Created attachment 150943 [details] Patch for apache22 to build cleanly with LibreSSL Apache 2.2 (and 2.4) can not be built when LibreSSL is used as SSL library. LibreSSL has (amongst others) - removed RAND_egd - removed CHIL engine - added SSL_CTX_use_certificate_chain - removed compression for SSL and TLS this leads to build failures for missing and redefining functions. This patch fixes these errors by - adding a check for RAND_egd and SSL_CTX_use_certificate_chain - make Apache pick up the SSL_NO_COMP define (OpenSSL sets OPENSSL_NO_COMP) - using an already available define for CHIL - using defines for the added checks See https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=196139 for the Apache24 patch
Are there any concerns about this patch? It appears to do everything that #196139 did for Apache 2.4, which was already committed. Any objections to committing this?
This patch is for apache directly -- not the port. It also doesn't apply cleanly: root@skeletor:/usr/ports/www/apache22/work/httpd-2.2.29 # patch -p0 < ../../patch Hmm... Looks like a unified diff to me... The text leading up to this was: -------------------------- |--- acinclude.m4 2012-07-06 17:23:21.000000000 +0200 |+++ acinclude.m4 2014-12-24 12:14:22.207357460 +0100 -------------------------- Patching file acinclude.m4 using Plan A... Hunk #1 succeeded at 454. Hmm... The next patch looks like a unified diff to me... The text leading up to this was: -------------------------- |--- configure 2014-08-22 19:54:19.000000000 +0200 |+++ configure 2014-12-24 12:20:30.867335396 +0100 -------------------------- Patching file configure using Plan A... Hunk #1 succeeded at 13841. Hmm... The next patch looks like a unified diff to me... The text leading up to this was: -------------------------- |--- include/ap_config_auto.h.in 2014-08-22 19:54:18.000000000 +0200 |+++ include/ap_config_auto.h.in 2014-12-24 12:38:06.864258210 +0100 -------------------------- Patching file include/ap_config_auto.h.in using Plan A... Hunk #1 succeeded at 109. Hunk #2 succeeded at 130. Hmm... The next patch looks like a unified diff to me... The text leading up to this was: -------------------------- |--- modules/ssl/ssl_engine_init.c 2014-07-16 08:04:38.000000000 +0200 |+++ modules/ssl/ssl_engine_init.c 2014-12-24 12:42:00.248249930 +0100 -------------------------- Patching file modules/ssl/ssl_engine_init.c using Plan A... Hunk #1 succeeded at 406. Can we get an updated patch ? Thanks!
Created attachment 153608 [details] svn diff www/apache22 Re-rolled the patch
Created attachment 153609 [details] Poudriere build log with latest patch
I can successfully serve SSL with both OpenSSL and LibreSSL builds. Looks good.
A commit references this bug: Author: feld Date: Sun Mar 1 17:41:45 UTC 2015 New revision: 380216 URL: https://svnweb.freebsd.org/changeset/ports/380216 Log: Unbreak build with LibreSSL PR: 196256 Changes: head/www/apache22/files/patch-acinclude.m4 head/www/apache22/files/patch-configure head/www/apache22/files/patch-include__ap_config_auto.h.in head/www/apache22/files/patch-modules__ssl__ssl_engine_init.c head/www/apache22/files/patch-modules__ssl__ssl_engine_rand.c head/www/apache22/files/patch-modules__ssl__ssl_engine_vars.c head/www/apache22/files/patch-modules__ssl__ssl_util_ssl.c head/www/apache22/files/patch-modules__ssl__ssl_util_ssl.h