svn commit: r484539 - in head/mail/prayer: . files

Steve Wills swills at FreeBSD.org
Fri Nov 9 19:24:39 UTC 2018 

Author: swills
Date: Fri Nov  9 19:24:37 2018
New Revision: 484539
URL: https://svnweb.freebsd.org/changeset/ports/484539

Log:
  mail/prayer: Fix OpenSSL builds
  
  PR:		232135
  Submitted by:	Nathan <ndowens at yahoo.com>
  Approved by:	Nikola Kolev <koue at chaosophia.net> (maintainer)

Added:
  head/mail/prayer/files/patch-shared_config.c   (contents, props changed)
Modified:
  head/mail/prayer/Makefile   (contents, props changed)
  head/mail/prayer/files/patch-lib_ssl.c   (contents, props changed)

Modified: head/mail/prayer/Makefile
==============================================================================
--- head/mail/prayer/Makefile	Fri Nov  9 19:18:35 2018	(r484538)
+++ head/mail/prayer/Makefile	Fri Nov  9 19:24:37 2018	(r484539)
@@ -2,7 +2,7 @@
 
 PORTNAME=	prayer
 PORTVERSION=	1.3.5
-PORTREVISION=	3
+PORTREVISION=	4
 CATEGORIES=	mail www
 MASTER_SITES=	ftp://ftp.csx.cam.ac.uk/pub/software/email/prayer/
 

Modified: head/mail/prayer/files/patch-lib_ssl.c
==============================================================================
--- head/mail/prayer/files/patch-lib_ssl.c	Fri Nov  9 19:18:35 2018	(r484538)
+++ head/mail/prayer/files/patch-lib_ssl.c	Fri Nov  9 19:24:37 2018	(r484539)
@@ -1,27 +1,120 @@
 --- lib/ssl.c.orig	2012-06-30 14:30:08 UTC
 +++ lib/ssl.c
-@@ -78,6 +78,7 @@ static void os_initialize_prng(struct ss
+@@ -14,6 +14,7 @@
+ /* Headers files for OpenSSL */
+ 
+ #include <openssl/lhash.h>
++#include <openssl/opensslv.h>
+ #include <openssl/ssl.h>
+ #include <openssl/err.h>
+ #include <openssl/rand.h>
+@@ -78,17 +79,6 @@ static void os_initialize_prng(struct ssl_config *ssl_
      int totbytes = 0;
      int bytes;
  
-+#ifndef OPENSSL_NO_EGD
-     if (ssl_config->egd_socket) {
-         if ((bytes = RAND_egd(ssl_config->egd_socket)) == -1) {
-             log_fatal("EGD Socket %s failed", ssl_config->egd_socket);
-@@ -88,6 +89,7 @@ static void os_initialize_prng(struct ss
-             goto SEEDED;        /* ditto */
-         }
-     }
-+#endif
- 
+-    if (ssl_config->egd_socket) {
+-        if ((bytes = RAND_egd(ssl_config->egd_socket)) == -1) {
+-            log_fatal("EGD Socket %s failed", ssl_config->egd_socket);
+-        } else {
+-            totbytes += bytes;
+-            log_debug("Snagged %d random bytes from EGD Socket %s",
+-                      bytes, ssl_config->egd_socket);
+-            goto SEEDED;        /* ditto */
+-        }
+-    }
+-
      /* Try the good-old default /dev/urandom, if available  */
      totbytes += add_rand_file("/dev/urandom");
-@@ -387,7 +389,7 @@ void ssl_context_init(struct ssl_config
+     if (prng_seeded(totbytes)) {
+@@ -212,6 +202,8 @@ static int new_session_cb(SSL * ssl, SSL_SESSION * ses
+     unsigned char *data = NULL, *asn;
+     time_t expire;
+     int ret = -1;
++    unsigned int session_id_length;
++    unsigned char *session_id = SSL_SESSION_get_id(sess, &session_id_length);
+ 
+     if (!sess_dbopen)
+         return 0;
+@@ -241,8 +233,7 @@ static int new_session_cb(SSL * ssl, SSL_SESSION * ses
+     if (data && len) {
+         /* store the session in our database */
+         do {
+-            ret = DB->store(sessdb, (void *) sess->session_id,
+-                            sess->session_id_length,
++            ret = DB->store(sessdb, (void *) session_id, session_id_length,
+                             (void *) data, len + sizeof(time_t), NULL);
+         }
+         while (ret == MYDB_AGAIN);
+@@ -255,8 +246,8 @@ static int new_session_cb(SSL * ssl, SSL_SESSION * ses
+     if (ssl_verbose_logging) {
+         int i;
+         char idstr[SSL_MAX_SSL_SESSION_ID_LENGTH * 2 + 1];
+-        for (i = 0; i < sess->session_id_length; i++)
+-            sprintf(idstr + i * 2, "%02X", sess->session_id[i]);
++        for (i = 0; i < session_id_length; i++)
++            sprintf(idstr + i * 2, "%02X", session_id[i]);
+ 
+         log_debug("new SSL session: id=%s, expire=%s, status=%s",
+                   idstr, ctime(&expire), ret ? "failed" : "ok");
+@@ -298,7 +289,10 @@ static void remove_session(unsigned char *id, int idle
+  */
+ static void remove_session_cb(SSL_CTX * ctx, SSL_SESSION * sess)
+ {
+-    remove_session(sess->session_id, sess->session_id_length);
++    unsigned int session_id_length;
++    unsigned char *session_id = SSL_SESSION_get_id(sess, &session_id_length);
++
++    remove_session(session_id, session_id_length);
+ }
+ 
+ /*
+@@ -387,16 +381,17 @@ void ssl_context_init(struct ssl_config *ssl_config)
      SSL_load_error_strings();
  
      /* Set up client context: only used by accountd */
--    client_ctx = SSL_CTX_new(SSLv3_client_method());
-+    client_ctx = SSL_CTX_new(SSLv23_client_method());
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
+     client_ctx = SSL_CTX_new(SSLv3_client_method());
++#else
++    client_ctx = SSL_CTX_new(TLS_client_method());
++#endif
      SSL_CTX_set_session_cache_mode(client_ctx, SSL_SESS_CACHE_BOTH);
      SSL_CTX_set_info_callback(client_ctx, info_callback);
  #ifdef SSL_MODE_AUTO_RETRY
+     SSL_CTX_set_mode(client_ctx, SSL_MODE_AUTO_RETRY);
+ #endif
+ 
+-    if (SSL_CTX_need_tmp_RSA(client_ctx))
+-        SSL_CTX_set_tmp_rsa_callback(client_ctx, rsa_callback);
+-
+     /* Don't bother with session cache for client side: not enough
+      * connections to worry about caching */
+     SSL_CTX_set_session_cache_mode(client_ctx, SSL_SESS_CACHE_OFF);
+@@ -503,10 +498,6 @@ void ssl_context_init(struct ssl_config *ssl_config)
+         log_fatal("SSL_CTX_set_options(SSL_OP_CIPHER_SERVER_PREFERENCE)"
+                   "failed");
+ 
+-    /* Set up RSA temporary key callback routine */
+-    if (SSL_CTX_need_tmp_RSA(server_ctx))
+-        SSL_CTX_set_tmp_rsa_callback(server_ctx, rsa_callback);
+-
+     /* Initialise RSA temporary key (will take a couple of secs to complete) */
+     ssl_init_rsakey(ssl_config);
+ }
+@@ -615,7 +606,7 @@ void *ssl_start_server(int fd, unsigned long timeout)
+     else
+         log_debug("SSL: No client certificate");
+ 
+-    switch (ssl->session->ssl_version) {
++    switch (SSL_version(ssl)) {
+     case SSL2_VERSION:
+         ver = "SSLv2";
+         break;
+@@ -668,7 +659,7 @@ void *ssl_start_client(int fd, unsigned long timeout)
+ 
+     /* Verify certificate here? Need local context to play with? */
+ 
+-    switch (((SSL *) ssl)->session->ssl_version) {
++    switch (SSL_version(ssl)) {
+     case SSL2_VERSION:
+         ver = "SSLv2";
+         break;

Added: head/mail/prayer/files/patch-shared_config.c
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/mail/prayer/files/patch-shared_config.c	Fri Nov  9 19:24:37 2018	(r484539)
@@ -0,0 +1,14 @@
+--- shared/config.c.orig	2012-06-30 14:30:08 UTC
++++ shared/config.c
+@@ -455,9 +455,9 @@ static struct {
+     "draft_att_total_max", config_number, OFFSET(draft_att_total_max)}
+     , {
+     "dualuse", config_bool, OFFSET(dualuse)}
+-    , {
++    , /*{
+     "egd_socket", config_path, OFFSET(egd_socket)}
+-    , {
++    , */{
+     "expunge_on_exit", config_bool, OFFSET(expunge_on_exit)}
+     , {
+     "fatal_dump_core", config_bool, OFFSET(fatal_dump_core)}

More information about the svn-ports-all mailing list