Index: devel/brotli/Makefile =================================================================== --- /dev/null +++ devel/brotli/Makefile @@ -0,0 +1,46 @@ +# Created by: Markus Kohlmeyer +# $FreeBSD: $ + +PORTNAME= brotli +PORTVERSION= 0.6.0 +PORTREVISION?= 0 +CATEGORIES= devel archivers + +MAINTAINER= rootservice@gmail.com +COMMENT= Brotli lossless compression algorithm libraries and command-line tool + +LICENSE= MIT + +USE_GITHUB= yes +GH_ACCOUNT= google +GH_PROJECT= brotli +GH_TAGNAME= v${PORTVERSION} + +USES= cmake:outsource compiler:c++0x localbase pathfix pkgconfig + +CONFLICTS_INSTALL= libbrotli-* + +BUILD_DEPENDS= bash:shells/bash + +OPTIONS_DEFINE= STATIC +OPTIONS_DEFAULT= + +STATIC_DESC= Build static libs and commandline tool + +.include + +.if ${PORT_OPTIONS:MSTATIC} +CMAKE_ARGS+= -DBUILD_SHARED_LIBS=OFF -DBUILD_STATIC_LIBS=ON +PLIST_SUB+= NO_STATIC="@comment " STATIC="" +.else +PLIST_SUB+= STATIC="@comment " NO_STATIC="" +.endif + +.if !${PORT_OPTIONS:MSTATIC} +post-install: + @${LN} -s libbrotlicommon.so.${PORTVERSION} ${STAGEDIR}${PREFIX}/lib/libbrotlicommon.so.0 + @${LN} -s libbrotlidec.so.${PORTVERSION} ${STAGEDIR}${PREFIX}/lib/libbrotlidec.so.0 + @${LN} -s libbrotlienc.so.${PORTVERSION} ${STAGEDIR}${PREFIX}/lib/libbrotlienc.so.0 +.endif + +.include Index: devel/brotli/distinfo =================================================================== --- /dev/null +++ devel/brotli/distinfo @@ -0,0 +1,3 @@ +TIMESTAMP = 1493041470 +SHA256 (google-brotli-0.6.0-v0.6.0_GH0.tar.gz) = 69cdbdf5709051dd086a2f020f5abf9e32519eafe0ad6be820c667c3a9c9ee0f +SIZE (google-brotli-0.6.0-v0.6.0_GH0.tar.gz) = 19838761 Index: devel/brotli/pkg-descr =================================================================== --- /dev/null +++ devel/brotli/pkg-descr @@ -0,0 +1,3 @@ +Brotli lossless compression algorithm libraries and command-line tool + +WWW: https://github.com/google/brotli Index: devel/brotli/pkg-plist =================================================================== --- /dev/null +++ devel/brotli/pkg-plist @@ -0,0 +1,20 @@ +bin/bro +include/brotli/decode.h +include/brotli/encode.h +include/brotli/port.h +include/brotli/types.h +%%STATIC%%lib/libbrotlicommon.a +%%NO_STATIC%%lib/libbrotlicommon.so +%%NO_STATIC%%lib/libbrotlicommon.so.0 +%%NO_STATIC%%lib/libbrotlicommon.so.0.6.0 +%%STATIC%%lib/libbrotlidec.a +%%NO_STATIC%%lib/libbrotlidec.so +%%NO_STATIC%%lib/libbrotlidec.so.0 +%%NO_STATIC%%lib/libbrotlidec.so.0.6.0 +%%STATIC%%lib/libbrotlienc.a +%%NO_STATIC%%lib/libbrotlienc.so +%%NO_STATIC%%lib/libbrotlienc.so.0 +%%NO_STATIC%%lib/libbrotlienc.so.0.6.0 +libdata/pkgconfig/libbrotlicommon.pc +libdata/pkgconfig/libbrotlidec.pc +libdata/pkgconfig/libbrotlienc.pc Index: www/apache24/Makefile =================================================================== --- www/apache24/Makefile +++ www/apache24/Makefile @@ -1,8 +1,7 @@ # $FreeBSD$ PORTNAME= apache24 -PORTVERSION= 2.4.25 -PORTREVISION= 2 +PORTVERSION= 2.4.26 CATEGORIES= www ipv6 MASTER_SITES= APACHE_HTTPD DISTNAME= httpd-${PORTVERSION} @@ -74,6 +73,11 @@ AUTHNZ_LDAP_CONFIGURE_ON= --enable-authnz-ldap +# BROTLI +BROTLI_CONFIGURE_ON= --enable-brotli --with-brotli=${LOCALBASE} +BROTLI_LIB_DEPENDS= libbrotlienc.so:devel/brotli \ + libbrotlicommon.so:devel/brotli + # http://httpd.apache.org/docs/2.4/bind.html IPV4_MAPPED_CONFIGURE_ENABLE= v4-mapped Index: www/apache24/Makefile.options =================================================================== --- www/apache24/Makefile.options +++ www/apache24/Makefile.options @@ -34,7 +34,7 @@ AUTHZ_CORE AUTHZ_DBD AUTHZ_DBM AUTHNZ_FCGI AUTHZ_GROUPFILE AUTHZ_HOST \ AUTHZ_OWNER AUTHZ_USER \ AUTH_BASIC AUTH_DIGEST AUTH_FORM AUTOINDEX \ - BUFFER \ + BROTLI BUFFER \ CACHE CACHE_DISK CACHE_SOCACHE CERN_META CGI CGID \ CHARSET_LITE \ DATA DAV DAV_FS DAV_LOCK DBD DEFLATE DIALUP DIR DUMPIO \ Index: www/apache24/Makefile.options.desc =================================================================== --- www/apache24/Makefile.options.desc +++ www/apache24/Makefile.options.desc @@ -63,6 +63,7 @@ AUTH_FORM_DESC= Form authentication AUTOINDEX_DESC= Directory listing +BROTLI_DESC= Brotli compression support BUCKETEER_DESC= (dev) buckets manipulation filter BUFFER_DESC= Filter Buffering @@ -99,7 +100,7 @@ HEADERS_DESC= HTTP header control HEARTBEAT_DESC= Generates Heartbeats HEARTMONITOR_DESC= Collects Heartbeats -HTTP2_DESC= HTTP/2 (RFC 7540) support (experimental) +HTTP2_DESC= HTTP/2 (RFC 7540) support IDENT_DESC= RFC 1413 ident lookups IMAGEMAP_DESC= Server-side imagemaps Index: www/apache24/distinfo =================================================================== --- www/apache24/distinfo +++ www/apache24/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1482168542 -SHA256 (apache24/httpd-2.4.25.tar.bz2) = f87ec2df1c9fee3e6bfde3c8b855a3ddb7ca1ab20ca877bd0e2b6bf3f05c80b2 -SIZE (apache24/httpd-2.4.25.tar.bz2) = 6398218 +TIMESTAMP = 1497967076 +SHA256 (apache24/httpd-2.4.26.tar.bz2) = a07eb52fafc879e0149d31882f7da63173e72df4478db4dc69f7a775b663d387 +SIZE (apache24/httpd-2.4.26.tar.bz2) = 6524642 Index: www/apache24/files/patch-modules_ssl_mod__ssl.c =================================================================== --- /dev/null +++ www/apache24/files/patch-modules_ssl_mod__ssl.c @@ -0,0 +1,34 @@ +--- modules/ssl/mod_ssl.c.orig 2017-04-03 11:39:20 UTC ++++ modules/ssl/mod_ssl.c +@@ -337,12 +337,12 @@ static apr_status_t ssl_cleanup_pre_conf + #if HAVE_ENGINE_LOAD_BUILTIN_ENGINES + ENGINE_cleanup(); + #endif +-#if OPENSSL_VERSION_NUMBER >= 0x1000200fL ++#if OPENSSL_VERSION_NUMBER >= 0x1000200fL && !defined(OPENSSL_NO_COMP) + SSL_COMP_free_compression_methods(); + #endif + + /* Usually needed per thread, but this parent process is single-threaded */ +-#if OPENSSL_VERSION_NUMBER < 0x10100000L ++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) + #if OPENSSL_VERSION_NUMBER >= 0x1000000fL + ERR_remove_thread_state(NULL); + #else +@@ -383,14 +383,14 @@ static int ssl_hook_pre_config(apr_pool_ + /* Some OpenSSL internals are allocated per-thread, make sure they + * are associated to the/our same thread-id until cleaned up. + */ +-#if APR_HAS_THREADS && OPENSSL_VERSION_NUMBER < 0x10100000L ++#if APR_HAS_THREADS && OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) + ssl_util_thread_id_setup(pconf); + #endif + + /* We must register the library in full, to ensure our configuration + * code can successfully test the SSL environment. + */ +-#if OPENSSL_VERSION_NUMBER < 0x10100000L ++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) + CRYPTO_malloc_init(); + #else + OPENSSL_malloc_init(); Index: www/apache24/files/patch-modules_ssl_ssl__engine__init.c =================================================================== --- /dev/null +++ www/apache24/files/patch-modules_ssl_ssl__engine__init.c @@ -0,0 +1,47 @@ +--- modules/ssl/ssl_engine_init.c.orig 2017-04-03 11:39:20 UTC ++++ modules/ssl/ssl_engine_init.c +@@ -47,7 +47,7 @@ APR_IMPLEMENT_OPTIONAL_HOOK_RUN_ALL(ssl, + #define KEYTYPES "RSA or DSA" + #endif + +-#if OPENSSL_VERSION_NUMBER < 0x10100000L ++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) + /* OpenSSL Pre-1.1.0 compatibility */ + /* Taken from OpenSSL 1.1.0 snapshot 20160410 */ + static int DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g) +@@ -257,7 +257,7 @@ apr_status_t ssl_init_Module(apr_pool_t + #endif + } + +-#if APR_HAS_THREADS && OPENSSL_VERSION_NUMBER < 0x10100000L ++#if APR_HAS_THREADS && ( OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) ) + ssl_util_thread_setup(p); + #endif + +@@ -380,7 +380,7 @@ apr_status_t ssl_init_Module(apr_pool_t + modssl_init_app_data2_idx(); /* for modssl_get_app_data2() at request time */ + + init_dh_params(); +-#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) + init_bio_methods(); + #endif + +@@ -1301,7 +1301,7 @@ static apr_status_t ssl_init_server_cert + * or configure NIST P-256 (required to enable ECDHE for earlier versions) + * ECDH is always enabled in 1.1.0 unless excluded from SSLCipherList + */ +-#if (OPENSSL_VERSION_NUMBER < 0x10100000L) ++#if (OPENSSL_VERSION_NUMBER < 0x10100000L) || defined(LIBRESSL_VERSION_NUMBER) + else { + #if defined(SSL_CTX_set_ecdh_auto) + SSL_CTX_set_ecdh_auto(mctx->ssl_ctx, 1); +@@ -2011,7 +2011,7 @@ apr_status_t ssl_init_ModuleKill(void *d + + } + +-#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) + free_bio_methods(); + #endif + free_dh_params(); Index: www/apache24/files/patch-modules_ssl_ssl__engine__io.c =================================================================== --- /dev/null +++ www/apache24/files/patch-modules_ssl_ssl__engine__io.c @@ -0,0 +1,38 @@ +--- modules/ssl/ssl_engine_io.c.orig 2017-05-30 12:26:05 UTC ++++ modules/ssl/ssl_engine_io.c +@@ -164,7 +164,7 @@ static int bio_filter_create(BIO *bio) + { + BIO_set_shutdown(bio, 1); + BIO_set_init(bio, 1); +-#if OPENSSL_VERSION_NUMBER < 0x10100000L ++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) + /* No setter method for OpenSSL 1.1.0 available, + * but I can't find any functional use of the + * "num" field there either. +@@ -549,7 +549,7 @@ static long bio_filter_in_ctrl(BIO *bio, + return -1; + } + +-#if OPENSSL_VERSION_NUMBER < 0x10100000L ++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) + + static BIO_METHOD bio_filter_out_method = { + BIO_TYPE_MEM, +@@ -2024,7 +2024,7 @@ static void ssl_io_input_add_filter(ssl_ + + filter_ctx->pInputFilter = ap_add_input_filter(ssl_io_filter, inctx, r, c); + +-#if OPENSSL_VERSION_NUMBER < 0x10100000L ++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) + filter_ctx->pbioRead = BIO_new(&bio_filter_in_method); + #else + filter_ctx->pbioRead = BIO_new(bio_filter_in_method); +@@ -2059,7 +2059,7 @@ void ssl_io_filter_init(conn_rec *c, req + filter_ctx->pOutputFilter = ap_add_output_filter(ssl_io_filter, + filter_ctx, r, c); + +-#if OPENSSL_VERSION_NUMBER < 0x10100000L ++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) + filter_ctx->pbioWrite = BIO_new(&bio_filter_out_method); + #else + filter_ctx->pbioWrite = BIO_new(bio_filter_out_method); Index: www/apache24/files/patch-modules_ssl_ssl__engine__kernel.c =================================================================== --- /dev/null +++ www/apache24/files/patch-modules_ssl_ssl__engine__kernel.c @@ -0,0 +1,11 @@ +--- modules/ssl/ssl_engine_kernel.c.orig 2017-05-02 11:01:17 UTC ++++ modules/ssl/ssl_engine_kernel.c +@@ -1733,7 +1733,7 @@ static void modssl_proxy_info_log(conn_r + * so we need to increment here to prevent them from + * being freed. + */ +-#if OPENSSL_VERSION_NUMBER < 0x10100000L ++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) + #define modssl_set_cert_info(info, cert, pkey) \ + *cert = info->x509; \ + CRYPTO_add(&(*cert)->references, +1, CRYPTO_LOCK_X509); \ Index: www/apache24/files/patch-modules_ssl_ssl__engine__vars.c =================================================================== --- /dev/null +++ www/apache24/files/patch-modules_ssl_ssl__engine__vars.c @@ -0,0 +1,11 @@ +--- modules/ssl/ssl_engine_vars.c.orig 2017-03-20 12:01:16 UTC ++++ modules/ssl/ssl_engine_vars.c +@@ -529,7 +529,7 @@ static char *ssl_var_lookup_ssl_cert(apr + resdup = FALSE; + } + else if (strcEQ(var, "A_SIG")) { +-#if OPENSSL_VERSION_NUMBER < 0x10100000L ++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) + nid = OBJ_obj2nid((ASN1_OBJECT *)(xs->cert_info->signature->algorithm)); + #else + const ASN1_OBJECT *paobj; Index: www/apache24/files/patch-modules_ssl_ssl__private.h =================================================================== --- /dev/null +++ www/apache24/files/patch-modules_ssl_ssl__private.h @@ -0,0 +1,55 @@ +--- modules/ssl/ssl_private.h.orig 2017-04-03 11:39:20 UTC ++++ modules/ssl/ssl_private.h +@@ -123,6 +123,16 @@ + #define MODSSL_SSL_METHOD_CONST + #endif + ++#if defined(LIBRESSL_VERSION_NUMBER) ++/* Missing from LibreSSL */ ++#define SSL_CTRL_SET_MIN_PROTO_VERSION 123 ++#define SSL_CTRL_SET_MAX_PROTO_VERSION 124 ++#define SSL_CTX_set_min_proto_version(ctx, version) \ ++ SSL_CTX_ctrl(ctx, SSL_CTRL_SET_MIN_PROTO_VERSION, version, NULL) ++#define SSL_CTX_set_max_proto_version(ctx, version) \ ++ SSL_CTX_ctrl(ctx, SSL_CTRL_SET_MAX_PROTO_VERSION, version, NULL) ++#endif ++ + #if defined(OPENSSL_FIPS) + #define HAVE_FIPS + #endif +@@ -136,7 +146,7 @@ + #endif + + /* session id constness */ +-#if OPENSSL_VERSION_NUMBER < 0x10100000L ++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) + #define IDCONST + #else + #define IDCONST const +@@ -199,7 +209,7 @@ + + #endif /* !defined(OPENSSL_NO_TLSEXT) && defined(SSL_set_tlsext_host_name) */ + +-#if OPENSSL_VERSION_NUMBER < 0x10100000L ++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) + #define BN_get_rfc2409_prime_768 get_rfc2409_prime_768 + #define BN_get_rfc2409_prime_1024 get_rfc2409_prime_1024 + #define BN_get_rfc3526_prime_1536 get_rfc3526_prime_1536 +@@ -219,7 +229,7 @@ void init_bio_methods(void); + void free_bio_methods(void); + #endif + +-#if OPENSSL_VERSION_NUMBER < 0x10002000L ++#if OPENSSL_VERSION_NUMBER < 0x10002000L || defined(LIBRESSL_VERSION_NUMBER) + #define X509_STORE_CTX_get0_store(x) (x->ctx) + #endif + +@@ -934,7 +944,7 @@ char *ssl_util_readfilter(server_ + const char * const *); + BOOL ssl_util_path_check(ssl_pathcheck_t, const char *, apr_pool_t *); + #if APR_HAS_THREADS +-#if OPENSSL_VERSION_NUMBER < 0x10100000L ++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) + void ssl_util_thread_setup(apr_pool_t *); + #endif + void ssl_util_thread_id_setup(apr_pool_t *); Index: www/apache24/files/patch-modules_ssl_ssl__util.c =================================================================== --- /dev/null +++ www/apache24/files/patch-modules_ssl_ssl__util.c @@ -0,0 +1,11 @@ +--- modules/ssl/ssl_util.c.orig 2017-03-24 13:31:03 UTC ++++ modules/ssl/ssl_util.c +@@ -247,7 +247,7 @@ void ssl_asn1_table_unset(apr_hash_t *ta + } + + #if APR_HAS_THREADS +-#if OPENSSL_VERSION_NUMBER < 0x10100000L ++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) + /* + * To ensure thread-safetyness in OpenSSL - work in progress + */ Index: www/apache24/files/patch-modules_ssl_ssl__util__ssl.h =================================================================== --- /dev/null +++ www/apache24/files/patch-modules_ssl_ssl__util__ssl.h @@ -0,0 +1,11 @@ +--- modules/ssl/ssl_util_ssl.h.orig 2017-03-20 12:01:16 UTC ++++ modules/ssl/ssl_util_ssl.h +@@ -41,7 +41,7 @@ + #define MODSSL_LIBRARY_VERSION OPENSSL_VERSION_NUMBER + #define MODSSL_LIBRARY_NAME "OpenSSL" + #define MODSSL_LIBRARY_TEXT OPENSSL_VERSION_TEXT +-#if OPENSSL_VERSION_NUMBER < 0x10100000L ++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) + #define MODSSL_LIBRARY_DYNTEXT SSLeay_version(SSLEAY_VERSION) + #else + #define MODSSL_LIBRARY_DYNTEXT OpenSSL_version(OPENSSL_VERSION) Index: www/apache24/files/patch-support_ab.c =================================================================== --- /dev/null +++ www/apache24/files/patch-support_ab.c @@ -0,0 +1,11 @@ +--- support/ab.c.orig 2017-05-28 21:15:41 UTC ++++ support/ab.c +@@ -2514,7 +2514,7 @@ int main(int argc, const char * const ar + exit(1); + } + SSL_CTX_set_options(ssl_ctx, SSL_OP_ALL); +-#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) + SSL_CTX_set_max_proto_version(ssl_ctx, max_prot); + SSL_CTX_set_min_proto_version(ssl_ctx, min_prot); + #endif Index: www/apache24/pkg-plist =================================================================== --- www/apache24/pkg-plist +++ www/apache24/pkg-plist @@ -111,6 +111,7 @@ %%MOD_AUTOINDEX%%libexec/apache24/mod_autoindex.so %%MOD_BUCKETEER%%libexec/apache24/mod_bucketeer.so %%MOD_BUFFER%%libexec/apache24/mod_buffer.so +%%MOD_BROTLI%%libexec/apache24/mod_brotli.so %%MOD_CACHE%%libexec/apache24/mod_cache.so %%MOD_CACHE_DISK%%libexec/apache24/mod_cache_disk.so %%MOD_CACHE_SOCACHE%%libexec/apache24/mod_cache_socache.so