Date: Sun, 11 Sep 2016 23:57:56 +0000 (UTC) From: John Marino <marino@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r421885 - in head/security/broccoli: . files Message-ID: <201609112357.u8BNvurg038278@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: marino Date: Sun Sep 11 23:57:56 2016 New Revision: 421885 URL: https://svnweb.freebsd.org/changeset/ports/421885 Log: security/broccoli: Document SSL requirement and handle no SSLv3 (LibreSSL) Approved by: SSL blanket Added: head/security/broccoli/files/ head/security/broccoli/files/patch-aux_broccoli_src_bro__openssl.c (contents, props changed) Modified: head/security/broccoli/Makefile Modified: head/security/broccoli/Makefile ============================================================================== --- head/security/broccoli/Makefile Sun Sep 11 23:56:30 2016 (r421884) +++ head/security/broccoli/Makefile Sun Sep 11 23:57:56 2016 (r421885) @@ -19,7 +19,7 @@ LIB_DEPENDS= libGeoIP.so:net/GeoIP EXTRACT_AFTER_ARGS= ${DISTNAME}/aux/broccoli -USES= cmake:outsource +USES= cmake:outsource ssl USE_LDCONFIG= yes CMAKE_SOURCE_PATH= ${WRKSRC}/aux/broccoli @@ -32,6 +32,7 @@ PLIST_SUB+= CLEANUP_PREFIX="@comment " .endif CMAKE_ARGS+= -D CMAKE_INSTALL_PREFIX:PATH=${PREFIX} \ -D BRO_ETC_INSTALL_DIR:PATH=${PREFIX}/etc +CFLAGS+= -I${OPENSSLINC} OPTIONS_DEFINE= DEBUG PYTHON RUBY OPTIONS_SUB= Added: head/security/broccoli/files/patch-aux_broccoli_src_bro__openssl.c ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/security/broccoli/files/patch-aux_broccoli_src_bro__openssl.c Sun Sep 11 23:57:56 2016 (r421885) @@ -0,0 +1,14 @@ +--- aux/broccoli/src/bro_openssl.c.orig 2015-09-06 19:43:23 UTC ++++ aux/broccoli/src/bro_openssl.c +@@ -302,7 +302,11 @@ __bro_openssl_init(void) + * to set up an SSL connection now and abort if this fails in any way. + */ + ++#ifndef OPENSSL_NO_SSL3 + if (! (ctx = SSL_CTX_new(SSLv3_method()))) ++#else ++ if (! (ctx = SSL_CTX_new(SSLv23_method()))) ++#endif + D_RETURN_(FALSE); + + /* We expect things to be stored in PEM format, which means that we
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201609112357.u8BNvurg038278>