FreeBSD Bugzilla – Attachment 191847 Details for
Bug 226956
net/haproxy: Fix build with OpenSSL 1.1 & LibreSSL 2.7
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
svn diff for net/haproxy
patch-net_haproxy-LibreSSL2.7 (text/plain), 3.95 KB, created by
Bernard Spil
on 2018-03-26 19:29:13 UTC
(
hide
)
Description:
svn diff for net/haproxy
Filename:
MIME Type:
Creator:
Bernard Spil
Created:
2018-03-26 19:29:13 UTC
Size:
3.95 KB
patch
obsolete
>Index: net/haproxy/files/patch-include_proto_openssl-compat.h >=================================================================== >--- net/haproxy/files/patch-include_proto_openssl-compat.h (nonexistent) >+++ net/haproxy/files/patch-include_proto_openssl-compat.h (working copy) >@@ -0,0 +1,12 @@ >+--- include/proto/openssl-compat.h.orig 2018-01-02 14:14:08 UTC >++++ include/proto/openssl-compat.h >+@@ -89,7 +89,8 @@ static inline int SSL_SESSION_set1_id_co >+ } >+ #endif >+ >+-#if (OPENSSL_VERSION_NUMBER < 0x1010000fL) || defined(LIBRESSL_VERSION_NUMBER) >++#if (OPENSSL_VERSION_NUMBER < 0x1010000fL) || \ >++ (defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x20700000L) >+ /* >+ * Functions introduced in OpenSSL 1.1.0 and not yet present in LibreSSL >+ */ > >Property changes on: net/haproxy/files/patch-include_proto_openssl-compat.h >___________________________________________________________________ >Added: fbsd:nokeywords >## -0,0 +1 ## >+yes >\ No newline at end of property >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Index: net/haproxy/files/patch-src_ssl__sock.c >=================================================================== >--- net/haproxy/files/patch-src_ssl__sock.c (revision 465626) >+++ net/haproxy/files/patch-src_ssl__sock.c (working copy) >@@ -1,4 +1,4 @@ >---- src/ssl_sock.c.orig 2017-07-07 09:49:34 UTC >+--- src/ssl_sock.c.orig 2018-01-02 14:14:08 UTC > +++ src/ssl_sock.c > @@ -794,8 +794,11 @@ static int ssl_sock_load_ocsp(SSL_CTX *c > ocsp = NULL; >@@ -25,6 +25,24 @@ > SSL_CTX_ctrl(ctx, SSL_CTRL_GET_TLSEXT_STATUS_REQ_CB_ARG, 0, &cb_arg); > #else > cb_arg = ctx->tlsext_status_arg; >+@@ -1142,7 +1148,7 @@ void ssl_sock_msgcbk(int write_p, int ve >+ #endif >+ } >+ >+-#ifdef OPENSSL_NPN_NEGOTIATED >++#if defined(OPENSSL_NPN_NEGOTIATED) && !defined(OPENSSL_NO_NEXTPROTONEG) >+ /* This callback is used so that the server advertises the list of >+ * negociable protocols for NPN. >+ */ >+@@ -2870,7 +2876,7 @@ int ssl_sock_prepare_ctx(struct bind_con >+ SSL_CTX_set_msg_callback(ctx, ssl_sock_msgcbk); >+ #endif >+ >+-#ifdef OPENSSL_NPN_NEGOTIATED >++#if defined(OPENSSL_NPN_NEGOTIATED) && !defined(OPENSSL_NO_NEXTPROTONEG) >+ if (bind_conf->npn_str) >+ SSL_CTX_set_next_protos_advertised_cb(ctx, ssl_sock_advertise_npn_protos, bind_conf); >+ #endif > @@ -3539,7 +3545,7 @@ int ssl_sock_handshake(struct connection > OSSL_HANDSHAKE_STATE state = SSL_get_state((SSL *)conn->xprt_ctx); > empty_handshake = state == TLS_ST_BEFORE; >@@ -43,3 +61,30 @@ > #endif > if (empty_handshake) { > if (!errno) { >+@@ -4886,7 +4892,7 @@ smp_fetch_ssl_fc_use_keysize(const struc >+ return 1; >+ } >+ >+-#ifdef OPENSSL_NPN_NEGOTIATED >++#if defined(OPENSSL_NPN_NEGOTIATED) && !defined(OPENSSL_NO_NEXTPROTONEG) >+ static int >+ smp_fetch_ssl_fc_npn(const struct arg *args, struct sample *smp, const char *kw, void *private) >+ { >+@@ -5413,7 +5419,7 @@ static int bind_parse_no_tlsv12(char **a >+ /* parse the "npn" bind keyword */ >+ static int bind_parse_npn(char **args, int cur_arg, struct proxy *px, struct bind_conf *conf, char **err) >+ { >+-#ifdef OPENSSL_NPN_NEGOTIATED >++#if defined(OPENSSL_NPN_NEGOTIATED) && !defined(OPENSSL_NO_NEXTPROTONEG) >+ char *p1, *p2; >+ >+ if (!*args[cur_arg + 1]) { >+@@ -6313,7 +6319,7 @@ static struct sample_fetch_kw_list sampl >+ { "ssl_fc_has_crt", smp_fetch_ssl_fc_has_crt, 0, NULL, SMP_T_BOOL, SMP_USE_L5CLI }, >+ { "ssl_fc_has_sni", smp_fetch_ssl_fc_has_sni, 0, NULL, SMP_T_BOOL, SMP_USE_L5CLI }, >+ { "ssl_fc_is_resumed", smp_fetch_ssl_fc_is_resumed, 0, NULL, SMP_T_BOOL, SMP_USE_L5CLI }, >+-#ifdef OPENSSL_NPN_NEGOTIATED >++#if defined(OPENSSL_NPN_NEGOTIATED) && !defined(OPENSSL_NO_NEXTPROTONEG) >+ { "ssl_fc_npn", smp_fetch_ssl_fc_npn, 0, NULL, SMP_T_STR, SMP_USE_L5CLI }, >+ #endif >+ #ifdef TLSEXT_TYPE_application_layer_protocol_negotiation
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=191847">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 226956
: 191847 |
192967
|
195694
|
195695