Skip site navigation (1)Skip section navigation (2)
Date:      Sun, 17 Mar 2019 11:28:18 +0000 (UTC)
From:      Hiroki Sato <hrs@FreeBSD.org>
To:        ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org
Subject:   svn commit: r496045 - in head/net-mgmt/send: . files
Message-ID:  <201903171128.x2HBSIX1007145@repo.freebsd.org>

next in thread | raw e-mail | index | archive | help
Author: hrs
Date: Sun Mar 17 11:28:18 2019
New Revision: 496045
URL: https://svnweb.freebsd.org/changeset/ports/496045

Log:
  Fix build with OpenSSL 1.1.x.

Added:
  head/net-mgmt/send/files/patch-include-pkixip_ext.h   (contents, props changed)
  head/net-mgmt/send/files/patch-libs-libcga-cga_keyutils.c   (contents, props changed)
  head/net-mgmt/send/files/patch-libs-libcga-cga_mt.c   (contents, props changed)
  head/net-mgmt/send/files/patch-libs-libpkixipext-asn1.c   (contents, props changed)
  head/net-mgmt/send/files/patch-libs-libpkixipext-pkixip_ext_gram.y   (contents, props changed)
  head/net-mgmt/send/files/patch-libs-libpkixipext-util.c   (contents, props changed)
  head/net-mgmt/send/files/patch-libs-libpkixipext-ver.c   (contents, props changed)
  head/net-mgmt/send/files/patch-libs-libpkixipext-x509.c   (contents, props changed)
  head/net-mgmt/send/files/patch-sendd-cert.c   (contents, props changed)
  head/net-mgmt/send/files/patch-sendd-cpa.c   (contents, props changed)
  head/net-mgmt/send/files/patch-sendd-openssl.c   (contents, props changed)
  head/net-mgmt/send/files/patch-sendd-sig_rfc3971.c   (contents, props changed)
  head/net-mgmt/send/files/patch-sendd-snd_proto.h   (contents, props changed)
Modified:
  head/net-mgmt/send/Makefile
  head/net-mgmt/send/distinfo
  head/net-mgmt/send/files/patch-Makefile.install
  head/net-mgmt/send/files/patch-include-cga_keyutils.h
  head/net-mgmt/send/files/patch-include-pkixip_ext_asn.h
  head/net-mgmt/send/files/patch-libs-Makefile.lib.common
  head/net-mgmt/send/files/patch-sendd-Makefile
  head/net-mgmt/send/files/patch-sendd-os-Makefile

Modified: head/net-mgmt/send/Makefile
==============================================================================
--- head/net-mgmt/send/Makefile	Sun Mar 17 10:46:05 2019	(r496044)
+++ head/net-mgmt/send/Makefile	Sun Mar 17 11:28:18 2019	(r496045)
@@ -3,10 +3,9 @@
 
 PORTNAME=	send
 PORTVERSION=	0.3
+DISTVERSIONPREFIX=	v
 PORTREVISION=	2
 CATEGORIES=	net-mgmt ipv6
-MASTER_SITES=	LOCAL/hrs
-DISTNAME=	${PORTNAME}_${PORTVERSION}
 
 MAINTAINER=	hrs@FreeBSD.org
 COMMENT=	Secure Neighbor Discovery implementation for IPv6
@@ -17,7 +16,11 @@ LICENSE_FILE=	${WRKSRC}/LICENSE
 LIB_DEPENDS=	libdnet.so:net/libdnet
 
 USES=		gmake readline ssl
+USE_GITHUB=	yes
+GH_ACCOUNT=	hrs-allbsd
+GH_PROJECT=	send
 USE_RC_SUBR=	sendd
+
 SUB_FILES=	pkg-message
 PORTDOCS=	README UserGuide.pdf
 MAKE_JOBS_UNSAFE=yes

Modified: head/net-mgmt/send/distinfo
==============================================================================
--- head/net-mgmt/send/distinfo	Sun Mar 17 10:46:05 2019	(r496044)
+++ head/net-mgmt/send/distinfo	Sun Mar 17 11:28:18 2019	(r496045)
@@ -1,2 +1,3 @@
-SHA256 (send_0.3.tar.gz) = abe217c24f8f711124da74eb24342ee27a195e8102bed3e60d426607532ff76b
-SIZE (send_0.3.tar.gz) = 1272983
+TIMESTAMP = 1551288169
+SHA256 (hrs-allbsd-send-v0.3_GH0.tar.gz) = 527542b24fa2009e0cc99a85fd423215782ced69c427454727172745c7fbae92
+SIZE (hrs-allbsd-send-v0.3_GH0.tar.gz) = 1313559

Modified: head/net-mgmt/send/files/patch-Makefile.install
==============================================================================
--- head/net-mgmt/send/files/patch-Makefile.install	Sun Mar 17 10:46:05 2019	(r496044)
+++ head/net-mgmt/send/files/patch-Makefile.install	Sun Mar 17 11:28:18 2019	(r496045)
@@ -1,5 +1,5 @@
---- Makefile.install.orig	2010-08-28 17:58:05.000000000 +0900
-+++ Makefile.install	2014-08-20 04:27:44.000000000 +0900
+--- Makefile.install.orig	2019-02-27 16:25:45 UTC
++++ Makefile.install
 @@ -1,9 +1,9 @@
 -INSSBIN= $(PREFIXSBIN)/$(PROG)
 +INSSBIN= $(DESTDIR)$(PREFIXSBIN)/$(PROG)

Modified: head/net-mgmt/send/files/patch-include-cga_keyutils.h
==============================================================================
--- head/net-mgmt/send/files/patch-include-cga_keyutils.h	Sun Mar 17 10:46:05 2019	(r496044)
+++ head/net-mgmt/send/files/patch-include-cga_keyutils.h	Sun Mar 17 11:28:18 2019	(r496045)
@@ -1,5 +1,5 @@
---- include/cga_keyutils.h.orig	2010-08-28 17:58:02.000000000 +0900
-+++ include/cga_keyutils.h	2014-08-30 01:53:41.000000000 +0900
+--- include/cga_keyutils.h.orig	2019-02-27 16:25:45 UTC
++++ include/cga_keyutils.h
 @@ -36,6 +36,9 @@
  #include <openssl/x509.h>
  #include <openssl/evp.h>

Added: head/net-mgmt/send/files/patch-include-pkixip_ext.h
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/net-mgmt/send/files/patch-include-pkixip_ext.h	Sun Mar 17 11:28:18 2019	(r496045)
@@ -0,0 +1,33 @@
+--- include/pkixip_ext.h.orig	2019-02-27 16:25:45 UTC
++++ include/pkixip_ext.h
+@@ -47,14 +47,30 @@ struct pkixip_config {
+ 	char *certfile;
+ };
+ 
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
+ extern int pkixip_aor_cmp(const char * const *, const char * const *);
+ extern int pkixip_ipf_cmp(const char * const *, const char * const *);
++#else
++extern int pkixip_aor_cmp(const IPAddressOrRange * const *,
++    const IPAddressOrRange * const *);
++extern int pkixip_ipf_cmp(const IPAddressFamily * const *,
++    const IPAddressFamily * const *);
++#endif
+ 
+ extern int pkixip_add2stores_cert(X509 *);
+ extern int pkixip_add2stores_file(const char *);
++
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
+ extern int pkixip_add_store(int *, int (*cmp)(X509_OBJECT **, X509_OBJECT **));
++#else
++extern int pkixip_add_store(int *, int (*cmp)(const X509_OBJECT * const *, const X509_OBJECT * const *));
++#endif
+ extern void *pkixip_find_cert(void *, int);
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
+ extern STACK *pkixip_get_mychain(void);
++#else
++extern STACK_OF(X509_OBJECT) *pkixip_get_mychain(void);
++#endif
+ extern X509_STORE_CTX *pkixip_get_store_ctx(void);
+ extern int pkixip_has_ext(X509 *x);
+ extern X509 *pkixip_load_cert(const char *);

Modified: head/net-mgmt/send/files/patch-include-pkixip_ext_asn.h
==============================================================================
--- head/net-mgmt/send/files/patch-include-pkixip_ext_asn.h	Sun Mar 17 10:46:05 2019	(r496044)
+++ head/net-mgmt/send/files/patch-include-pkixip_ext_asn.h	Sun Mar 17 11:28:18 2019	(r496045)
@@ -1,4 +1,4 @@
---- include/pkixip_ext_asn.h.orig	2010-08-28 08:58:02 UTC
+--- include/pkixip_ext_asn.h.orig	2019-02-27 16:25:45 UTC
 +++ include/pkixip_ext_asn.h
 @@ -33,7 +33,12 @@
  #ifndef	_PKIXIP_EXT_ASN_H
@@ -31,4 +31,3 @@
  
  #define IP_AOR_PREFIX		0
  #define IP_AOR_RANGE		1
-

Modified: head/net-mgmt/send/files/patch-libs-Makefile.lib.common
==============================================================================
--- head/net-mgmt/send/files/patch-libs-Makefile.lib.common	Sun Mar 17 10:46:05 2019	(r496044)
+++ head/net-mgmt/send/files/patch-libs-Makefile.lib.common	Sun Mar 17 11:28:18 2019	(r496045)
@@ -1,5 +1,5 @@
---- libs/Makefile.lib.common.orig	2014-08-20 04:21:08.000000000 +0900
-+++ libs/Makefile.lib.common	2014-08-20 04:21:27.000000000 +0900
+--- libs/Makefile.lib.common.orig	2019-02-27 16:25:45 UTC
++++ libs/Makefile.lib.common
 @@ -1,5 +1,5 @@
  
 -CFLAGS += -Wall -O3

Added: head/net-mgmt/send/files/patch-libs-libcga-cga_keyutils.c
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/net-mgmt/send/files/patch-libs-libcga-cga_keyutils.c	Sun Mar 17 11:28:18 2019	(r496045)
@@ -0,0 +1,19 @@
+--- libs/libcga/cga_keyutils.c.orig	2019-02-27 16:25:45 UTC
++++ libs/libcga/cga_keyutils.c
+@@ -45,6 +45,7 @@
+ #include <pthread.h>
+ #include <openssl/err.h>
+ #include <openssl/pem.h>
++#include <openssl/x509.h>
+ 
+ #include "config.h"
+ #include <applog.h>
+@@ -80,7 +81,7 @@ cga_load_cert(cga_ctx_t *cga, const char *f)
+ 		goto fail;
+ 	}
+ 
+-	k = X509_PUBKEY_get(x->cert_info->key);
++	k = X509_PUBKEY_get(X509_get_X509_PUBKEY(x));
+ 
+ 	if (cga->key && cga->free_key) {
+ 		free(cga->key);

Added: head/net-mgmt/send/files/patch-libs-libcga-cga_mt.c
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/net-mgmt/send/files/patch-libs-libcga-cga_mt.c	Sun Mar 17 11:28:18 2019	(r496045)
@@ -0,0 +1,54 @@
+--- libs/libcga/cga_mt.c.orig	2019-02-27 16:25:45 UTC
++++ libs/libcga/cga_mt.c
+@@ -77,10 +77,10 @@ SPIN(void)
+ static int
+ add_mod(uint8_t *m, uint32_t s)
+ {
+-	BIGNUM bn[1], *bnp;
++	BIGNUM *bn, *bnp;
+ 	int blen;
+ 
+-	BN_init(bn);
++	bn = BN_new();
+ 	if ((bnp = BN_bin2bn(m, CGA_MODLEN, bn)) == NULL) {
+ 		ssl_err(__FUNCTION__, "BN_bin2bin failed");
+ 		return (-1);
+@@ -88,6 +88,7 @@ add_mod(uint8_t *m, uint32_t s)
+ 	BN_add_word(bnp, s);
+ 	blen = BN_num_bytes(bnp);
+ 	BN_bn2bin(bnp, m + (CGA_MODLEN - blen));
++	BN_free(bn);
+ 
+ 	return (0);
+ }
+@@ -177,12 +178,16 @@ done:
+ static void
+ opssec(struct timeval *start, uint8_t *startmod)
+ {
+-	BIGNUM sm[1], em[1], ops[1], t[1], dv[1];
++	BIGNUM *sm, *em, *ops, *t, *dv;
+ 	BN_CTX *bc;
+ 	struct timeval tv[1];
+ 	char *dec;
+ 
+-	BN_init(sm); BN_init(em); BN_init(ops); BN_init(t); BN_init(dv);
++	sm = BN_new();
++	em = BN_new();
++	ops = BN_new();
++	t = BN_new();
++	dv = BN_new();
+ 	BN_bin2bn(startmod, CGA_MODLEN, sm);
+ 	BN_bin2bn(state->mod, CGA_MODLEN, em);
+ 	BN_sub(ops, em, sm);
+@@ -210,6 +215,11 @@ opssec(struct timeval *start, uint8_t *startmod)
+ 
+ 	OPENSSL_free(dec);
+ 	BN_CTX_free(bc);
++	BN_free(sm);
++	BN_free(em);
++	BN_free(ops);
++	BN_free(t);
++	BN_free(dv);
+ }
+ 
+ void

Added: head/net-mgmt/send/files/patch-libs-libpkixipext-asn1.c
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/net-mgmt/send/files/patch-libs-libpkixipext-asn1.c	Sun Mar 17 11:28:18 2019	(r496045)
@@ -0,0 +1,25 @@
+--- libs/libpkixipext/asn1.c.orig	2019-02-27 16:25:45 UTC
++++ libs/libpkixipext/asn1.c
+@@ -187,9 +187,8 @@ i2v_IPAddressChoice(X509V3_EXT_METHOD *method, IPAddre
+ 		break;
+ 	case IPA_CHOICE_AOR:
+ 		X509V3_add_value("        Prefix or Range", NULL, &extlist);
+-		for (i = 0; i < sk_num(ipc->u.addressesOrRanges); i++) {
+-			aor = (IPAddressOrRange *)
+-				sk_value(ipc->u.addressesOrRanges, i);
++		for (i = 0; i < sk_IPAddressOrRange_num(ipc->u.addressesOrRanges); i++) {
++			aor = sk_IPAddressOrRange_value(ipc->u.addressesOrRanges, i);
+ 			i2v_IPAddressOrRange(method, aor, extlist, af);
+ 		}
+ 		break;
+@@ -265,8 +264,8 @@ i2v_IPAddrBlocks(X509V3_EXT_METHOD *method, IPAddrBloc
+ 		return (NULL);
+ 	}
+ 
+-	for (i = 0; i < sk_num(ipb); i++) {
+-		ipf = (IPAddressFamily *)sk_value(ipb, i);
++	for (i = 0; i < sk_IPAddressFamily_num(ipb); i++) {
++		ipf = sk_IPAddressFamily_value(ipb, i);
+ 		i2v_IPAddressFamily(method, ipf, extlist);
+ 	}
+ 

Added: head/net-mgmt/send/files/patch-libs-libpkixipext-pkixip_ext_gram.y
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/net-mgmt/send/files/patch-libs-libpkixipext-pkixip_ext_gram.y	Sun Mar 17 11:28:18 2019	(r496045)
@@ -0,0 +1,31 @@
+--- libs/libpkixipext/pkixip_ext_gram.y.orig	2019-02-27 16:25:45 UTC
++++ libs/libpkixipext/pkixip_ext_gram.y
+@@ -350,7 +350,7 @@ new_aor(void)
+ 
+ 	if (!ipc->u.addressesOrRanges &&
+ 	    !(ipc->u.addressesOrRanges =
+-	      sk_new(pkixip_aor_cmp))) {
++	      sk_IPAddressOrRange_new(pkixip_aor_cmp))) {
+ 		applog(LOG_CRIT, "no memory");
+ 		return (-1);
+ 	}
+@@ -361,7 +361,7 @@ new_aor(void)
+ 		applog(LOG_CRIT, "%s: no memory", __FUNCTION__);
+ 		return (-1);
+ 	}
+-	if (!sk_push(ipc->u.addressesOrRanges, (char *)aor)) {
++	if (!sk_IPAddressOrRange_push(ipc->u.addressesOrRanges, (char *)aor)) {
+ 		applog(LOG_CRIT, "sk_push() failed");
+ 		return (-1);
+ 	}
+@@ -459,8 +459,8 @@ af_already_exists(void)
+ 	int i;
+ 	IPAddressFamily *e_ipf;
+ 
+-	for (i = 0; i < sk_num(parse_ipb); i++) {
+-		e_ipf = (IPAddressFamily *)sk_value(parse_ipb, i);
++	for (i = 0; i < sk_IPAddressFamily_num(parse_ipb); i++) {
++		e_ipf = sk_IPAddressFamily_value(parse_ipb, i);
+ 		if (af_match(ipf, e_ipf)) {
+ 			return (1);
+ 		}

Added: head/net-mgmt/send/files/patch-libs-libpkixipext-util.c
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/net-mgmt/send/files/patch-libs-libpkixipext-util.c	Sun Mar 17 11:28:18 2019	(r496045)
@@ -0,0 +1,30 @@
+--- libs/libpkixipext/util.c.orig	2019-02-27 16:25:45 UTC
++++ libs/libpkixipext/util.c
+@@ -37,8 +37,13 @@
+ #include "config.h"
+ #include "pkixip_ext_asn.h"
+ 
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
+ int
+ pkixip_aor_cmp(const char * const *a1, const char * const *a2)
++#else
++int
++pkixip_aor_cmp(const IPAddressOrRange * const *a1, const IPAddressOrRange * const *a2)
++#endif
+ {
+ 	int by1, by2, bi1, bi2, bytes, bits;
+ 	uint8_t *d1, *d2, x1, x2, mask;
+@@ -119,8 +124,13 @@ pkixip_aor_cmp(const char * const *a1, const char * co
+ 	return (0);
+ }
+ 
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
+ int
+ pkixip_ipf_cmp(const char * const *a1, const char * const *a2)
++#else
++int
++pkixip_ipf_cmp(const IPAddressFamily * const *a1, const IPAddressFamily * const *a2)
++#endif
+ {
+ 	IPAddressFamily *ipf1 = (IPAddressFamily *)*a1;
+ 	IPAddressFamily *ipf2 = (IPAddressFamily *)*a2;

Added: head/net-mgmt/send/files/patch-libs-libpkixipext-ver.c
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/net-mgmt/send/files/patch-libs-libpkixipext-ver.c	Sun Mar 17 11:28:18 2019	(r496045)
@@ -0,0 +1,240 @@
+--- libs/libpkixipext/ver.c.orig	2019-02-27 16:25:45 UTC
++++ libs/libpkixipext/ver.c
+@@ -101,11 +101,15 @@ static int
+ in_range(ASN1_BIT_STRING *min1, ASN1_BIT_STRING *max1, ASN1_BIT_STRING *min2,
+     ASN1_BIT_STRING *max2, int af)
+ {
+-	BIGNUM bpmin[1], bpmax[1], bmin[1], bmax[1];
+-	int alen, len, bits;
++	BIGNUM *bpmin, *bpmax, *bmin, *bmax;
++	int alen, len, bits, ret;
+ 	uint8_t mask, buf[sizeof (struct in6_addr)];
+ 
+-	BN_init(bpmin); BN_init(bpmax); BN_init(bmin); BN_init(bmax);
++	bpmin = BN_new();
++	bpmax = BN_new();
++	bmin = BN_new();
++	bmax = BN_new();
++	ret = 0;
+ 	switch (af) {
+ 	case AF_INET:
+ 		alen = sizeof (struct in_addr);
+@@ -115,14 +119,14 @@ in_range(ASN1_BIT_STRING *min1, ASN1_BIT_STRING *max1,
+ 		break;
+ 	default:
+ 		DBG(&dbg_ver, "Unsupported AF");
+-		return (0);
++		goto end;
+ 	}
+ 
+ 	len = min1->length < alen ? min1->length : alen;
+ 	memset(buf, 0, sizeof (buf));
+ 	memcpy(buf, min1->data, len);
+ 	if (!BN_bin2bn(buf, alen, bpmin)) {
+-		return (0);
++		goto end;
+ 	}
+ 
+ 	len = max1->length < alen ? max1->length : alen;
+@@ -135,14 +139,14 @@ in_range(ASN1_BIT_STRING *min1, ASN1_BIT_STRING *max1,
+ 		buf[len - 1] |= mask;
+ 	}
+ 	if (!BN_bin2bn(buf, alen, bpmax)) {
+-		return (0);
++		goto end;
+ 	}
+ 
+ 	len = min2->length < alen ? min2->length : alen;
+ 	memset(buf, 0, sizeof (buf));
+ 	memcpy(buf, min2->data, len);
+ 	if (!BN_bin2bn(buf, alen, bmin)) {
+-		return (0);
++		goto end;
+ 	}
+ 
+ 	len = max2->length < alen ? max2->length : alen;
+@@ -155,18 +159,24 @@ in_range(ASN1_BIT_STRING *min1, ASN1_BIT_STRING *max1,
+ 		buf[len - 1] |= mask;
+ 	}
+ 	if (!BN_bin2bn(buf, alen, bmax)) {
+-		return (0);
++		goto end;
+ 	}
+ 
+ 	/* bmin <= bpmin <= bpmax <= bmax. We already know bpmin <= bpmax */
+ 	if (BN_cmp(bmin, bpmin) == 1) {
+-		return (0);
++		goto end;
+ 	}
+ 	if (BN_cmp(bpmax, bmax) == 1) {
+-		return (0);
++		goto end;
+ 	}
++	ret = 1;
++end:
++	BN_free(bpmin);
++	BN_free(bpmax);
++	BN_free(bmin);
++	BN_free(bmax);
+ 
+-	return (1);
++	return (ret);
+ }
+ 
+ static int
+@@ -247,16 +257,14 @@ af_cmp(IPAddressFamily *ipf1, IPAddressFamily *ipf2)
+ 	}
+ 
+ 	DBG(&dbg_ver, "Pre-cmp ipc AOR count: %d",
+-	    sk_num(ipc1->u.addressesOrRanges));
++	    sk_IPAddressOrRange_num(ipc1->u.addressesOrRanges));
+ 
+-	for (i = 0; i < sk_num(ipc1->u.addressesOrRanges); i++) {
+-		aor1 =
+-		    (IPAddressOrRange *)sk_value(ipc1->u.addressesOrRanges, i);
+-		for (j = 0; j < sk_num(ipc2->u.addressesOrRanges); j++) {
+-			aor2 = (IPAddressOrRange *)
+-			    sk_value(ipc2->u.addressesOrRanges, j);
++	for (i = 0; i < sk_IPAddressOrRange_num(ipc1->u.addressesOrRanges); i++) {
++		aor1 = sk_IPAddressOrRange_value(ipc1->u.addressesOrRanges, i);
++		for (j = 0; j < sk_IPAddressOrRange_num(ipc2->u.addressesOrRanges); j++) {
++			aor2 = sk_IPAddressOrRange_value(ipc2->u.addressesOrRanges, j);
+ 			if (aor_match(aor1, aor2, af) == 0) {
+-				sk_delete(ipc1->u.addressesOrRanges, i--);
++				sk_IPAddressOrRange_delete(ipc1->u.addressesOrRanges, i--);
+ 				IPAddressOrRange_free(aor1);
+ 				break;
+ 			}
+@@ -264,9 +272,9 @@ af_cmp(IPAddressFamily *ipf1, IPAddressFamily *ipf2)
+ 	}
+ 
+ 	DBG(&dbg_ver, "Post-cmp ipc AOR count: %d",
+-	    sk_num(ipc1->u.addressesOrRanges));
++	    sk_IPAddressOrRange_num(ipc1->u.addressesOrRanges));
+ 
+-	if (sk_num(ipc1->u.addressesOrRanges) == 0) {
++	if (sk_IPAddressOrRange_num(ipc1->u.addressesOrRanges) == 0) {
+ 		return (0);
+ 	}
+ 
+@@ -307,7 +315,7 @@ verify_ipext_cert(X509_STORE_CTX *ctx, int idx, X509 *
+ 	IPAddressFamily *ipf1, *ipf2;
+ 	int i, j, inherit = 0;
+ 
+-	DBG(&dbg_ver, "vipb stack cnt: %d idx: %d", sk_num(vipb), idx);
++	DBG(&dbg_ver, "vipb stack cnt: %d idx: %d", sk_IPAddressFamily_num(vipb), idx);
+ 
+ 	ipb = X509_get_ext_d2i(x, pkix_ip_ext_method.ext_nid, NULL, NULL);
+ 	if (!ipb) {
+@@ -315,18 +323,18 @@ verify_ipext_cert(X509_STORE_CTX *ctx, int idx, X509 *
+ 		return (-1);
+ 	}
+ 
+-	for (i = 0; i < sk_num(vipb); i++) {
+-		ipf1 = (IPAddressFamily *)sk_value(vipb, i);
++	for (i = 0; i < sk_IPAddressFamily_num(vipb); i++) {
++		ipf1 = sk_IPAddressFamily_value(vipb, i);
+ 
+ 		/* Ignore inherits in vipb */
+ 		if (is_inherit(ipf1)) {
+-			sk_delete(vipb, i--);
++			sk_IPAddressFamily_delete(vipb, i--);
+ 			IPAddressFamily_free(ipf1);
+ 			continue;
+ 		}
+ 
+-		for (j = 0; j < sk_num(ipb); j++) {
+-			ipf2 = (IPAddressFamily *)sk_value(ipb, j);
++		for (j = 0; j < sk_IPAddressFamily_num(ipb); j++) {
++			ipf2 = sk_IPAddressFamily_value(ipb, j);
+ 			if (af_match(ipf1, ipf2)) {
+ 				/*
+ 				 * Inherits in ipb need to be checked
+@@ -338,7 +346,7 @@ verify_ipext_cert(X509_STORE_CTX *ctx, int idx, X509 *
+ 				}
+ 
+ 				if (af_cmp(ipf1, ipf2) == 0) {
+-					sk_delete(vipb, i--);
++					sk_IPAddressFamily_delete(vipb, i--);
+ 					IPAddressFamily_free(ipf1);
+ 					break;
+ 				}
+@@ -346,18 +354,18 @@ verify_ipext_cert(X509_STORE_CTX *ctx, int idx, X509 *
+ 		}
+ 	}
+ 
+-	if (!inherit || (++idx) == sk_num(ctx->chain)) {
++	if (!inherit || (++idx) == sk_num(X509_STORE_CTX_get_chain(ctx))) {
+ 		/* end of the line */
+ 		goto done;
+ 	}
+-	x = (X509 *)sk_value(ctx->chain, idx);
++	x = (X509 *)sk_value(X509_STORE_CTX_get_chain(ctx), idx);
+ 	verify_ipext_cert(ctx, idx, x, vipb);
+ 
+ done:
+ 	IPAddrBlocks_free(ipb);
+ 
+ 	/* If the vipb stack is now empty all ipf's matched */
+-	if (sk_num(vipb) != 0) {
++	if (sk_IPAddressFamily_num(vipb) != 0) {
+ 		return (-1);
+ 	}
+ 
+@@ -376,13 +384,13 @@ verify_ipext(X509_STORE_CTX *ctx, IPAddrBlocks *vipb)
+ 			   i2v_IPAddrBlocks(NULL, vipb, NULL), 8, 1);
+ #endif
+ 
+-	if (sk_num(vipb) == 0) {
++	if (sk_IPAddressFamily_num(vipb) == 0) {
+ 		DBG(&dbg_ver, "IPAddrBlock empty; rejecting");
+ 		return (-1);
+ 	}
+ 
+-	for (i = 0; i < sk_num(ctx->chain); i++) {
+-		x = (X509 *)sk_value(ctx->chain, i);
++	for (i = 0; i < sk_num(X509_STORE_CTX_get_chain(ctx)); i++) {
++		x = (X509 *)sk_value(X509_STORE_CTX_get_chain(ctx), i);
+ 
+ 		DBG(&dbg_ver, "%s",
+ 		    X509_NAME_oneline(X509_get_subject_name(x), nbuf,
+@@ -391,7 +399,7 @@ verify_ipext(X509_STORE_CTX *ctx, IPAddrBlocks *vipb)
+ 		if (verify_ipext_cert(ctx, i, x, vipb) < 0) {
+ 			return (-1);
+ 		}
+-		if (sk_num(vipb) == 0) {
++		if (sk_IPAddressFamily_num(vipb) == 0) {
+ 			break;
+ 		}
+ 	}
+@@ -408,9 +416,9 @@ verify_ipext_chain(X509_STORE_CTX *ctx)
+ 
+ 	DBG(&dbg_ver, "Verifying IP Exts in the certificate chain");
+ 
+-	for (i = 1; i < sk_num(ctx->chain); i++) {
+-		vx = (X509 *)sk_value(ctx->chain, i - 1);
+-		x = (X509 *)sk_value(ctx->chain, i);
++	for (i = 1; i < sk_num(X509_STORE_CTX_get_chain(ctx)); i++) {
++		vx = (X509 *)sk_value(X509_STORE_CTX_get_chain(ctx), i - 1);
++		x = (X509 *)sk_value(X509_STORE_CTX_get_chain(ctx), i);
+ 
+ 		DBG(&dbg_ver, "%s",
+ 		    X509_NAME_oneline(X509_get_subject_name(vx), nbuf,
+@@ -446,7 +454,7 @@ pkixip_verify_cb(int ok, X509_STORE_CTX *ctx)
+ 	X509_NAME_oneline(X509_get_subject_name(x), nbuf, sizeof (nbuf));
+ #endif
+ 	if (!ok) {
+-		if (ctx->error == X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION) {
++		if (X509_STORE_CTX_get_error(ctx) == X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION) {
+ 			/*
+ 			 * OpenSSL doesn't explicitly support PKIX IP Ext,
+ 			 * so it throws this error when it encounters the
+@@ -458,7 +466,7 @@ pkixip_verify_cb(int ok, X509_STORE_CTX *ctx)
+ 		} else {
+ 			DBG(&dbg_ver, "Not OK at %s", nbuf);
+ 			DBG(&dbg_ver, "%s",
+-			    X509_verify_cert_error_string(ctx->error));
++			    X509_verify_cert_error_string(X509_STORE_CTX_get_error(ctx)));
+ 		}
+ 	} else {
+ 		DBG(&dbg_ver, "OK at %s", nbuf);

Added: head/net-mgmt/send/files/patch-libs-libpkixipext-x509.c
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/net-mgmt/send/files/patch-libs-libpkixipext-x509.c	Sun Mar 17 11:28:18 2019	(r496045)
@@ -0,0 +1,310 @@
+--- libs/libpkixipext/x509.c.orig	2019-02-27 16:25:45 UTC
++++ libs/libpkixipext/x509.c
+@@ -57,34 +57,54 @@ static char nbuf[1024];
+ extern int pkixip_verify_cb(int, X509_STORE_CTX *);
+ 
+ X509V3_EXT_METHOD pkix_ip_ext_method = {
+-	ext_flags : X509V3_EXT_MULTILINE,
+-	it : ASN1_ITEM_ref(IPAddrBlocks),
+-	i2v : (X509V3_EXT_I2V)i2v_IPAddrBlocks,
++	.ext_flags = X509V3_EXT_MULTILINE,
++	.it = ASN1_ITEM_ref(IPAddrBlocks),
++	.i2v = (X509V3_EXT_I2V)i2v_IPAddrBlocks,
+ };
+ 
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
+ static STACK *stores[PKIXIP_MAX_STORES];
++#else
++static STACK_OF(X509_OBJECT) *stores[PKIXIP_MAX_STORES];
++#endif
+ static X509_STORE_CTX *ctx_bysubj;
+ static int next_store = 1;
+ static void *(*wrap_store_cert)(X509 *x);
+ static void (*trustanchor_cb)(X509 *x);
+ pthread_mutex_t stores_lock = PTHREAD_MUTEX_INITIALIZER;
+ 
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
+ static STACK *mychain;
++#else
++static STACK_OF(X509_OBJECT) *mychain;
++#endif
+ 
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
++#define	X509_OBJECT_get_type(a)	((a)->type)
++#define	X509_OBJECT_get0_X509(a)	((a)->data.x509)
++#define	X509_OBJECT_get0_X509_CRL(a)	((a)->data.crl)
++#define	X509_STORE_get0_objects(a)	((a)->objs)
++#define	X509_STORE_CTX_get0_chain(a)	((a)->chain)
++#endif
+ /* Lifted from openssl x509_lu.c */
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
+ static int
+ x509_object_cmp(X509_OBJECT **a, X509_OBJECT **b)
++#else
++static int
++x509_object_cmp(const X509_OBJECT * const *a, const X509_OBJECT * const *b)
++#endif
+ {
+  	int ret;
+ 
+- 	ret=((*a)->type - (*b)->type);
++ 	ret=(X509_OBJECT_get_type(*a) - X509_OBJECT_get_type(*b));
+  	if (ret) return ret;
+- 	switch ((*a)->type) {
++ 	switch (X509_OBJECT_get_type(*a)) {
+  	case X509_LU_X509:
+- 		ret=X509_subject_name_cmp((*a)->data.x509,(*b)->data.x509);
++ 		ret=X509_subject_name_cmp(X509_OBJECT_get0_X509(*a),X509_OBJECT_get0_X509(*b));
+  		break;
+  	case X509_LU_CRL:
+- 		ret=X509_CRL_cmp((*a)->data.crl,(*b)->data.crl);
++ 		ret=X509_CRL_cmp(X509_OBJECT_get0_X509_CRL(*a),X509_OBJECT_get0_X509_CRL(*b));
+  		break;
+ 	default:
+ 		/* abort(); */
+@@ -243,7 +263,11 @@ pkixip_load_pkey(const char *f)
+ 	return (pkey);
+ }
+ 
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
+ static STACK *
++#else
++static STACK_OF(X509_OBJECT) *
++#endif
+ pkixip_get_store(int handle)
+ {
+ 	if (handle >= PKIXIP_MAX_STORES || handle < 0) {
+@@ -257,7 +281,11 @@ pkixip_get_store(int handle)
+ void
+ pkixip_walk_store(int (*cb)(X509 *, void *), void *cookie, int handle)
+ {
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
+ 	STACK *objs;
++#else
++	STACK_OF(X509_OBJECT) *objs;
++#endif
+ 	int i;
+ 	X509_OBJECT *xo;
+ 
+@@ -266,12 +294,16 @@ pkixip_walk_store(int (*cb)(X509 *, void *), void *coo
+ 		goto done;
+ 	}
+ 
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
+ 	for (i = 0; i < sk_num(objs); i++) {
++#else
++	for (i = 0; i < sk_X509_OBJECT_num(objs); i++) {
++#endif
+ 		xo = sk_X509_OBJECT_value(objs, i);
+-		if (xo->type != X509_LU_X509) {
++		if (X509_OBJECT_get_type(xo) != X509_LU_X509) {
+ 			continue;
+ 		}
+-		if (!cb(xo->data.x509, cookie)) {
++		if (!cb(X509_OBJECT_get0_X509(xo), cookie)) {
+ 			break;
+ 		}
+ 	}
+@@ -282,7 +314,11 @@ done:
+ void *
+ pkixip_find_cert(void *k, int handle)
+ {
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
+ 	STACK *store;
++#else
++	STACK_OF(X509_OBJECT) *store;
++#endif
+ 	int i;
+ 	void *r = NULL;
+ 
+@@ -291,11 +327,19 @@ pkixip_find_cert(void *k, int handle)
+ 		goto done;
+ 	}
+ 
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
+ 	if ((i = sk_find(store, k)) < 0) {
++#else
++	if ((i = sk_X509_OBJECT_find(store, k)) < 0) {
++#endif
+ 		goto done;
+ 	}
+ 
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
+ 	r = sk_value(store, i);
++#else
++	r = sk_X509_OBJECT_value(store, i);
++#endif
+ 
+ done:
+ 	pthread_mutex_unlock(&stores_lock);
+@@ -304,8 +348,13 @@ done:
+ 
+ /* Caller must hold stores_lock */
+ static int
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
+ pkixip_do_add_store(int handle, int (*cmp)(X509_OBJECT **, X509_OBJECT **),
+     STACK *objs)
++#else
++pkixip_do_add_store(int handle, int (*cmp)(const X509_OBJECT * const *, X509_OBJECT * const *),
++    STACK_OF(X509_OBJECT) *objs)
++#endif
+ {
+ 	if (objs == NULL && (objs = sk_X509_OBJECT_new(cmp)) == NULL) {
+ 		applog(LOG_CRIT, "no memory");
+@@ -316,8 +365,13 @@ pkixip_do_add_store(int handle, int (*cmp)(X509_OBJECT
+ 	return (0);
+ }
+ 
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
+ int
+ pkixip_add_store(int *handle, int (*cmp)(X509_OBJECT **, X509_OBJECT **))
++#else
++int
++pkixip_add_store(int *handle, int (*cmp)(const X509_OBJECT * const *, const X509_OBJECT * const *))
++#endif
+ {
+ 	int r = 0;
+ 
+@@ -369,7 +423,7 @@ pkixip_get_store_ctx(void)
+ 	}
+ 
+ 	pthread_mutex_lock(&stores_lock);
+-	if (pkixip_do_add_store(PKIXIP_STORE_BYSUBJ, x509_object_cmp, st->objs)
++	if (pkixip_do_add_store(PKIXIP_STORE_BYSUBJ, x509_object_cmp, X509_STORE_get0_objects(st))
+ 	    < 0) {
+ 		X509_STORE_free(st);
+ 		X509_STORE_CTX_free(ctx_bysubj);
+@@ -396,17 +450,24 @@ pkixip_store_ctx_light_cleanup(X509_STORE_CTX *ctx)
+ {
+ //	X509_STORE_CTX_cleanup(ctx);
+ 
+-	if (ctx->chain != NULL) {
+-		sk_X509_pop_free(ctx->chain, noop_free);
++	if (X509_STORE_CTX_get0_chain(ctx) != NULL) {
++		sk_X509_pop_free(X509_STORE_CTX_get0_chain(ctx), noop_free);
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
+ 		ctx->chain=NULL;
++#endif
+ 	}
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
+ 	CRYPTO_free_ex_data(CRYPTO_EX_INDEX_X509_STORE_CTX, ctx,
+ 			    &(ctx->ex_data));
+ 	memset(&ctx->ex_data,0,sizeof(CRYPTO_EX_DATA));
++#else
++	CRYPTO_free_ex_data(CRYPTO_EX_INDEX_X509_STORE_CTX, ctx,
++			    X509_STORE_CTX_get_app_data(ctx));
++#endif
+ 
+ #if 0
+-	while (sk_num(ctx->chain) > 0) {
+-		sk_pop(ctx->chain);
++	while (sk_num(X509_STORE_CTX_get0_chain(ctx)) > 0) {
++		sk_pop(X509_STORE_CTX_get0_chain(ctx));
+ 	}
+ #endif
+ }
+@@ -445,10 +506,19 @@ pkixip_add2stores_cert(X509 *x)
+ 	int i, r = 0;
+ 	X509_STORE_CTX *ctx;
+ 	void *wrapper;
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
+ 	X509_OBJECT o[1];
++#else
++	X509_OBJECT *o;
+ 
+-	if ((ctx = pkixip_get_store_ctx()) == NULL) {
++	o = X509_OBJECT_new();
++	if (o == NULL)
+ 		return (-1);
++#endif
++
++	if ((ctx = pkixip_get_store_ctx()) == NULL) {
++		r = -1;
++		goto done2;
+ 	}
+ 
+ 	pthread_mutex_lock(&stores_lock);
+@@ -459,7 +529,11 @@ pkixip_add2stores_cert(X509 *x)
+ 		goto done;
+ 	}
+ 
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
+ 	if (X509_STORE_add_cert(ctx->ctx, x) != 1) {
++#else
++	if (X509_STORE_add_cert(X509_STORE_CTX_get0_store(ctx), x) != 1) {
++#endif
+ 		pkixip_ssl_err(__FUNCTION__, "X509_STORE_add_cert() failed");
+ 		r = -1;
+ 		goto done;
+@@ -467,7 +541,8 @@ pkixip_add2stores_cert(X509 *x)
+ 
+ 	if (wrap_store_cert) {
+ 		if ((wrapper = wrap_store_cert(x)) == NULL) {
+-			return (-1);
++			r = -1;
++			goto done2;
+ 		}
+ 	} else {
+ 		wrapper = x;
+@@ -475,7 +550,11 @@ pkixip_add2stores_cert(X509 *x)
+ 
+ 	for (i = 1; i < PKIXIP_MAX_STORES; i++) {
+ 		if (stores[i]) {
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
+ 			sk_push(stores[i], wrapper);
++#else
++			sk_X509_OBJECT_push(stores[i], wrapper);
++#endif
+ 		}
+ 	}
+ 
+@@ -484,6 +563,10 @@ pkixip_add2stores_cert(X509 *x)
+ 
+ done:
+ 	pthread_mutex_unlock(&stores_lock);
++done2:
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
++	free(o);
++#endif
+ 	return (r);
+ }
+ 
+@@ -523,14 +606,26 @@ pkixip_my_chain_init(X509 *mycert)
+ 	}
+ 
+ 	if (mychain != NULL) {
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
+ 		sk_free(mychain);
++#else
++		sk_X509_OBJECT_free(mychain);
++#endif
+ 	}
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
+ 	if ((mychain = sk_dup(ctx->chain)) == NULL) {
++#else
++	if ((mychain = sk_X509_OBJECT_dup(X509_STORE_CTX_get0_chain(ctx))) == NULL) {
++#endif
+ 		APPLOG_NOMEM();
+ 		r = -1;
+ 		goto done;
+ 	}
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
+ 	sk_set_cmp_func(mychain, x509_bysubj_cmp);
++#else
++	sk_X509_OBJECT_set_cmp_func(mychain, x509_bysubj_cmp);
++#endif
+ 	DBG(&dbg_x509, "mychain verified and set");
+ 
+ done:
+@@ -538,7 +633,11 @@ done:
+ 	return (r);
+ }
+ 
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
+ STACK *
++#else
++STACK_OF(X509_OBJECT) *
++#endif
+ pkixip_get_mychain(void)
+ {
+ 	return (mychain);

Modified: head/net-mgmt/send/files/patch-sendd-Makefile
==============================================================================
--- head/net-mgmt/send/files/patch-sendd-Makefile	Sun Mar 17 10:46:05 2019	(r496044)
+++ head/net-mgmt/send/files/patch-sendd-Makefile	Sun Mar 17 11:28:18 2019	(r496045)
@@ -1,6 +1,6 @@
---- sendd/Makefile.orig	2014-08-20 04:19:01.000000000 +0900
-+++ sendd/Makefile	2014-08-20 04:19:39.000000000 +0900
-@@ -6,8 +6,8 @@
+--- sendd/Makefile.orig	2019-02-27 16:25:45 UTC
++++ sendd/Makefile
+@@ -6,8 +6,8 @@ OBJS= addr.o cert.o cga.o config.o cpa.o cps.o ctl.o n
  	sendd.o sigmeth.o sig_rfc3971.o
  INC= sendd_local.h snd_proto.h snd_config.h
  

Added: head/net-mgmt/send/files/patch-sendd-cert.c
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/net-mgmt/send/files/patch-sendd-cert.c	Sun Mar 17 11:28:18 2019	(r496045)
@@ -0,0 +1,14 @@
+--- sendd/cert.c.orig	2019-02-27 16:25:45 UTC
++++ sendd/cert.c
+@@ -73,7 +73,11 @@ get_pubkeyhash(X509 *x, uint8_t *buf)
+ 	EVP_PKEY *k;
+ 	int dlen;
+ 
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
+ 	k = X509_PUBKEY_get(x->cert_info->key);
++#else
++	k = X509_get_pubkey(x);
++#endif
+ 	if ((der = cga_key2der(k, &dlen)) == NULL) {
+ 		return (-1);
+ 	}

Added: head/net-mgmt/send/files/patch-sendd-cpa.c
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/net-mgmt/send/files/patch-sendd-cpa.c	Sun Mar 17 11:28:18 2019	(r496045)
@@ -0,0 +1,63 @@
+--- sendd/cpa.c.orig	2019-02-27 16:25:45 UTC
++++ sendd/cpa.c
+@@ -183,22 +183,23 @@ next:
+ }
+ 
+ static int
+-can_handle_cps(uint8_t *ops, int len, STACK *chain, X509 **x)
++can_handle_cps(uint8_t *ops, int len, STACK_OF(X509_OBJECT) *chain, X509 **x)
+ {
+ 	int i, j, r = 0;
+ 	X509_NAME *dn;
+-	X509 x509_s;
+-	X509_CINF cinf_s;
+-	STACK *dchain;
++	X509 *x509_s;
++	STACK_OF(X509_OBJECT) *dchain;
+ 	STACK_OF(X509_NAME) *dns;
+ 
+ 	*x = NULL;
+-
++	x509_s = X509_new();
++	if (x509_s == NULL)
++		return (1);
+ 	if ((dns = snd_get_trustanchors_from_opts(ops, len)) == NULL) {
+ 		return (1);
+ 	}
+-	if (sk_num(dns) == 0) {
+-		sk_free(dns);
++	if (sk_X509_NAME_num(dns) == 0) {
++		sk_X509_NAME_free(dns);
+ 		return (1);
+ 	}
+ 
+@@ -209,24 +210,22 @@ can_handle_cps(uint8_t *ops, int len, STACK *chain, X5
+ 	 * sorting (triggered by sk_find), and we need to chain order
+ 	 * preserved so we can send out the certs in correct order.
+ 	 */
+-	if ((dchain = sk_dup(chain)) == NULL) {
++	if ((dchain = sk_X509_OBJECT_dup(chain)) == NULL) {
+ 		applog(LOG_CRIT, "%s: no memory", __FUNCTION__);
+ 		goto done;
+ 	}
+-	x509_s.cert_info= &cinf_s;
+-
+-	for (i = 0; i < sk_num(dns); i++) {
++	for (i = 0; i < sk_X509_num(dns); i++) {
+ 		dn = sk_X509_NAME_value(dns, i);
+-		cinf_s.subject=dn;
++		X509_set_subject_name(x509_s, dn);
+ 
+-		if ((j = sk_X509_find(dchain, &x509_s)) >= 0) {
++		if ((j = sk_X509_NAME_find(dchain, x509_s)) >= 0) {
+ 			r = 1;
+ 			*x = sk_X509_value(dchain, j);
+ 			DBG(dbg, "found");
+ 			break;
+ 		}
+ 	}
+-	sk_free(dchain);
++	sk_X509_OBJECT_free(dchain);
+ 
+ done:
+ 	sk_X509_NAME_pop_free(dns, X509_NAME_free);

Added: head/net-mgmt/send/files/patch-sendd-openssl.c
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/net-mgmt/send/files/patch-sendd-openssl.c	Sun Mar 17 11:28:18 2019	(r496045)
@@ -0,0 +1,42 @@
+--- sendd/openssl.c.orig	2019-02-27 16:25:45 UTC
++++ sendd/openssl.c
+@@ -57,6 +57,11 @@ struct dlog_desc dbg_cryptox = {
+ };
+ #endif
+ 
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
++#define	X509_OBJECT_new(a)		calloc(1, sizeof(X509_OBJECT))
++#define	X509_OBJECT_get0_X509(a)	((a)->data.x509)
++#endif
++
+ static char nbuf[1024]; /* for displaying X509_NAMEs */
+ 
+ static pthread_mutex_t *lock_cs;
+@@ -216,12 +221,17 @@ snd_have_chain(void *a)
+ 	X509_STORE_CTX *ctx = pkixip_get_store_ctx();
+ 	X509 *tx = a;
+ 	X509_NAME *subj, *iss;
+-	X509_OBJECT obj[1];
++	X509_OBJECT *obj;
+ 
+ 	if (ctx == NULL) {
+ 		DBG(&dbg_snd, "pkixip_get_store() failed");
+ 		return (0);
+ 	}
++	obj = X509_OBJECT_new();
++	if (obj == NULL) {
++		DBG(&dbg_snd, "pkixip_get_store() X509_OBJECT() failed");
++		return (0);
++	}
+ 
+ 	for (;;) {
+ 		subj = X509_get_subject_name(tx);
+@@ -234,7 +244,7 @@ snd_have_chain(void *a)
+ 			    X509_NAME_oneline(iss, nbuf, sizeof (nbuf)));
+ 			return (0);
+ 		}
+-		tx = obj->data.x509;
++		tx = X509_OBJECT_get0_X509(obj);
+ 	}
+ 
+ 	return (1);

Modified: head/net-mgmt/send/files/patch-sendd-os-Makefile
==============================================================================
--- head/net-mgmt/send/files/patch-sendd-os-Makefile	Sun Mar 17 10:46:05 2019	(r496044)
+++ head/net-mgmt/send/files/patch-sendd-os-Makefile	Sun Mar 17 11:28:18 2019	(r496045)
@@ -1,10 +1,11 @@
---- sendd/os/Makefile.orig	2010-08-28 17:58:04.000000000 +0900
-+++ sendd/os/Makefile	2014-08-20 04:33:33.000000000 +0900
+--- sendd/os/Makefile.orig	2019-02-27 16:25:45 UTC
++++ sendd/os/Makefile
 @@ -1,13 +1,5 @@
  
  OBJS += os/addr.o os/snd_freebsd.o os-linux/rand.o
 -CPPFLAGS +=	-I/usr/local/include
--
++CPPFLAGS +=	-I${LOCALBASE}/include
+ 
 -OSLIBS= -L/usr/local/lib -l$(DNET)
 -
 -OSEXTRA= os/sendd

*** DIFF OUTPUT TRUNCATED AT 1000 LINES ***



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201903171128.x2HBSIX1007145>