Index: Makefile =================================================================== --- Makefile (revision 434537) +++ Makefile (working copy) @@ -3,7 +3,7 @@ PORTNAME= postfix DISTVERSION= 3.2.0-RC1 -PORTREVISION?= 0 +PORTREVISION?= 1 PORTEPOCH= 5 CATEGORIES= mail ipv6 MASTER_SITES= ftp://ftp.porcupine.org/mirrors/postfix-release/ \ @@ -250,6 +250,10 @@ POSTFIX_DYN_AUXLIBS+= "AUXLIBS_LMDB=-L${LOCALBASE}/lib -llmdb" .endif +.if ${SSL_DEFAULT:Mlibressl-devel} +EXTRA_PATCHES= ${FILESDIR}/extra-patch-src_tls_tls__dh.c +.endif + # sed script for files in ${WRKSRC}/README_FILES ${WRKSRC}/conf ${WRKSRC}/man REINPLACE= s!^PATH=.*!PATH=/bin:/sbin:/usr/bin:/usr/sbin:${PREFIX}/bin:${PREFIX}/sbin!;\ s!(_directory = )/usr/!\1${PREFIX}/!g;\ Index: files/extra-patch-src_tls_tls__dh.c =================================================================== --- files/extra-patch-src_tls_tls__dh.c (revision 0) +++ files/extra-patch-src_tls_tls__dh.c (working copy) @@ -0,0 +1,15 @@ +$OpenBSD: patch-src_tls_tls_dh_c,v 1.2 2017/02/04 22:09:44 sthen Exp $ + +Fix building with LibreSSL + +--- src/tls/tls_dh.c.orig Mon Dec 26 18:47:24 2016 ++++ src/tls/tls_dh.c Sat Feb 4 01:45:39 2017 +@@ -314,7 +314,7 @@ void tls_auto_eecdh_curves(SSL_CTX *ctx) + * This is a NOP in OpenSSL 1.1.0 and later, where curves are always + * auto-negotiated. + */ +-#if OPENSSL_VERSION_NUMBER < 0x10100000UL ++#if OPENSSL_VERSION_NUMBER < 0x10100000UL || defined(LIBRESSL_VERSION_NUMBER) + if (SSL_CTX_set_ecdh_auto(ctx, 1) <= 0) { + msg_warn("failed to enable automatic ECDHE curve selection"); + tls_print_errors(); Property changes on: files/extra-patch-src_tls_tls__dh.c ___________________________________________________________________ Added: fbsd:nokeywords ## -0,0 +1 ## +yes \ No newline at end of property Added: svn:eol-style ## -0,0 +1 ## +native \ No newline at end of property Added: svn:mime-type ## -0,0 +1 ## +text/plain \ No newline at end of property Index: files/patch-makedefs =================================================================== --- files/patch-makedefs (revision 434537) +++ files/patch-makedefs (working copy) @@ -1,6 +1,6 @@ ---- makedefs.orig 2016-06-26 00:02:58 UTC +--- makedefs.orig 2017-02-12 15:32:10 UTC +++ makedefs -@@ -279,6 +279,24 @@ case "$SYSTEM.$RELEASE" in +@@ -284,6 +284,24 @@ case "$SYSTEM.$RELEASE" in : ${SHLIB_ENV="LD_LIBRARY_PATH=`pwd`/lib"} : ${PLUGIN_LD="${CC} -shared"} ;; Index: files/patch-src__util__sys_defs.h =================================================================== --- files/patch-src__util__sys_defs.h (revision 434537) +++ files/patch-src__util__sys_defs.h (working copy) @@ -1,6 +1,6 @@ ---- src/util/sys_defs.h.orig 2016-07-09 20:09:34 UTC +--- src/util/sys_defs.h.orig 2017-02-02 01:31:15 UTC +++ src/util/sys_defs.h -@@ -27,6 +27,7 @@ +@@ -30,6 +30,7 @@ #if defined(FREEBSD2) || defined(FREEBSD3) || defined(FREEBSD4) \ || defined(FREEBSD5) || defined(FREEBSD6) || defined(FREEBSD7) \ || defined(FREEBSD8) || defined(FREEBSD9) || defined(FREEBSD10) \ Index: files/patch-src_posttls-finger_posttls-finger.c =================================================================== --- files/patch-src_posttls-finger_posttls-finger.c (revision 434537) +++ files/patch-src_posttls-finger_posttls-finger.c (working copy) @@ -1,6 +1,6 @@ ---- src/posttls-finger/posttls-finger.c.orig 2016-08-27 20:27:50 UTC +--- src/posttls-finger/posttls-finger.c.orig 2017-02-03 22:43:04 UTC +++ src/posttls-finger/posttls-finger.c -@@ -1511,7 +1511,8 @@ static int finger(STATE *state) +@@ -1513,7 +1513,8 @@ static int finger(STATE *state) return (0); } @@ -10,7 +10,7 @@ /* ssl_cleanup - free memory allocated in the OpenSSL library */ -@@ -1958,7 +1959,8 @@ int main(int argc, char *argv[]) +@@ -1966,7 +1967,8 @@ int main(int argc, char *argv[]) cleanup(&state); /* OpenSSL 1.1.0 and later (de)initialization is implicit */ Index: files/patch-src_tls_tls.h =================================================================== --- files/patch-src_tls_tls.h (revision 434537) +++ files/patch-src_tls_tls.h (working copy) @@ -1,7 +1,7 @@ # fix build against LibreSSL # Obtained from: http://cvsweb.openbsd.org/cgi-bin/cvsweb/ports/mail/postfix/stable/patches/ # ---- src/tls/tls.h.orig 2016-02-06 20:09:41 UTC +--- src/tls/tls.h.orig 2017-01-01 22:22:13 UTC +++ src/tls/tls.h @@ -89,7 +89,7 @@ extern const char *str_tls_level(int); #endif Index: files/patch-src_tls_tls__client.c =================================================================== --- files/patch-src_tls_tls__client.c (revision 434537) +++ files/patch-src_tls_tls__client.c (working copy) @@ -1,4 +1,4 @@ ---- src/tls/tls_client.c.orig 2016-08-27 20:27:50 UTC +--- src/tls/tls_client.c.orig 2017-01-01 22:22:13 UTC +++ src/tls/tls_client.c @@ -299,7 +299,7 @@ TLS_APPL_STATE *tls_client_init(const TL */ @@ -9,7 +9,7 @@ /* * Initialize the OpenSSL library by the book! To start with, we must -@@ -441,7 +441,7 @@ TLS_APPL_STATE *tls_client_init(const TL +@@ -433,7 +433,7 @@ TLS_APPL_STATE *tls_client_init(const TL /* * 2015-12-05: Ephemeral RSA removed from OpenSSL 1.1.0-dev */ Index: files/patch-src_tls_tls__dane.c =================================================================== --- files/patch-src_tls_tls__dane.c (revision 434537) +++ files/patch-src_tls_tls__dane.c (working copy) @@ -1,6 +1,6 @@ ---- src/tls/tls_dane.c.orig 2016-08-27 20:27:50 UTC +--- src/tls/tls_dane.c.orig 2017-01-01 22:22:13 UTC +++ src/tls/tls_dane.c -@@ -2163,7 +2163,7 @@ static SSL_CTX *ctx_init(const char *CAf +@@ -2125,7 +2125,7 @@ static SSL_CTX *ctx_init(const char *CAf tls_param_init(); tls_check_version(); Index: files/patch-src_tls_tls__dh.c =================================================================== --- files/patch-src_tls_tls__dh.c (revision 434537) +++ files/patch-src_tls_tls__dh.c (working copy) @@ -1,48 +0,0 @@ -PR 216732: Fix build with libressl < 2.5.1 -========================================================= ---- src/tls/tls_dh.c.orig 2016-12-26 23:47:24 UTC -+++ src/tls/tls_dh.c -@@ -94,7 +94,7 @@ - #define TLS_INTERNAL - #include - #include --#if OPENSSL_VERSION_NUMBER >= 0x1000200fUL && !defined(OPENSSL_NO_ECDH) -+#if OPENSSL_VERSION_NUMBER >= 0x1000200fUL && !defined(OPENSSL_NO_ECDH) && !defined(LIBRESSL_VERSION_NUMBER) - #include - #endif - -@@ -244,7 +244,7 @@ DH *tls_tmp_dh_cb(SSL *unused_ssl, i - - void tls_auto_eecdh_curves(SSL_CTX *ctx) - { --#if OPENSSL_VERSION_NUMBER >= 0x1000200fUL && !defined(OPENSSL_NO_ECDH) -+#if OPENSSL_VERSION_NUMBER >= 0x1000200fUL && !defined(OPENSSL_NO_ECDH) && !defined(LIBRESSL_VERSION_NUMBER) - SSL_CTX *tmpctx; - int *nids; - int space = 5; -@@ -337,14 +337,14 @@ void tls_set_eecdh_curve(SSL_CTX *ser - #define TLS_EECDH_NONE 1 - #define TLS_EECDH_STRONG 2 - #define TLS_EECDH_ULTRA 3 --#if OPENSSL_VERSION_NUMBER >= 0x1000200fUL -+#if OPENSSL_VERSION_NUMBER >= 0x1000200fUL && !defined(LIBRESSL_VERSION_NUMBER) - #define TLS_EECDH_AUTO 4 - #endif - static NAME_CODE eecdh_table[] = { - "none", TLS_EECDH_NONE, - "strong", TLS_EECDH_STRONG, - "ultra", TLS_EECDH_ULTRA, --#if OPENSSL_VERSION_NUMBER >= 0x1000200fUL -+#if OPENSSL_VERSION_NUMBER >= 0x1000200fUL && !defined(LIBRESSL_VERSION_NUMBER) - "auto", TLS_EECDH_AUTO, - #endif - 0, TLS_EECDH_INVALID, -@@ -364,7 +364,7 @@ void tls_set_eecdh_curve(SSL_CTX *ser - case TLS_EECDH_ULTRA: - curve = var_tls_eecdh_ultra; - break; --#if OPENSSL_VERSION_NUMBER >= 0x1000200fUL -+#if OPENSSL_VERSION_NUMBER >= 0x1000200fUL && !defined(LIBRESSL_VERSION_NUMBER) - case TLS_EECDH_AUTO: - tls_auto_eecdh_curves(server_ctx); - return; Index: files/patch-src_tls_tls__server.c =================================================================== --- files/patch-src_tls_tls__server.c (revision 434537) +++ files/patch-src_tls_tls__server.c (working copy) @@ -1,4 +1,4 @@ ---- src/tls/tls_server.c.orig 2016-08-27 20:27:50 UTC +--- src/tls/tls_server.c.orig 2017-01-01 22:22:13 UTC +++ src/tls/tls_server.c @@ -174,7 +174,7 @@ static const char server_session_id_cont #endif /* OPENSSL_VERSION_NUMBER */ @@ -18,7 +18,7 @@ /* * Initialize the OpenSSL library by the book! To start with, we must -@@ -588,7 +588,7 @@ TLS_APPL_STATE *tls_server_init(const TL +@@ -580,7 +580,7 @@ TLS_APPL_STATE *tls_server_init(const TL /* * 2015-12-05: Ephemeral RSA removed from OpenSSL 1.1.0-dev */