From owner-svn-ports-all@freebsd.org  Fri Jan 27 20:52:44 2017
Return-Path: <owner-svn-ports-all@freebsd.org>
Delivered-To: svn-ports-all@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id B5131CC4A06;
 Fri, 27 Jan 2017 20:52:44 +0000 (UTC)
 (envelope-from sunpoet@FreeBSD.org)
Received: from repo.freebsd.org (repo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:0])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id 7763B224;
 Fri, 27 Jan 2017 20:52:44 +0000 (UTC)
 (envelope-from sunpoet@FreeBSD.org)
Received: from repo.freebsd.org ([127.0.1.37])
 by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id v0RKqhIf085281;
 Fri, 27 Jan 2017 20:52:43 GMT (envelope-from sunpoet@FreeBSD.org)
Received: (from sunpoet@localhost)
 by repo.freebsd.org (8.15.2/8.15.2/Submit) id v0RKqhwJ085280;
 Fri, 27 Jan 2017 20:52:43 GMT (envelope-from sunpoet@FreeBSD.org)
Message-Id: <201701272052.v0RKqhwJ085280@repo.freebsd.org>
X-Authentication-Warning: repo.freebsd.org: sunpoet set sender to
 sunpoet@FreeBSD.org using -f
From: Sunpoet Po-Chuan Hsieh <sunpoet@FreeBSD.org>
Date: Fri, 27 Jan 2017 20:52:43 +0000 (UTC)
To: ports-committers@freebsd.org, svn-ports-all@freebsd.org,
 svn-ports-head@freebsd.org
Subject: svn commit: r432575 - head/www/nghttp2/files
X-SVN-Group: ports-head
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-BeenThere: svn-ports-all@freebsd.org
X-Mailman-Version: 2.1.23
Precedence: list
List-Id: SVN commit messages for the ports tree <svn-ports-all.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/svn-ports-all>,
 <mailto:svn-ports-all-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-ports-all/>
List-Post: <mailto:svn-ports-all@freebsd.org>
List-Help: <mailto:svn-ports-all-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/svn-ports-all>,
 <mailto:svn-ports-all-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 27 Jan 2017 20:52:44 -0000

Author: sunpoet
Date: Fri Jan 27 20:52:43 2017
New Revision: 432575
URL: https://svnweb.freebsd.org/changeset/ports/432575

Log:
  Fix build with LibreSSL
  
  Differential Revision:	https://reviews.FreeBSD.org/D9334
  Submitted by:	brnrd
  Obtained from:	https://github.com/nghttp2/nghttp2/commit/16be89f9ccba4d37e34ef03f20009a9845efeb99
  		https://github.com/nghttp2/nghttp2/commit/1cc08c0a51d273afc0e7b4e11eeb0b889d154ee0

Added:
  head/www/nghttp2/files/patch-src-shrpx_config.cc   (contents, props changed)
  head/www/nghttp2/files/patch-src-shrpx_ssl.cc   (contents, props changed)

Added: head/www/nghttp2/files/patch-src-shrpx_config.cc
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/www/nghttp2/files/patch-src-shrpx_config.cc	Fri Jan 27 20:52:43 2017	(r432575)
@@ -0,0 +1,55 @@
+Obtained from:	https://github.com/nghttp2/nghttp2/commit/16be89f9ccba4d37e34ef03f20009a9845efeb99
+		https://github.com/nghttp2/nghttp2/commit/1cc08c0a51d273afc0e7b4e11eeb0b889d154ee0
+
+--- src/shrpx_config.cc.orig	2017-01-25 11:30:16 UTC
++++ src/shrpx_config.cc
+@@ -1199,6 +1199,7 @@ int read_tls_sct_from_dir(std::vector<ui
+ }
+ } // namespace
+ 
++#if !LIBRESSL_IN_USE
+ namespace {
+ // Reads PSK secrets from path, and parses each line.  The result is
+ // directly stored into config->tls.psk_secrets.  This function
+@@ -1262,7 +1263,9 @@ int parse_psk_secrets(Config *config, co
+   return 0;
+ }
+ } // namespace
++#endif // !LIBRESSL_IN_USE
+ 
++#if !LIBRESSL_IN_USE
+ namespace {
+ // Reads PSK secrets from path, and parses each line.  The result is
+ // directly stored into config->tls.client.psk.  This function returns
+@@ -1322,6 +1325,7 @@ int parse_client_psk_secrets(Config *con
+   return 0;
+ }
+ } // namespace
++#endif // !LIBRESSL_IN_USE
+ 
+ // generated by gennghttpxfun.py
+ int option_lookup_token(const char *name, size_t namelen) {
+@@ -3284,9 +3288,23 @@ int parse_config(Config *config, int opt
+     return parse_duration(&config->conn.upstream.timeout.idle_read, opt,
+                           optarg);
+   case SHRPX_OPTID_PSK_SECRETS:
++#if !LIBRESSL_IN_USE
+     return parse_psk_secrets(config, optarg);
++#else  // LIBRESSL_IN_USE
++    LOG(WARN)
++        << opt
++        << ": ignored because underlying TLS library does not support PSK";
++    return 0;
++#endif // LIBRESSL_IN_USE
+   case SHRPX_OPTID_CLIENT_PSK_SECRETS:
++#if !LIBRESSL_IN_USE
+     return parse_client_psk_secrets(config, optarg);
++#else  // LIBRESSL_IN_USE
++    LOG(WARN)
++        << opt
++        << ": ignored because underlying TLS library does not support PSK";
++    return 0;
++#endif // LIBRESSL_IN_USE
+   case SHRPX_OPTID_CLIENT_NO_HTTP2_CIPHER_BLACK_LIST:
+     config->tls.client.no_http2_cipher_black_list =
+         util::strieq_l("yes", optarg);

Added: head/www/nghttp2/files/patch-src-shrpx_ssl.cc
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/www/nghttp2/files/patch-src-shrpx_ssl.cc	Fri Jan 27 20:52:43 2017	(r432575)
@@ -0,0 +1,50 @@
+Obtained from:	https://github.com/nghttp2/nghttp2/commit/16be89f9ccba4d37e34ef03f20009a9845efeb99
+
+--- src/shrpx_ssl.cc.orig	2017-01-25 11:30:16 UTC
++++ src/shrpx_ssl.cc
+@@ -525,6 +525,7 @@ int sct_parse_cb(SSL *ssl, unsigned int 
+ } // namespace
+ #endif // !LIBRESSL_IN_USE && OPENSSL_VERSION_NUMBER >= 0x10002000L
+ 
++#if !LIBRESSL_IN_USE
+ namespace {
+ unsigned int psk_server_cb(SSL *ssl, const char *identity, unsigned char *psk,
+                            unsigned int max_psk_len) {
+@@ -548,7 +549,9 @@ unsigned int psk_server_cb(SSL *ssl, con
+   return static_cast<unsigned int>(secret.size());
+ }
+ } // namespace
++#endif // !LIBRESSL_IN_USE
+ 
++#if !LIBRESSL_IN_USE
+ namespace {
+ unsigned int psk_client_cb(SSL *ssl, const char *hint, char *identity_out,
+                            unsigned int max_identity_len, unsigned char *psk,
+@@ -581,6 +584,7 @@ unsigned int psk_client_cb(SSL *ssl, con
+   return (unsigned int)secret.size();
+ }
+ } // namespace
++#endif // !LIBRESSL_IN_USE
+ 
+ struct TLSProtocol {
+   StringRef name;
+@@ -784,7 +788,9 @@ SSL_CTX *create_ssl_context(const char *
+   }
+ #endif // !LIBRESSL_IN_USE && OPENSSL_VERSION_NUMBER >= 0x10002000L
+ 
++#if !LIBRESSL_IN_USE
+   SSL_CTX_set_psk_server_callback(ssl_ctx, psk_server_cb);
++#endif // !LIBRESSL_IN_USE
+ 
+   auto tls_ctx_data = new TLSContextData();
+   tls_ctx_data->cert_file = cert_file;
+@@ -919,7 +925,9 @@ SSL_CTX *create_ssl_client_context(
+ #endif // HAVE_NEVERBLEED
+   }
+ 
++#if !LIBRESSL_IN_USE
+   SSL_CTX_set_psk_client_callback(ssl_ctx, psk_client_cb);
++#endif // !LIBRESSL_IN_USE
+ 
+   // NPN selection callback.  This is required to set SSL_CTX because
+   // OpenSSL does not offer SSL_set_next_proto_select_cb.