Page MenuHomeFreeBSD
Files F150576989

D9334.id24439.diff
No OneTemporary
Actions

D9334.id24439.diff
View Options

Index: www/libnghttp2/Makefile
===================================================================
--- www/libnghttp2/Makefile
+++ www/libnghttp2/Makefile
@@ -2,7 +2,7 @@
# $FreeBSD$
PORTNAME= nghttp2
-PORTVERSION= 1.18.1
+PORTVERSION= 1.19.0
DISTVERSIONPREFIX= v
CATEGORIES= www net
PKGNAMEPREFIX= lib
Index: www/libnghttp2/distinfo
===================================================================
--- www/libnghttp2/distinfo
+++ www/libnghttp2/distinfo
@@ -1,3 +1,3 @@
-TIMESTAMP = 1483726100
-SHA256 (nghttp2-nghttp2-v1.18.1_GH0.tar.gz) = fde384b123a92979dbad1ae16045128984dfa6024e2b6962e70cdfdf40a15efa
-SIZE (nghttp2-nghttp2-v1.18.1_GH0.tar.gz) = 1700207
+TIMESTAMP = 1485361627
+SHA256 (nghttp2-nghttp2-v1.19.0_GH0.tar.gz) = 8c5abd6a437e84e9131b575acab2faec7f83e57eff516ee043baad704311ba6d
+SIZE (nghttp2-nghttp2-v1.19.0_GH0.tar.gz) = 1707121
Index: www/libnghttp2/pkg-plist
===================================================================
--- www/libnghttp2/pkg-plist
+++ www/libnghttp2/pkg-plist
@@ -3,5 +3,5 @@
lib/libnghttp2.a
lib/libnghttp2.so
lib/libnghttp2.so.14
-lib/libnghttp2.so.14.12.3
+lib/libnghttp2.so.14.12.4
libdata/pkgconfig/libnghttp2.pc
Index: www/nghttp2/Makefile
===================================================================
--- www/nghttp2/Makefile
+++ www/nghttp2/Makefile
@@ -2,7 +2,7 @@
# $FreeBSD$
PORTNAME= nghttp2
-PORTVERSION= 1.18.1
+PORTVERSION= 1.19.0
DISTVERSIONPREFIX= v
CATEGORIES= www net
Index: www/nghttp2/distinfo
===================================================================
--- www/nghttp2/distinfo
+++ www/nghttp2/distinfo
@@ -1,3 +1,3 @@
-TIMESTAMP = 1483726108
-SHA256 (nghttp2-nghttp2-v1.18.1_GH0.tar.gz) = fde384b123a92979dbad1ae16045128984dfa6024e2b6962e70cdfdf40a15efa
-SIZE (nghttp2-nghttp2-v1.18.1_GH0.tar.gz) = 1700207
+TIMESTAMP = 1485361542
+SHA256 (nghttp2-nghttp2-v1.19.0_GH0.tar.gz) = 8c5abd6a437e84e9131b575acab2faec7f83e57eff516ee043baad704311ba6d
+SIZE (nghttp2-nghttp2-v1.19.0_GH0.tar.gz) = 1707121
Index: www/nghttp2/files/patch-LibreSSL-PSK
===================================================================
--- /dev/null
+++ www/nghttp2/files/patch-LibreSSL-PSK
@@ -0,0 +1,167 @@
+See https://github.com/nghttp2/nghttp2/pull/789
+
+nghttpx: Don't build PSK features with LibreSSL #789
+
+LibreSSL removed PSK in 2.0.0
+
+--- src/shrpx.cc.orig 2017-01-25 11:30:16 UTC
++++ src/shrpx.cc
+@@ -2119,6 +2119,7 @@ SSL/TLS:
+ argument <CERT>, or certificate option in configuration
+ file. For additional certificates, use --subcert
+ option. This option requires OpenSSL >= 1.0.2.
++#if !LIBRESSL_IN_USE
+ --psk-secrets=<PATH>
+ Read list of PSK identity and secrets from <PATH>. This
+ is used for frontend connection. The each line of input
+@@ -2146,6 +2147,7 @@ SSL/TLS:
+ HTTP/2. To use those cipher suites with HTTP/2,
+ consider to use --client-no-http2-cipher-black-list
+ option. But be aware its implications.
++#endif // !LIBRESSL_IN_USE
+
+ HTTP/2 and SPDY:
+ -c, --frontend-http2-max-concurrent-streams=<N>
+@@ -3125,8 +3127,10 @@ int main(int argc, char **argv) {
+ {SHRPX_OPT_DNS_MAX_TRY.c_str(), required_argument, &flag, 145},
+ {SHRPX_OPT_FRONTEND_KEEP_ALIVE_TIMEOUT.c_str(), required_argument,
+ &flag, 146},
++#if !LIBRESSL_IN_USE
+ {SHRPX_OPT_PSK_SECRETS.c_str(), required_argument, &flag, 147},
+ {SHRPX_OPT_CLIENT_PSK_SECRETS.c_str(), required_argument, &flag, 148},
++#endif
+ {SHRPX_OPT_CLIENT_NO_HTTP2_CIPHER_BLACK_LIST.c_str(), no_argument,
+ &flag, 149},
+ {SHRPX_OPT_CLIENT_CIPHERS.c_str(), required_argument, &flag, 150},
+@@ -3821,6 +3825,7 @@ int main(int argc, char **argv) {
+ cmdcfgs.emplace_back(SHRPX_OPT_FRONTEND_KEEP_ALIVE_TIMEOUT,
+ StringRef{optarg});
+ break;
++#if !LIBRESSL_IN_USE
+ case 147:
+ // --psk-secrets
+ cmdcfgs.emplace_back(SHRPX_OPT_PSK_SECRETS, StringRef{optarg});
+@@ -3829,6 +3834,7 @@ int main(int argc, char **argv) {
+ // --client-psk-secrets
+ cmdcfgs.emplace_back(SHRPX_OPT_CLIENT_PSK_SECRETS, StringRef{optarg});
+ break;
++#endif // !LIBRESSL_IN_USE
+ case 149:
+ // --client-no-http2-cipher-black-list
+ cmdcfgs.emplace_back(SHRPX_OPT_CLIENT_NO_HTTP2_CIPHER_BLACK_LIST,
+--- src/shrpx_config.cc.orig 2017-01-25 11:30:16 UTC
++++ src/shrpx_config.cc
+@@ -1199,6 +1199,7 @@ int read_tls_sct_from_dir(std::vector<ui
+ }
+ } // namespace
+
++#if !LIBRESSL_IN_USE
+ namespace {
+ // Reads PSK secrets from path, and parses each line. The result is
+ // directly stored into config->tls.psk_secrets. This function
+@@ -1262,7 +1263,9 @@ int parse_psk_secrets(Config *config, co
+ return 0;
+ }
+ } // namespace
++#endif // !LIBRESSL_IN_USE
+
++#if !LIBRESSL_IN_USE
+ namespace {
+ // Reads PSK secrets from path, and parses each line. The result is
+ // directly stored into config->tls.client.psk. This function returns
+@@ -1322,6 +1325,7 @@ int parse_client_psk_secrets(Config *con
+ return 0;
+ }
+ } // namespace
++#endif // !LIBRESSL_IN_USE
+
+ // generated by gennghttpxfun.py
+ int option_lookup_token(const char *name, size_t namelen) {
+@@ -1490,10 +1494,12 @@ int option_lookup_token(const char *name
+ if (util::strieq_l("ecdh-curve", name, 10)) {
+ return SHRPX_OPTID_ECDH_CURVES;
+ }
++#if !LIBRESSL_IN_USE
+ if (util::strieq_l("psk-secret", name, 10)) {
+ return SHRPX_OPTID_PSK_SECRETS;
+ }
+ break;
++#endif
+ case 't':
+ if (util::strieq_l("write-burs", name, 10)) {
+ return SHRPX_OPTID_WRITE_BURST;
+@@ -1683,11 +1689,13 @@ int option_lookup_token(const char *name
+ return SHRPX_OPTID_ADD_REQUEST_HEADER;
+ }
+ break;
++#if !LIBRESSL_IN_USE
+ case 's':
+ if (util::strieq_l("client-psk-secret", name, 17)) {
+ return SHRPX_OPTID_CLIENT_PSK_SECRETS;
+ }
+ break;
++#endif // !LIBRESSL_IN_USE
+ case 't':
+ if (util::strieq_l("dns-lookup-timeou", name, 17)) {
+ return SHRPX_OPTID_DNS_LOOKUP_TIMEOUT;
+@@ -3283,10 +3291,12 @@ int parse_config(Config *config, int opt
+ case SHRPX_OPTID_FRONTEND_KEEP_ALIVE_TIMEOUT:
+ return parse_duration(&config->conn.upstream.timeout.idle_read, opt,
+ optarg);
++#if !LIBRESSL_IN_USE
+ case SHRPX_OPTID_PSK_SECRETS:
+ return parse_psk_secrets(config, optarg);
+ case SHRPX_OPTID_CLIENT_PSK_SECRETS:
+ return parse_client_psk_secrets(config, optarg);
++#endif // !LIBRESSL_IN_USE
+ case SHRPX_OPTID_CLIENT_NO_HTTP2_CIPHER_BLACK_LIST:
+ config->tls.client.no_http2_cipher_black_list =
+ util::strieq_l("yes", optarg);
+--- src/shrpx_ssl.cc.orig 2017-01-25 11:30:16 UTC
++++ src/shrpx_ssl.cc
+@@ -525,6 +525,7 @@ int sct_parse_cb(SSL *ssl, unsigned int
+ } // namespace
+ #endif // !LIBRESSL_IN_USE && OPENSSL_VERSION_NUMBER >= 0x10002000L
+
++#if !LIBRESSL_IN_USE
+ namespace {
+ unsigned int psk_server_cb(SSL *ssl, const char *identity, unsigned char *psk,
+ unsigned int max_psk_len) {
+@@ -548,7 +549,9 @@ unsigned int psk_server_cb(SSL *ssl, con
+ return static_cast<unsigned int>(secret.size());
+ }
+ } // namespace
++#endif // !LIBRESSL_IN_USE
+
++#if !LIBRESSL_IN_USE
+ namespace {
+ unsigned int psk_client_cb(SSL *ssl, const char *hint, char *identity_out,
+ unsigned int max_identity_len, unsigned char *psk,
+@@ -581,6 +584,7 @@ unsigned int psk_client_cb(SSL *ssl, con
+ return (unsigned int)secret.size();
+ }
+ } // namespace
++#endif // !LIBRESSL_IN_USE
+
+ struct TLSProtocol {
+ StringRef name;
+@@ -784,7 +788,9 @@ SSL_CTX *create_ssl_context(const char *
+ }
+ #endif // !LIBRESSL_IN_USE && OPENSSL_VERSION_NUMBER >= 0x10002000L
+
++#if !LIBRESSL_IN_USE
+ SSL_CTX_set_psk_server_callback(ssl_ctx, psk_server_cb);
++#endif // !LIBRESSL_IN_USE
+
+ auto tls_ctx_data = new TLSContextData();
+ tls_ctx_data->cert_file = cert_file;
+@@ -919,7 +925,9 @@ SSL_CTX *create_ssl_client_context(
+ #endif // HAVE_NEVERBLEED
+ }
+
++#if !LIBRESSL_IN_USE
+ SSL_CTX_set_psk_client_callback(ssl_ctx, psk_client_cb);
++#endif // !LIBRESSL_IN_USE
+
+ // NPN selection callback. This is required to set SSL_CTX because
+ // OpenSSL does not offer SSL_set_next_proto_select_cb.

File Metadata

Mime Type
text/plain
Expires
Fri, Apr 3, 12:58 PM (2 h, 16 m)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
30758382
Default Alt Text
D9334.id24439.diff (8 KB)

Event Timeline