Bug 196256

Summary: www/apache22: Unbreak build with LibreSSL
Product: Ports & Packages Reporter: Bernard Spil <brnrd>
Component: Individual Port(s)Assignee: freebsd-apache mailing list <apache>
Status: Closed FIXED    
Severity: Affects Some People CC: apache, feld
Priority: --- Keywords: needs-qa, patch
Version: LatestFlags: koobs: maintainer-feedback? (apache)
Hardware: Any   
OS: Any   
Attachments:
Description Flags
Patch for apache22 to build cleanly with LibreSSL
none
svn diff www/apache22
none
Poudriere build log with latest patch none

Description Bernard Spil freebsd_committer 2014-12-24 17:55:41 UTC
Created attachment 150943 [details]
Patch for apache22 to build cleanly with LibreSSL

Apache 2.2 (and 2.4) can not be built when LibreSSL is used as SSL library.
LibreSSL has (amongst others)
  - removed RAND_egd
  - removed CHIL engine
  - added SSL_CTX_use_certificate_chain
  - removed compression for SSL and TLS
this leads to build failures for missing and redefining functions. This patch fixes these errors by
  - adding a check for RAND_egd and SSL_CTX_use_certificate_chain
  - make Apache pick up the SSL_NO_COMP define (OpenSSL sets OPENSSL_NO_COMP)
  - using an already available define for CHIL
  - using defines for the added checks

See https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=196139 for the Apache24 patch
Comment 1 Mark Felder freebsd_committer 2015-02-26 20:48:15 UTC
Are there any concerns about this patch? It appears to do everything that #196139 did for Apache 2.4, which was already committed.

Any objections to committing this?
Comment 2 Mark Felder freebsd_committer 2015-02-27 19:20:49 UTC
This patch is for apache directly -- not the port. It also doesn't apply cleanly:

root@skeletor:/usr/ports/www/apache22/work/httpd-2.2.29 # patch -p0 < ../../patch
Hmm...  Looks like a unified diff to me...
The text leading up to this was:
--------------------------
|--- acinclude.m4       2012-07-06 17:23:21.000000000 +0200
|+++ acinclude.m4       2014-12-24 12:14:22.207357460 +0100
--------------------------
Patching file acinclude.m4 using Plan A...
Hunk #1 succeeded at 454.
Hmm...  The next patch looks like a unified diff to me...
The text leading up to this was:
--------------------------
|--- configure  2014-08-22 19:54:19.000000000 +0200
|+++ configure  2014-12-24 12:20:30.867335396 +0100
--------------------------
Patching file configure using Plan A...
Hunk #1 succeeded at 13841.
Hmm...  The next patch looks like a unified diff to me...
The text leading up to this was:
--------------------------
|--- include/ap_config_auto.h.in        2014-08-22 19:54:18.000000000 +0200
|+++ include/ap_config_auto.h.in        2014-12-24 12:38:06.864258210 +0100
--------------------------
Patching file include/ap_config_auto.h.in using Plan A...
Hunk #1 succeeded at 109.
Hunk #2 succeeded at 130.
Hmm...  The next patch looks like a unified diff to me...
The text leading up to this was:
--------------------------
|--- modules/ssl/ssl_engine_init.c      2014-07-16 08:04:38.000000000 +0200
|+++ modules/ssl/ssl_engine_init.c      2014-12-24 12:42:00.248249930 +0100
--------------------------
Patching file modules/ssl/ssl_engine_init.c using Plan A...
Hunk #1 succeeded at 406.



Can we get an updated patch ?


Thanks!
Comment 3 Bernard Spil freebsd_committer 2015-02-28 10:09:21 UTC
Created attachment 153608 [details]
svn diff  www/apache22

Re-rolled the patch
Comment 4 Bernard Spil freebsd_committer 2015-02-28 10:09:48 UTC
Created attachment 153609 [details]
Poudriere build log with latest patch
Comment 5 Mark Felder freebsd_committer 2015-02-28 14:18:28 UTC
I can successfully serve SSL with both OpenSSL and LibreSSL builds. Looks good.
Comment 6 commit-hook freebsd_committer 2015-03-01 17:42:10 UTC
A commit references this bug:

Author: feld
Date: Sun Mar  1 17:41:45 UTC 2015
New revision: 380216
URL: https://svnweb.freebsd.org/changeset/ports/380216

Log:
  Unbreak build with LibreSSL

  PR:		196256

Changes:
  head/www/apache22/files/patch-acinclude.m4
  head/www/apache22/files/patch-configure
  head/www/apache22/files/patch-include__ap_config_auto.h.in
  head/www/apache22/files/patch-modules__ssl__ssl_engine_init.c
  head/www/apache22/files/patch-modules__ssl__ssl_engine_rand.c
  head/www/apache22/files/patch-modules__ssl__ssl_engine_vars.c
  head/www/apache22/files/patch-modules__ssl__ssl_util_ssl.c
  head/www/apache22/files/patch-modules__ssl__ssl_util_ssl.h