Skip site navigation (1)Skip section navigation (2)
Date:      Mon, 22 Oct 2018 23:47:21 +0000 (UTC)
From:      Martin Matuska <mm@FreeBSD.org>
To:        ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org
Subject:   svn commit: r482797 - in head/net-im/jabberd: . files
Message-ID:  <201810222347.w9MNlLh0001372@repo.freebsd.org>

next in thread | raw e-mail | index | archive | help
Author: mm
Date: Mon Oct 22 23:47:21 2018
New Revision: 482797
URL: https://svnweb.freebsd.org/changeset/ports/482797

Log:
  net-im/jabberd:
  - add OpenSSL 1.1 patches from upstream
  - use autoreconf
  - make portlint happier

Added:
  head/net-im/jabberd/files/patch-configure.ac   (contents, props changed)
  head/net-im/jabberd/files/patch-etc__Makefile.am   (contents, props changed)
  head/net-im/jabberd/files/patch-etc__templates__Makefile.am   (contents, props changed)
  head/net-im/jabberd/files/patch-sx__ssl.c   (contents, props changed)
Deleted:
  head/net-im/jabberd/files/patch-etc__Makefile.in
  head/net-im/jabberd/files/patch-etc__templates__Makefile.in
Modified:
  head/net-im/jabberd/Makefile
  head/net-im/jabberd/files/patch-sm__mod_iq_time.c
  head/net-im/jabberd/files/patch-storage__authreg_ldapfull.c
  head/net-im/jabberd/files/patch-tools__jabberd.in
  head/net-im/jabberd/files/patch-util_crypt__blowfish.c

Modified: head/net-im/jabberd/Makefile
==============================================================================
--- head/net-im/jabberd/Makefile	Mon Oct 22 23:47:03 2018	(r482796)
+++ head/net-im/jabberd/Makefile	Mon Oct 22 23:47:21 2018	(r482797)
@@ -3,7 +3,7 @@
 
 PORTNAME=	jabberd
 PORTVERSION=	2.6.1
-PORTREVISION=	3
+PORTREVISION=	4
 CATEGORIES=	net-im
 MASTER_SITES=	https://github.com/jabberd2/jabberd2/releases/download/${PORTNAME}-${DISTVERSION}/ \
 		LOCAL/matthew/${PORTNAME}
@@ -17,7 +17,10 @@ LIB_DEPENDS=	libexpat.so:textproc/expat2 \
 		libgsasl.so:security/gsasl \
 		libidn.so:dns/libidn \
 		libudns.so:dns/udns
+BUILD_DEPENDS=	autoconf-archive>=0:devel/autoconf-archive
 
+USES=		autoreconf compiler:c11 iconv libtool perl5 ssl tar:xz
+
 OPTIONS_DEFINE=	MYSQL PGSQL LDAP BDB SQLITE PAM PIPE ANON FS DEBUG REQUIRES \
 		DOCS SUPERSEDED EXPERIMENTAL
 OPTIONS_DEFAULT=MYSQL DEBUG
@@ -25,7 +28,6 @@ OPTIONS_SUB=	yes
 
 GNU_CONFIGURE=	yes
 INSTALL_TARGET=	install-strip
-USES=		compiler:c11 iconv libtool perl5 ssl tar:xz
 USE_PERL5=	run
 USE_RC_SUBR=	jabberd
 USE_LDCONFIG=	${PREFIX}/lib/jabberd
@@ -133,10 +135,6 @@ post-patch:
 	router.xml s2s.xml sm.xml templates/roster.xml
 	@${MV} ${WRKSRC}/etc/${FILE}.dist.in ${WRKSRC}/etc/${FILE}.sample.in
 .endfor
-#.if ${PORT_OPTIONS:MCYRUS}
-#	@${REINPLACE_CMD} -e '/^#error /d' \
-#		${WRKSRC}/sx/sasl_cyrus.c
-#.endif
 
 post-install:
 .for DIR in db logs pid

Added: head/net-im/jabberd/files/patch-configure.ac
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/net-im/jabberd/files/patch-configure.ac	Mon Oct 22 23:47:21 2018	(r482797)
@@ -0,0 +1,14 @@
+--- configure.ac.orig	2017-07-01 15:27:52 UTC
++++ configure.ac
+@@ -406,9 +406,9 @@ if test "x-$want_ssl" != "x-no" ; then
+     fi
+     AC_CHECK_HEADERS(openssl/crypto.h)
+     if test "x-$ac_cv_header_openssl_crypto_h" = "x-yes" ; then
+-        AC_CHECK_LIB(crypto, CRYPTO_lock)
++        AC_CHECK_LIB(crypto, HMAC_Update)
+     fi
+-    if test "x-$ac_cv_lib_crypto_CRYPTO_lock" = "x-yes" ; then
++    if test "x-$ac_cv_lib_crypto_HMAC_Update" = "x-yes" ; then
+         AC_CHECK_HEADERS(openssl/ssl.h)
+     fi
+     if test "x-$ac_cv_header_openssl_ssl_h" = "x-yes" ; then

Added: head/net-im/jabberd/files/patch-etc__Makefile.am
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/net-im/jabberd/files/patch-etc__Makefile.am	Mon Oct 22 23:47:21 2018	(r482797)
@@ -0,0 +1,36 @@
+--- etc/Makefile.am.orig	2016-05-03 22:25:09 UTC
++++ etc/Makefile.am
+@@ -1,12 +1,8 @@
+ LIBTOOL += --quiet
+ 
+-sysconf_DATA = c2s.xml.dist router.xml.dist s2s.xml.dist sm.xml.dist jabberd.cfg.dist router-users.xml.dist router-filter.xml.dist
+-initdir = $(prefix)/etc/init
+-init_DATA = jabberd-c2s.conf jabberd-router.conf jabberd-s2s.conf jabberd-sm.conf
+-systemddir = $(prefix)/lib/systemd/system
+-systemd_DATA = jabberd-sm.service jabberd.service jabberd-s2s.service jabberd-router.service jabberd-c2s.service
+-configs = $(sysconf_DATA) $(init_DATA) $(systemd_DATA)
+-EXTRA_DIST = $(sysconf_DATA:%.dist=%.dist.in) $(init_DATA:%.conf=%.conf.in) $(systemd_DATA:%.service=%.service.in)
++sysconf_DATA = c2s.xml.sample router.xml.sample s2s.xml.sample sm.xml.sample jabberd.cfg.sample router-users.xml.sample router-filter.xml.sample
++configs = $(sysconf_DATA)
++EXTRA_DIST = $(sysconf_DATA:%.sample=%.sample.in)
+ 
+ SUBDIRS = templates
+ 
+@@ -20,7 +16,7 @@ edit = sed \
+ 	-e 's,@libdir\@,$(libdir),g' \
+ 	-e 's,@pkglibdir\@,$(pkglibdir),g'
+ 
+-$(configs): $(sysconf_DATA:%.dist=@srcdir@/%.dist.in) $(init_DATA:%.conf=@srcdir@/%.conf.in) $(systemd_DATA:%.service=%.service.in)
++$(configs): $(sysconf_DATA:%.sample=@srcdir@/%.sample.in)
+ 	@echo "generating $@ from $@.in"; \
+     edit='$(edit)'; \
+     list='$(jabberd_bin)'; for p in $$list; do \
+@@ -33,7 +29,7 @@ $(configs): $(sysconf_DATA:%.dist=@srcdir@/%.dist.in) 
+     
+ install-data-hook:
+ 	@list='$(sysconf_DATA)'; for p in $$list; do \
+-      dest=`echo $$p | sed -e s/.dist//`; \
++      dest=`echo $$p | sed -e s/.sample//`; \
+ 	  if test -f $(DESTDIR)$(sysconfdir)/$$dest; then \
+         echo "$@ will not overwrite existing $(DESTDIR)$(sysconfdir)/$$dest"; \
+       else \

Added: head/net-im/jabberd/files/patch-etc__templates__Makefile.am
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/net-im/jabberd/files/patch-etc__templates__Makefile.am	Mon Oct 22 23:47:21 2018	(r482797)
@@ -0,0 +1,22 @@
+--- etc/templates/Makefile.am.orig	2016-05-03 22:25:09 UTC
++++ etc/templates/Makefile.am
+@@ -2,8 +2,8 @@ templatesdir = $(sysconfdir)/templates
+ 
+ LIBTOOL += --quiet
+ 
+-templates_DATA = roster.xml.dist
+-EXTRA_DIST = roster.xml.dist.in
++templates_DATA = roster.xml.sample
++EXTRA_DIST = roster.xml.sample.in
+ 
+ edit = sed \
+ 	-e 's,@sysconfdir\@,$(sysconfdir),g' \
+@@ -18,7 +18,7 @@ $(templates_DATA):
+     
+ install-data-hook:
+ 	@list='$(templates_DATA)'; for p in $$list; do \
+-      dest=`echo $$p | sed -e s/.dist//`; \
++      dest=`echo $$p | sed -e s/.sample//`; \
+ 	  if test -f $(DESTDIR)$(templatesdir)/$$dest; then \
+         echo "$@ will not overwrite existing $(DESTDIR)$(templatesdir)/$$dest"; \
+       else \

Modified: head/net-im/jabberd/files/patch-sm__mod_iq_time.c
==============================================================================
--- head/net-im/jabberd/files/patch-sm__mod_iq_time.c	Mon Oct 22 23:47:03 2018	(r482796)
+++ head/net-im/jabberd/files/patch-sm__mod_iq_time.c	Mon Oct 22 23:47:21 2018	(r482797)
@@ -1,6 +1,6 @@
 --- sm/mod_iq_time.c.orig	2016-02-09 09:47:02 UTC
 +++ sm/mod_iq_time.c
-@@ -77,7 +77,7 @@ static mod_ret_t _iq_time_pkt_sm(mod_ins
+@@ -77,7 +77,7 @@ static mod_ret_t _iq_time_pkt_sm(mod_instance_t mi, pk
  
      datetime_out(t, dt_DATETIME, buf, 64);
      nad_insert_elem(pkt->nad, 2, NAD_ENS(pkt->nad, 1), "utc", buf);

Modified: head/net-im/jabberd/files/patch-storage__authreg_ldapfull.c
==============================================================================
--- head/net-im/jabberd/files/patch-storage__authreg_ldapfull.c	Mon Oct 22 23:47:03 2018	(r482796)
+++ head/net-im/jabberd/files/patch-storage__authreg_ldapfull.c	Mon Oct 22 23:47:21 2018	(r482797)
@@ -9,3 +9,230 @@
  #define _XOPEN_SOURCE 500	// need this to get crypt()
  #include "c2s.h"
  
+@@ -39,6 +41,7 @@
+ 
+ #ifdef HAVE_SSL
+ #include <openssl/rand.h>
++#include <openssl/evp.h>
+ #endif
+ 
+ #include <lber.h>
+@@ -228,13 +231,18 @@ int _ldapfull_base64_decode( const char *src, const un
+     int rc, tlen = 0;
+     int i;
+     unsigned char *text;
++#if OPENSSL_VERSION_NUMBER < 0x10100005L
+     EVP_ENCODE_CTX EVP_ctx;
++#else
++    EVP_ENCODE_CTX *EVP_ctx;
++#endif
+ 
+     text = (unsigned char *)malloc(((strlen(src)+3)/4 * 3) + 1);
+     if (text == NULL) {
+         return 0;
+     }
+ 
++#if OPENSSL_VERSION_NUMBER < 0x10100005L
+     EVP_DecodeInit(&EVP_ctx);
+     rc = EVP_DecodeUpdate(&EVP_ctx, text, &i, (const unsigned char *)src, strlen(src));
+     if (rc < 0) {
+@@ -243,40 +251,69 @@ int _ldapfull_base64_decode( const char *src, const un
+     }
+     tlen+=i;
+     EVP_DecodeFinal(&EVP_ctx, (unsigned char*)text, &i);
++#else
++    EVP_ctx = EVP_ENCODE_CTX_new();
++    EVP_DecodeInit(EVP_ctx);
++    rc = EVP_DecodeUpdate(EVP_ctx, text, &i, (const unsigned char *)src, strlen(src));
++    if (rc < 0) {
++        free(text);
++        EVP_ENCODE_CTX_free(EVP_ctx);
++        return 0;
++    }
++    tlen+=i;
++    EVP_DecodeFinal(EVP_ctx, (unsigned char*)text, &i);
++#endif
+ 
+     *ret = text;
+     if (rlen != NULL) {
+         *rlen = tlen;
+     }
+ 
++#if !(OPENSSL_VERSION_NUMBER < 0x10100005L)
++    EVP_ENCODE_CTX_free(EVP_ctx);
++#endif
+     return 1;
+ }
+ 
+ static int _ldapfull_base64_encode( const unsigned char *src, int srclen, char **ret, int *rlen ) {
+     int tlen = 0;
+     unsigned char *text;
++#if OPENSSL_VERSION_NUMBER < 0x10100005L
+     EVP_ENCODE_CTX EVP_ctx;
++#else
++    EVP_ENCODE_CTX *EVP_ctx;
++#endif
+ 
+     text = (unsigned char *)malloc((srclen*4/3) + 1 );
+     if (text == NULL) {
+         return 0;
+     }
+ 
++#if OPENSSL_VERSION_NUMBER < 0x10100005L
+     EVP_EncodeInit(&EVP_ctx);
+     EVP_EncodeUpdate(&EVP_ctx, text, &tlen, src, srclen);
+     EVP_EncodeFinal(&EVP_ctx, text, &tlen);
++#else
++    EVP_ctx = EVP_ENCODE_CTX_new();
++    EVP_EncodeInit(EVP_ctx);
++    EVP_EncodeUpdate(EVP_ctx, text, &tlen, src, srclen);
++    EVP_EncodeFinal(EVP_ctx, text, &tlen);
++#endif
+ 
+     *ret = (char*)text;
+     if (rlen != NULL) {
+         *rlen = tlen;
+     }
+ 
++#if !(OPENSSL_VERSION_NUMBER < 0x10100005L)
++    EVP_ENCODE_CTX_free(EVP_ctx);
++#endif
+     return 1;
+ }
+ 
+ int _ldapfull_chk_hashed(moddata_t data, const char *scheme, int salted, const char *hash, const char *passwd) {
+     const unsigned char *bhash; // binary hash, will get it from base64
+-    EVP_MD_CTX mdctx;
++    EVP_MD_CTX *mdctx;
+     const EVP_MD *md;
+     unsigned char digest[EVP_MAX_MD_SIZE];
+     int bhlen, rc;
+@@ -289,22 +326,32 @@ int _ldapfull_chk_hashed(moddata_t data, const char *s
+         return 0;
+     }
+ 
+-    EVP_DigestInit(&mdctx, md);
+-    EVP_DigestUpdate(&mdctx, passwd, strlen(passwd));
++#if OPENSSL_VERSION_NUMBER < 0x10100005L
++    mdctx = EVP_MD_CTX_create();
++#else
++    mdctx = EVP_MD_CTX_new();
++#endif
++    EVP_DigestInit(mdctx, md);
++    EVP_DigestUpdate(mdctx, passwd, strlen(passwd));
+     if (salted) {
+-        EVP_DigestUpdate(&mdctx, &bhash[EVP_MD_size(md)],
++        EVP_DigestUpdate(mdctx, &bhash[EVP_MD_size(md)],
+                 bhlen - EVP_MD_size(md));
+     }
+-    EVP_DigestFinal(&mdctx, digest, NULL);
++    EVP_DigestFinal(mdctx, digest, NULL);
+ 
+     rc = memcmp((char *)bhash, (char *)digest, EVP_MD_size(md));
+     free((void*)bhash);
++#if OPENSSL_VERSION_NUMBER < 0x10100005L
++    EVP_MD_CTX_destroy(mdctx);
++#else
++    EVP_MD_CTX_free(mdctx);
++#endif
+     return !rc;
+ }
+ 
+ int _ldapfull_set_hashed(moddata_t data, const char *scheme, const char *prefix, int saltlen, const char *passwd, char *buf, int buflen) {
+     char *hash = 0; // base64 hash
+-    EVP_MD_CTX mdctx;
++    EVP_MD_CTX *mdctx;
+     const EVP_MD *md;
+     unsigned char *digest;
+     unsigned char *salt;
+@@ -316,30 +363,48 @@ int _ldapfull_set_hashed(moddata_t data, const char *s
+     if (!md) {
+         return 0;
+     }
+-    EVP_DigestInit(&mdctx, md);
+-    EVP_DigestUpdate(&mdctx, passwd, strlen(passwd));
++
++#if OPENSSL_VERSION_NUMBER < 0x10100005L
++    mdctx = EVP_MD_CTX_create();
++#else
++    mdctx = EVP_MD_CTX_new();
++#endif
++    EVP_DigestInit(mdctx, md);
++    EVP_DigestUpdate(mdctx, passwd, strlen(passwd));
+     if (saltlen) {
+         salt = (unsigned char *)malloc(saltlen);
+         if( !salt ) {
+-            EVP_MD_CTX_cleanup(&mdctx);
++#if OPENSSL_VERSION_NUMBER < 0x10100005L
++            EVP_MD_CTX_destroy(mdctx);
++#else
++            EVP_MD_CTX_free(mdctx);
++#endif
+             return 0;
+         }
+         if( !RAND_bytes(salt,saltlen) ) {
+-            EVP_MD_CTX_cleanup(&mdctx);
++#if OPENSSL_VERSION_NUMBER < 0x10100005L
++            EVP_MD_CTX_destroy(mdctx);
++#else
++            EVP_MD_CTX_free(mdctx);
++#endif
+             free(salt);
+             return 0;
+         }
+-        EVP_DigestUpdate(&mdctx, salt, saltlen);
++        EVP_DigestUpdate(mdctx, salt, saltlen);
+     }
+     digest = (unsigned char *)malloc(EVP_MD_size(md) + saltlen);
+     if( !digest ) {
+         if (saltlen) {
+             free(salt);
+         }
+-        EVP_MD_CTX_cleanup(&mdctx);
++#if OPENSSL_VERSION_NUMBER < 0x10100005L
++        EVP_MD_CTX_destroy(mdctx);
++#else
++        EVP_MD_CTX_free(mdctx);
++#endif
+         return 0;
+     }
+-    EVP_DigestFinal(&mdctx, digest, &dlen);
++    EVP_DigestFinal(mdctx, digest, &dlen);
+ 
+     memcpy(digest+dlen,salt,saltlen);
+     if (saltlen) {
+@@ -352,6 +417,11 @@ int _ldapfull_set_hashed(moddata_t data, const char *s
+     free(digest);
+     if( !rc ) {
+         free(hash);
++#if OPENSSL_VERSION_NUMBER < 0x10100005L
++        EVP_MD_CTX_destroy(mdctx);
++#else
++        EVP_MD_CTX_free(mdctx);
++#endif
+         return 0;
+     }
+ 
+@@ -359,12 +429,22 @@ int _ldapfull_set_hashed(moddata_t data, const char *s
+     if( hlen + plen >= buflen ) {
+         log_write(data->ar->c2s->log,LOG_ERR,"_ldapfull_set_hashed: buffer is too short (%i bytes)",buflen);
+         free(hash);
++#if OPENSSL_VERSION_NUMBER < 0x10100005L
++        EVP_MD_CTX_destroy(mdctx);
++#else
++        EVP_MD_CTX_free(mdctx);
++#endif
+         return 0;
+     }
+     memcpy(buf,prefix,plen);
+     memcpy(buf+plen,hash,hlen);
+     buf[hlen+plen]='\0';
+     free(hash);
++#if OPENSSL_VERSION_NUMBER < 0x10100005L
++    EVP_MD_CTX_destroy(mdctx);
++#else
++    EVP_MD_CTX_free(mdctx);
++#endif
+ 
+     return 1;
+ }

Added: head/net-im/jabberd/files/patch-sx__ssl.c
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/net-im/jabberd/files/patch-sx__ssl.c	Mon Oct 22 23:47:21 2018	(r482797)
@@ -0,0 +1,115 @@
+--- sx/ssl.c.orig	2016-05-22 16:19:36 UTC
++++ sx/ssl.c
+@@ -70,7 +70,7 @@ static int _sx_ssl_verify_callback(int preverify_ok, X
+      */
+     if (!preverify_ok && (err == X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT))
+     {
+-      X509_NAME_oneline(X509_get_issuer_name(ctx->current_cert), buf, 256);
++      X509_NAME_oneline(X509_get_issuer_name(err_cert), buf, 256);
+       _sx_debug(ZONE, "issuer= %s\n", buf);
+     }
+ 
+@@ -115,12 +115,27 @@ static DH *sx_ssl_make_dh_params(BIGNUM *(*const get_p
+     if (!dh)
+         return NULL;
+ 
++#if OPENSSL_VERSION_NUMBER < 0x10100005L
+     dh->p = get_prime(NULL);
+     BN_dec2bn(&dh->g, gen);
+     if (!dh->p || !dh->g) {
+         DH_free(dh);
+         return NULL;
+     }
++#else
++    {
++        BIGNUM *p, *g = NULL;
++        p = get_prime(NULL);
++        BN_dec2bn(&g, gen);
++
++        if (p == NULL || g == NULL || !DH_set0_pqg(dh, p, NULL, g)) {
++            DH_free(dh);
++            BN_free(p);
++            BN_free(g);
++            return NULL;
++        }
++    }
++#endif
+     return dh;
+ }
+ 
+@@ -134,7 +149,7 @@ static void sx_ssl_free_dh_params(void) {
+ 
+ static DH *_sx_ssl_tmp_dh_callback(SSL *ssl, int export, int keylen) {
+     EVP_PKEY *pkey = SSL_get_privatekey(ssl);
+-    int type = pkey ? EVP_PKEY_type(pkey->type) : EVP_PKEY_NONE;
++    int type = pkey ? EVP_PKEY_base_id(pkey) : EVP_PKEY_NONE;
+     unsigned i;
+ 
+     if (type == EVP_PKEY_RSA || type == EVP_PKEY_DSA)
+@@ -351,7 +366,11 @@ static void _sx_ssl_get_external_id(sx_t s, _sx_ssl_co
+             } else if (altname->type == GEN_DNS) {
+                 len = ASN1_STRING_length(altname->d.dNSName);
+                 sc->external_id[id] = (char *) malloc(sizeof(char) *  (len + 1));
++#if OPENSSL_VERSION_NUMBER < 0x10100005L
+                 memcpy(sc->external_id[id], ASN1_STRING_data(altname->d.dNSName), len);
++#else
++                memcpy(sc->external_id[id], ASN1_STRING_get0_data(altname->d.dNSName), len);
++#endif
+                 sc->external_id[id][len] = '\0'; // just to make sure
+                 _sx_debug(ZONE, "external_id: Found(%d) subjectAltName/dNSName: '%s'", id, sc->external_id[id]);
+                 id++;
+@@ -728,11 +747,15 @@ static void _sx_ssl_client(sx_t s, sx_plugin_t p) {
+     SSL_set_bio(sc->ssl, sc->rbio, sc->wbio);
+     SSL_set_connect_state(sc->ssl);
+     SSL_set_options(sc->ssl, SSL_OP_NO_TICKET);
++#if OPENSSL_VERSION_NUMBER < 0x10100005L
+ #ifdef ENABLE_EXPERIMENTAL
+     SSL_set_ssl_method(sc->ssl, TLSv1_2_client_method());
+ #else
+     SSL_set_ssl_method(sc->ssl, TLSv1_client_method());
+ #endif
++#else
++    SSL_set_ssl_method(sc->ssl, TLS_client_method());
++#endif
+ 
+     /* empty external_id */
+     for (i = 0; i < SX_CONN_EXTERNAL_ID_MAX_COUNT; i++)
+@@ -761,8 +784,8 @@ static void _sx_ssl_client(sx_t s, sx_plugin_t p) {
+         }
+ 
+         /* set callback giving a password for pemfile */
+-        SSL_CTX_set_default_passwd_cb_userdata(sc->ssl->ctx, (void *)pemfile_password);
+-        SSL_CTX_set_default_passwd_cb(sc->ssl->ctx, &_sx_pem_passwd_callback);
++        SSL_CTX_set_default_passwd_cb_userdata(ctx, (void *)pemfile_password);
++        SSL_CTX_set_default_passwd_cb(ctx, &_sx_pem_passwd_callback);
+ 
+         /* load the private key */
+         ret = SSL_use_PrivateKey_file(sc->ssl, pemfile, SSL_FILETYPE_PEM);
+@@ -977,11 +1000,15 @@ int sx_ssl_server_addcert(sx_plugin_t p, const char *n
+     ERR_clear_error();
+ 
+     /* create the context */
++#if OPENSSL_VERSION_NUMBER < 0x10100005L
+ #ifdef ENABLE_EXPERIMENTAL
+     ctx = SSL_CTX_new(TLSv1_2_method());
+ #else
+     ctx = SSL_CTX_new(SSLv23_method());
+ #endif
++#else
++    ctx = SSL_CTX_new(TLS_method());
++#endif
+     if(ctx == NULL) {
+         _sx_debug(ZONE, "ssl context creation failed; %s", ERR_error_string(ERR_get_error(), NULL));
+         return 1;
+@@ -1063,7 +1090,11 @@ int sx_ssl_server_addcert(sx_plugin_t p, const char *n
+     /* try to read DH params from pem file */
+     if((dhparams = sx_ssl_get_DHparams(pemfile))) {
+         SSL_CTX_set_tmp_dh(ctx, dhparams);
++#if OPENSSL_VERSION_NUMBER < 0x10100005L
+         _sx_debug(ZONE, "custom DH parameters loaded from certificate", BN_num_bits(dhparams->p));
++#else
++        _sx_debug(ZONE, "custom DH parameters loaded from certificate", DH_bits(dhparams));
++#endif
+     }
+ 
+     /* try to read ECDH params from pem file */

Modified: head/net-im/jabberd/files/patch-tools__jabberd.in
==============================================================================
--- head/net-im/jabberd/files/patch-tools__jabberd.in	Mon Oct 22 23:47:03 2018	(r482796)
+++ head/net-im/jabberd/files/patch-tools__jabberd.in	Mon Oct 22 23:47:21 2018	(r482797)
@@ -1,16 +1,17 @@
 --- tools/jabberd.in.orig	2016-02-09 09:45:54 UTC
 +++ tools/jabberd.in
-@@ -1,9 +1,4 @@
+@@ -1,10 +1,5 @@
 -#!/bin/sh
 -#-*-Perl-*-
--
++#!/usr/local/bin/perl
+ 
 -exec perl -w -x $0 "$@"
 -
 -#!perl
-+#!/usr/local/bin/perl
- 
+-
  ##############################################################################
  #
+ # jabberd - perl wrapper script to manage launching and controlling the various
 @@ -28,8 +23,7 @@ my $Bin = "@bindir@";
  my $LibExec = "@libexecdir@";
  my $VERSION = "@VERSION@";

Modified: head/net-im/jabberd/files/patch-util_crypt__blowfish.c
==============================================================================
--- head/net-im/jabberd/files/patch-util_crypt__blowfish.c	Mon Oct 22 23:47:03 2018	(r482796)
+++ head/net-im/jabberd/files/patch-util_crypt__blowfish.c	Mon Oct 22 23:47:21 2018	(r482797)
@@ -1,6 +1,6 @@
 --- util/crypt_blowfish.c.orig	2016-05-08 14:30:08 UTC
 +++ util/crypt_blowfish.c
-@@ -1106,7 +1106,7 @@ char *crypt_ra(const char *key, const ch
+@@ -1106,7 +1106,7 @@ char *crypt_ra(const char *key, const char *setting,
  	return _crypt_blowfish_rn(key, setting, (char *)*data, *size);
  }
  



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201810222347.w9MNlLh0001372>