Attachment 197985 Details for Bug 232135 – Fix OpenSSL 1.1.x build

[patch] Fix OpenSSL 1.1.x build

prayer (text/plain), 6.91 KB, created by Nathan on 2018-10-09 23:03:01 UTC

(hide)

Description:

Filename:

MIME Type:

Creator: Nathan

Created: 2018-10-09 23:03:01 UTC

Size: 6.91 KB

patch

obsolete

>mail/prayer: Fix OpenSSL build
>
>PR:		231931
>Submitted by:	Nathan <ndowens@yahoo.com>
>Index: mail/prayer/Makefile
>===================================================================
>--- mail/prayer/Makefile	(revision 481499)
>+++ mail/prayer/Makefile	(working copy)
>@@ -2,7 +2,7 @@
> 
> PORTNAME=	prayer
> PORTVERSION=	1.3.5
>-PORTREVISION=	3
>+PORTREVISION=	4
> CATEGORIES=	mail www
> MASTER_SITES=	ftp://ftp.csx.cam.ac.uk/pub/software/email/prayer/
> 
>Index: mail/prayer/files/patch-lib_ssl.c
>===================================================================
>--- mail/prayer/files/patch-lib_ssl.c	(revision 481499)
>+++ mail/prayer/files/patch-lib_ssl.c	(working copy)
>@@ -1,27 +1,120 @@
> --- lib/ssl.c.orig	2012-06-30 14:30:08 UTC
> +++ lib/ssl.c
>-@@ -78,6 +78,7 @@ static void os_initialize_prng(struct ss
>+@@ -14,6 +14,7 @@
>+ /* Headers files for OpenSSL */
>+ 
>+ #include <openssl/lhash.h>
>++#include <openssl/opensslv.h>
>+ #include <openssl/ssl.h>
>+ #include <openssl/err.h>
>+ #include <openssl/rand.h>
>+@@ -78,17 +79,6 @@ static void os_initialize_prng(struct ssl_config *ssl_
>      int totbytes = 0;
>      int bytes;
>  
>-+#ifndef OPENSSL_NO_EGD
>-     if (ssl_config->egd_socket) {
>-         if ((bytes = RAND_egd(ssl_config->egd_socket)) == -1) {
>-             log_fatal("EGD Socket %s failed", ssl_config->egd_socket);
>-@@ -88,6 +89,7 @@ static void os_initialize_prng(struct ss
>-             goto SEEDED;        /* ditto */
>+-    if (ssl_config->egd_socket) {
>+-        if ((bytes = RAND_egd(ssl_config->egd_socket)) == -1) {
>+-            log_fatal("EGD Socket %s failed", ssl_config->egd_socket);
>+-        } else {
>+-            totbytes += bytes;
>+-            log_debug("Snagged %d random bytes from EGD Socket %s",
>+-                      bytes, ssl_config->egd_socket);
>+-            goto SEEDED;        /* ditto */
>+-        }
>+-    }
>+-
>+     /* Try the good-old default /dev/urandom, if available  */
>+     totbytes += add_rand_file("/dev/urandom");
>+     if (prng_seeded(totbytes)) {
>+@@ -212,6 +202,8 @@ static int new_session_cb(SSL * ssl, SSL_SESSION * ses
>+     unsigned char *data = NULL, *asn;
>+     time_t expire;
>+     int ret = -1;
>++    unsigned int session_id_length;
>++    unsigned char *session_id = SSL_SESSION_get_id(sess, &session_id_length);
>+ 
>+     if (!sess_dbopen)
>+         return 0;
>+@@ -241,8 +233,7 @@ static int new_session_cb(SSL * ssl, SSL_SESSION * ses
>+     if (data && len) {
>+         /* store the session in our database */
>+         do {
>+-            ret = DB->store(sessdb, (void *) sess->session_id,
>+-                            sess->session_id_length,
>++            ret = DB->store(sessdb, (void *) session_id, session_id_length,
>+                             (void *) data, len + sizeof(time_t), NULL);
>          }
>-     }
>-+#endif
>+         while (ret == MYDB_AGAIN);
>+@@ -255,8 +246,8 @@ static int new_session_cb(SSL * ssl, SSL_SESSION * ses
>+     if (ssl_verbose_logging) {
>+         int i;
>+         char idstr[SSL_MAX_SSL_SESSION_ID_LENGTH * 2 + 1];
>+-        for (i = 0; i < sess->session_id_length; i++)
>+-            sprintf(idstr + i * 2, "%02X", sess->session_id[i]);
>++        for (i = 0; i < session_id_length; i++)
>++            sprintf(idstr + i * 2, "%02X", session_id[i]);
>  
>-     /* Try the good-old default /dev/urandom, if available  */
>-     totbytes += add_rand_file("/dev/urandom");
>-@@ -387,7 +389,7 @@ void ssl_context_init(struct ssl_config
>+         log_debug("new SSL session: id=%s, expire=%s, status=%s",
>+                   idstr, ctime(&expire), ret ? "failed" : "ok");
>+@@ -298,7 +289,10 @@ static void remove_session(unsigned char *id, int idle
>+  */
>+ static void remove_session_cb(SSL_CTX * ctx, SSL_SESSION * sess)
>+ {
>+-    remove_session(sess->session_id, sess->session_id_length);
>++    unsigned int session_id_length;
>++    unsigned char *session_id = SSL_SESSION_get_id(sess, &session_id_length);
>++
>++    remove_session(session_id, session_id_length);
>+ }
>+ 
>+ /*
>+@@ -387,16 +381,17 @@ void ssl_context_init(struct ssl_config *ssl_config)
>      SSL_load_error_strings();
>  
>      /* Set up client context: only used by accountd */
>--    client_ctx = SSL_CTX_new(SSLv3_client_method());
>-+    client_ctx = SSL_CTX_new(SSLv23_client_method());
>++#if OPENSSL_VERSION_NUMBER < 0x10100000L
>+     client_ctx = SSL_CTX_new(SSLv3_client_method());
>++#else
>++    client_ctx = SSL_CTX_new(TLS_client_method());
>++#endif
>      SSL_CTX_set_session_cache_mode(client_ctx, SSL_SESS_CACHE_BOTH);
>      SSL_CTX_set_info_callback(client_ctx, info_callback);
>  #ifdef SSL_MODE_AUTO_RETRY
>+     SSL_CTX_set_mode(client_ctx, SSL_MODE_AUTO_RETRY);
>+ #endif
>+ 
>+-    if (SSL_CTX_need_tmp_RSA(client_ctx))
>+-        SSL_CTX_set_tmp_rsa_callback(client_ctx, rsa_callback);
>+-
>+     /* Don't bother with session cache for client side: not enough
>+      * connections to worry about caching */
>+     SSL_CTX_set_session_cache_mode(client_ctx, SSL_SESS_CACHE_OFF);
>+@@ -503,10 +498,6 @@ void ssl_context_init(struct ssl_config *ssl_config)
>+         log_fatal("SSL_CTX_set_options(SSL_OP_CIPHER_SERVER_PREFERENCE)"
>+                   "failed");
>+ 
>+-    /* Set up RSA temporary key callback routine */
>+-    if (SSL_CTX_need_tmp_RSA(server_ctx))
>+-        SSL_CTX_set_tmp_rsa_callback(server_ctx, rsa_callback);
>+-
>+     /* Initialise RSA temporary key (will take a couple of secs to complete) */
>+     ssl_init_rsakey(ssl_config);
>+ }
>+@@ -615,7 +606,7 @@ void *ssl_start_server(int fd, unsigned long timeout)
>+     else
>+         log_debug("SSL: No client certificate");
>+ 
>+-    switch (ssl->session->ssl_version) {
>++    switch (SSL_version(ssl)) {
>+     case SSL2_VERSION:
>+         ver = "SSLv2";
>+         break;
>+@@ -668,7 +659,7 @@ void *ssl_start_client(int fd, unsigned long timeout)
>+ 
>+     /* Verify certificate here? Need local context to play with? */
>+ 
>+-    switch (((SSL *) ssl)->session->ssl_version) {
>++    switch (SSL_version(ssl)) {
>+     case SSL2_VERSION:
>+         ver = "SSLv2";
>+         break;
>Index: mail/prayer/files/patch-shared_config.c
>===================================================================
>--- mail/prayer/files/patch-shared_config.c	(nonexistent)
>+++ mail/prayer/files/patch-shared_config.c	(working copy)
>@@ -0,0 +1,14 @@
>+--- shared/config.c.orig	2012-06-30 14:30:08 UTC
>++++ shared/config.c
>+@@ -455,9 +455,9 @@ static struct {
>+     "draft_att_total_max", config_number, OFFSET(draft_att_total_max)}
>+     , {
>+     "dualuse", config_bool, OFFSET(dualuse)}
>+-    , {
>++    , /*{
>+     "egd_socket", config_path, OFFSET(egd_socket)}
>+-    , {
>++    , */{
>+     "expunge_on_exit", config_bool, OFFSET(expunge_on_exit)}
>+     , {
>+     "fatal_dump_core", config_bool, OFFSET(fatal_dump_core)}
>
>Property changes on: mail/prayer/files/patch-shared_config.c
>___________________________________________________________________
>Added: fbsd:nokeywords
>## -0,0 +1 ##
>+yes
>\ No newline at end of property
>Added: svn:eol-style
>## -0,0 +1 ##
>+native
>\ No newline at end of property
>Added: svn:mime-type
>## -0,0 +1 ##
>+text/plain
>\ No newline at end of property

Flags:

ndowens04: maintainer-approval? (koue)

Actions: View | Diff

Attachments on bug 232135: 197985