Bug 219018 - databases/pgbouncer: Add patch for LibreSSL 2.5 support
Summary: databases/pgbouncer: Add patch for LibreSSL 2.5 support
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: --- Affects Only Me
Assignee: Kurt Jaeger
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2017-05-02 16:16 UTC by Thomas Hurst
Modified: 2017-10-06 19:14 UTC (History)
2 users (show)

See Also:
pi: maintainer-feedback+


Attachments
Patch to 1.7.2_3 (1.39 KB, patch)
2017-05-02 16:16 UTC, Thomas Hurst
no flags Details | Diff
Updated patch (1022 bytes, patch)
2017-05-11 01:10 UTC, Thomas Hurst
no flags Details | Diff
Updated patch 2 (1.04 KB, patch)
2017-05-22 16:52 UTC, Thomas Hurst
no flags Details | Diff
poudriere testport 11.0-RELEASE w/ OpenSSL (27.53 KB, text/plain)
2017-05-22 16:53 UTC, Thomas Hurst
no flags Details
poudriere testport 11.0-RELEASE w/ LibreSSL (28.11 KB, text/plain)
2017-05-22 16:53 UTC, Thomas Hurst
no flags Details

Note You need to log in before you can comment on or make changes to this bug.
Description Thomas Hurst 2017-05-02 16:16:34 UTC
Created attachment 182250 [details]
Patch to 1.7.2_3

LibreSSL 2.5.1 makes many internal symbols private, including those used by pgbouncer to pad out its TLS connection logs with DH/ECDH information.

Fix compilation by adding a version check for < 2.5.1.

Upstream pull request here: https://github.com/libusual/libusual/pull/17
Comment 1 m.tsatsenko 2017-05-09 21:31:12 UTC
Hello,
Thanks for your work. However the patch fails to apply clearly against recent pgbounder port.
Comment 2 Thomas Hurst 2017-05-11 01:10:34 UTC
Created attachment 182494 [details]
Updated patch

Only conflict will have been the version change in the Makefile.

I guess there's no point bumping the port version - it won't change the binary for OpenSSL users, and it won't be building in the first place for users of recent LibreSSL.

Patch updated with just the patch for files/
Comment 3 m.tsatsenko 2017-05-21 22:45:35 UTC
Hello,
Sounds reasonable. 
However the patch is still not perfect since it produces a warning due to undefined LIBRESSL_VERSION_NUMBER.
lib/usual/tls/tls.c:290:38: warning: 'LIBRESSL_VERSION_NUMBER' is not defined, evaluates to 0 [-Wundef]
#if defined(USE_LIBSSL_INTERNALS) && LIBRESSL_VERSION_NUMBER < 0x2050100fL

It is good practice to check if variable is defined before using it.
Comment 4 Thomas Hurst 2017-05-22 16:52:04 UTC
Created attachment 182811 [details]
Updated patch 2

Whoops, serves me right for not having an OpenSSL test set.
Comment 5 Thomas Hurst 2017-05-22 16:53:17 UTC
Created attachment 182812 [details]
poudriere testport 11.0-RELEASE w/ OpenSSL
Comment 6 Thomas Hurst 2017-05-22 16:53:38 UTC
Created attachment 182813 [details]
poudriere testport 11.0-RELEASE w/ LibreSSL
Comment 7 m.tsatsenko 2017-05-24 21:22:31 UTC
Comment on attachment 182811 [details]
Updated patch 2

Approved,
Thanks!
Comment 8 Kurt Jaeger freebsd_committer 2017-10-06 19:14:17 UTC
Committed, thanks!
Comment 9 commit-hook freebsd_committer 2017-10-06 19:14:28 UTC
A commit references this bug:

Author: pi
Date: Fri Oct  6 19:13:47 UTC 2017
New revision: 451403
URL: https://svnweb.freebsd.org/changeset/ports/451403

Log:
  databases/pgbouncer: Add patch for LibreSSL 2.5 support

  PR:		219018
  Submitted by:	Tom Hurst <tom@hur.st>
  Approved by:	m.tsatsenko@gmail.com (maintainer)

Changes:
  head/databases/pgbouncer/files/patch-lib_usual_tls_tls.c