From owner-svn-ports-all@freebsd.org  Tue Jul 25 12:31:04 2017
Return-Path: <owner-svn-ports-all@freebsd.org>
Delivered-To: svn-ports-all@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id E3D8AC7B185;
 Tue, 25 Jul 2017 12:31:04 +0000 (UTC)
 (envelope-from brnrd@FreeBSD.org)
Received: from repo.freebsd.org (repo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:0])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id A6D1A74EBB;
 Tue, 25 Jul 2017 12:31:04 +0000 (UTC)
 (envelope-from brnrd@FreeBSD.org)
Received: from repo.freebsd.org ([127.0.1.37])
 by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id v6PCV359074823;
 Tue, 25 Jul 2017 12:31:03 GMT (envelope-from brnrd@FreeBSD.org)
Received: (from brnrd@localhost)
 by repo.freebsd.org (8.15.2/8.15.2/Submit) id v6PCV34k074821;
 Tue, 25 Jul 2017 12:31:03 GMT (envelope-from brnrd@FreeBSD.org)
Message-Id: <201707251231.v6PCV34k074821@repo.freebsd.org>
X-Authentication-Warning: repo.freebsd.org: brnrd set sender to
 brnrd@FreeBSD.org using -f
From: Bernard Spil <brnrd@FreeBSD.org>
Date: Tue, 25 Jul 2017 12:31:03 +0000 (UTC)
To: ports-committers@freebsd.org, svn-ports-all@freebsd.org,
 svn-ports-head@freebsd.org
Subject: svn commit: r446578 - in head/net/haproxy-devel: . files
X-SVN-Group: ports-head
X-SVN-Commit-Author: brnrd
X-SVN-Commit-Paths: in head/net/haproxy-devel: . files
X-SVN-Commit-Revision: 446578
X-SVN-Commit-Repository: ports
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-BeenThere: svn-ports-all@freebsd.org
X-Mailman-Version: 2.1.23
Precedence: list
List-Id: SVN commit messages for the ports tree <svn-ports-all.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/svn-ports-all>,
 <mailto:svn-ports-all-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-ports-all/>
List-Post: <mailto:svn-ports-all@freebsd.org>
List-Help: <mailto:svn-ports-all-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/svn-ports-all>,
 <mailto:svn-ports-all-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 25 Jul 2017 12:31:05 -0000

Author: brnrd
Date: Tue Jul 25 12:31:03 2017
New Revision: 446578
URL: https://svnweb.freebsd.org/changeset/ports/446578

Log:
  net/haproxy-devel: Fix build with LibreSSL
  
  PR:		219272
  Approved by:	maintainer timeout

Added:
  head/net/haproxy-devel/files/patch-src_ssl__sock.c   (contents, props changed)
Modified:
  head/net/haproxy-devel/Makefile

Modified: head/net/haproxy-devel/Makefile
==============================================================================
--- head/net/haproxy-devel/Makefile	Tue Jul 25 12:27:58 2017	(r446577)
+++ head/net/haproxy-devel/Makefile	Tue Jul 25 12:31:03 2017	(r446578)
@@ -3,6 +3,7 @@
 
 PORTNAME=	haproxy
 DISTVERSION=	1.8-dev2
+PORTREVISION=	1
 CATEGORIES=	net www
 MASTER_SITES=	http://www.haproxy.org/download/1.8/src/devel/
 PKGNAMESUFFIX=	-devel

Added: head/net/haproxy-devel/files/patch-src_ssl__sock.c
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/net/haproxy-devel/files/patch-src_ssl__sock.c	Tue Jul 25 12:31:03 2017	(r446578)
@@ -0,0 +1,120 @@
+--- src/ssl_sock.c.orig	2017-06-02 13:59:51 UTC
++++ src/ssl_sock.c
+@@ -56,7 +56,7 @@
+ #include <openssl/engine.h>
+ #endif
+ 
+-#if OPENSSL_VERSION_NUMBER >= 0x1010000fL
++#if (OPENSSL_VERSION_NUMBER >= 0x1010000fL) && !defined(LIBRESSL_VERSION_NUMBER)
+ #include <openssl/async.h>
+ #endif
+ 
+@@ -362,7 +362,7 @@ fail_get:
+ }
+ #endif
+ 
+-#if OPENSSL_VERSION_NUMBER >= 0x1010000fL
++#if (OPENSSL_VERSION_NUMBER >= 0x1010000fL) && !defined(LIBRESSL_VERSION_NUMBER)
+ /*
+  * openssl async fd handler
+  */
+@@ -1034,10 +1034,13 @@ static int ssl_sock_load_ocsp(SSL_CTX *c
+ 		ocsp = NULL;
+ 
+ #ifndef SSL_CTX_get_tlsext_status_cb
+-# define SSL_CTX_get_tlsext_status_cb(ctx, cb) \
+-	*cb = (void (*) (void))ctx->tlsext_status_cb;
++#ifndef SSL_CTRL_GET_TLSEXT_STATUS_REQ_CB
++#define SSL_CTRL_GET_TLSEXT_STATUS_REQ_CB 128
+ #endif
++	callback = SSL_CTX_ctrl(ctx, SSL_CTRL_GET_TLSEXT_STATUS_REQ_CB, 0, callback);
++#else
+ 	SSL_CTX_get_tlsext_status_cb(ctx, &callback);
++#endif
+ 
+ 	if (!callback) {
+ 		struct ocsp_cbk_arg *cb_arg = calloc(1, sizeof(*cb_arg));
+@@ -1063,7 +1066,10 @@ static int ssl_sock_load_ocsp(SSL_CTX *c
+ 		int key_type;
+ 		EVP_PKEY *pkey;
+ 
+-#ifdef SSL_CTX_get_tlsext_status_arg
++#if defined(SSL_CTX_get_tlsext_status_arg) || (LIBRESSL_VERSION_NUMBER >= 0x2050100fL)
++#ifndef SSL_CTRL_GET_TLSEXT_STATUS_REQ_CB_ARG
++#define SSL_CTRL_GET_TLSEXT_STATUS_REQ_CB_ARG 129
++#endif
+ 		SSL_CTX_ctrl(ctx, SSL_CTRL_GET_TLSEXT_STATUS_REQ_CB_ARG, 0, &cb_arg);
+ #else
+ 		cb_arg = ctx->tlsext_status_arg;
+@@ -3403,7 +3409,7 @@ int ssl_sock_load_cert_list_file(char *f
+ #define SSL_MODE_SMALL_BUFFERS 0
+ #endif
+ 
+-#if (OPENSSL_VERSION_NUMBER < 0x1010000fL) && !defined(OPENSSL_IS_BORINGSSL)
++#if (OPENSSL_VERSION_NUMBER < 0x1010000fL) && !defined(OPENSSL_IS_BORINGSSL) || defined(LIBRESSL_VERSION_NUMBER)
+ static void ssl_set_SSLv3_func(SSL_CTX *ctx, int is_server)
+ {
+ #if SSL_OP_NO_SSLv3
+@@ -3560,7 +3566,7 @@ ssl_sock_initial_ctx(struct bind_conf *b
+ 		options &= ~SSL_OP_CIPHER_SERVER_PREFERENCE;
+ 	SSL_CTX_set_options(ctx, options);
+ 
+-#if OPENSSL_VERSION_NUMBER >= 0x1010000fL
++#if (OPENSSL_VERSION_NUMBER >= 0x1010000fL) && !defined(LIBRESSL_VERSION_NUMBER)
+ 	if (global_ssl.async)
+ 		mode |= SSL_MODE_ASYNC;
+ #endif
+@@ -4010,7 +4016,7 @@ int ssl_sock_prepare_srv_ctx(struct serv
+ 		options |= SSL_OP_NO_TICKET;
+ 	SSL_CTX_set_options(ctx, options);
+ 
+-#if OPENSSL_VERSION_NUMBER >= 0x1010000fL
++#if (OPENSSL_VERSION_NUMBER >= 0x1010000fL) && !defined(LIBRESSL_VERSION_NUMBER)
+ 	if (global_ssl.async)
+ 		mode |= SSL_MODE_ASYNC;
+ #endif
+@@ -4526,7 +4532,7 @@ int ssl_sock_handshake(struct connection
+ 				fd_cant_recv(conn->t.sock.fd);
+ 				return 0;
+ 			}
+-#if OPENSSL_VERSION_NUMBER >= 0x1010000fL
++#if (OPENSSL_VERSION_NUMBER >= 0x1010000fL) && !defined(LIBRESSL_VERSION_NUMBER)
+ 			else if (ret == SSL_ERROR_WANT_ASYNC) {
+ 				ssl_async_process_fds(conn, conn->xprt_ctx);
+ 				return 0;
+@@ -4610,7 +4616,7 @@ int ssl_sock_handshake(struct connection
+ 			fd_cant_recv(conn->t.sock.fd);
+ 			return 0;
+ 		}
+-#if OPENSSL_VERSION_NUMBER >= 0x1010000fL
++#if (OPENSSL_VERSION_NUMBER >= 0x1010000fL) && !defined(LIBRESSL_VERSION_NUMBER)
+ 		else if (ret == SSL_ERROR_WANT_ASYNC) {
+ 			ssl_async_process_fds(conn, conn->xprt_ctx);
+ 			return 0;
+@@ -4802,7 +4808,7 @@ static int ssl_sock_to_buf(struct connec
+ 				fd_cant_recv(conn->t.sock.fd);
+ 				break;
+ 			}
+-#if OPENSSL_VERSION_NUMBER >= 0x1010000fL
++#if (OPENSSL_VERSION_NUMBER >= 0x1010000fL) && !defined(LIBRESSL_VERSION_NUMBER)
+ 			else if (ret == SSL_ERROR_WANT_ASYNC) {
+ 				ssl_async_process_fds(conn, conn->xprt_ctx);
+ 				break;
+@@ -4910,7 +4916,7 @@ static int ssl_sock_from_buf(struct conn
+ 				__conn_sock_want_recv(conn);
+ 				break;
+ 			}
+-#if OPENSSL_VERSION_NUMBER >= 0x1010000fL
++#if (OPENSSL_VERSION_NUMBER >= 0x1010000fL) && !defined(LIBRESSL_VERSION_NUMBER)
+ 			else if (ret == SSL_ERROR_WANT_ASYNC) {
+ 				ssl_async_process_fds(conn, conn->xprt_ctx);
+ 				break;
+@@ -4933,7 +4939,7 @@ static int ssl_sock_from_buf(struct conn
+ static void ssl_sock_close(struct connection *conn) {
+ 
+ 	if (conn->xprt_ctx) {
+-#if OPENSSL_VERSION_NUMBER >= 0x1010000fL
++#if (OPENSSL_VERSION_NUMBER >= 0x1010000fL) && !defined(LIBRESSL_VERSION_NUMBER)
+ 		if (global_ssl.async) {
+ 			OSSL_ASYNC_FD all_fd[32], afd;
+ 			size_t num_all_fds = 0;