMAC_setup(ctx, key, len)	do { \
++		if (ctx == NULL) \
++			ctx = calloc(1, sizeof(*ctx)); \
++		HMAC_CTX_init(ctx); \
++		HMAC_Init_ex(ctx, (unsigned char *)key, len, EVP_sha256(), 0); \
++	} while (0)
++#else
++#define HMAC_setup(ctx, key, len)	do { \
++		if (ctx == NULL) \
++			ctx = HMAC_CTX_new(); \
++		HMAC_Init_ex(ctx, (unsigned char *)key, len, EVP_sha256(), 0); \
++	} while (0);
++#endif
++#define HMAC_crunch(ctx, buf, len)	HMAC_Update(ctx, (unsigned char *)buf, len)
++#define HMAC_finish(ctx, dig, dlen)	HMAC_Final(ctx, (unsigned char *)dig, &dlen);
++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
++#define HMAC_close(ctx)	do { \
++		HMAC_CTX_cleanup(ctx); \
++		free(ctx); \
++		ctx = NULL; \
++	} while (0)
++#else
++#define HMAC_close(ctx)	do { \
++		HMAC_CTX_reset(ctx); \
++		HMAC_CTX_free(ctx); \
++		ctx = NULL; \
++	} while (0)
++#endif
+ #endif
+ 
+ extern void RTMP_TLS_Init();
+@@ -289,7 +328,7 @@ leave:
+ struct info
+ {
+   z_stream *zs;
+-  HMAC_CTX ctx;
++  HMAC_CTX *ctx;
+   int first;
+   int zlib;
+   int size;

Modified: head/multimedia/librtmp/files/patch-librtmp-librtmp.pc.in
==============================================================================
--- head/multimedia/librtmp/files/patch-librtmp-librtmp.pc.in	Sun Mar 17 00:45:41 2019	(r496009)
+++ head/multimedia/librtmp/files/patch-librtmp-librtmp.pc.in	Sun Mar 17 00:54:15 2019	(r496010)
@@ -1,5 +1,5 @@
---- librtmp.pc.in.orig	2016-02-29 01:15:13 UTC
-+++ librtmp.pc.in
+--- librtmp/librtmp.pc.in.orig	2016-02-29 01:15:13 UTC
++++ librtmp/librtmp.pc.in
 @@ -8,6 +8,6 @@ Description: RTMP implementation
  Version: @VERSION@
  Requires: @CRYPTO_REQ@