svn commit: r421885 - in head/security/broccoli: . files

[John Marino]

Author: marino
Date: Sun Sep 11 23:57:56 2016
New Revision: 421885
URL: https://svnweb.freebsd.org/changeset/ports/421885

Log:
  security/broccoli: Document SSL requirement and handle no SSLv3 (LibreSSL)
  
  Approved by:	SSL blanket

Added:
  head/security/broccoli/files/
  head/security/broccoli/files/patch-aux_broccoli_src_bro__openssl.c   (contents, props changed)
Modified:
  head/security/broccoli/Makefile

Modified: head/security/broccoli/Makefile
==============================================================================
--- head/security/broccoli/Makefile	Sun Sep 11 23:56:30 2016	(r421884)
+++ head/security/broccoli/Makefile	Sun Sep 11 23:57:56 2016	(r421885)
@@ -19,7 +19,7 @@ LIB_DEPENDS=	libGeoIP.so:net/GeoIP
 
 EXTRACT_AFTER_ARGS=	${DISTNAME}/aux/broccoli
 
-USES=		cmake:outsource
+USES=		cmake:outsource ssl
 USE_LDCONFIG=	yes
 CMAKE_SOURCE_PATH=	${WRKSRC}/aux/broccoli
 
@@ -32,6 +32,7 @@ PLIST_SUB+=	CLEANUP_PREFIX="@comment "
 .endif
 CMAKE_ARGS+=	-D CMAKE_INSTALL_PREFIX:PATH=${PREFIX} \
 		-D BRO_ETC_INSTALL_DIR:PATH=${PREFIX}/etc
+CFLAGS+=	-I${OPENSSLINC}
 
 OPTIONS_DEFINE=	DEBUG PYTHON RUBY
 OPTIONS_SUB=

Added: head/security/broccoli/files/patch-aux_broccoli_src_bro__openssl.c
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/security/broccoli/files/patch-aux_broccoli_src_bro__openssl.c	Sun Sep 11 23:57:56 2016	(r421885)
@@ -0,0 +1,14 @@
+--- aux/broccoli/src/bro_openssl.c.orig	2015-09-06 19:43:23 UTC
++++ aux/broccoli/src/bro_openssl.c
+@@ -302,7 +302,11 @@ __bro_openssl_init(void)
+    * to set up an SSL connection now and abort if this fails in any way.
+    */
+ 
++#ifndef OPENSSL_NO_SSL3
+   if (! (ctx = SSL_CTX_new(SSLv3_method())))
++#else
++  if (! (ctx = SSL_CTX_new(SSLv23_method())))
++#endif
+     D_RETURN_(FALSE);
+   
+   /* We expect things to be stored in PEM format, which means that we