Index: head/security/certificate-transparency/files/patch-cpp_client_ssl__client.cc =================================================================== --- head/security/certificate-transparency/files/patch-cpp_client_ssl__client.cc (revision 437392) +++ head/security/certificate-transparency/files/patch-cpp_client_ssl__client.cc (nonexistent) @@ -1,11 +0,0 @@ ---- cpp/client/ssl_client.cc.orig 2016-10-14 17:11:57 UTC -+++ cpp/client/ssl_client.cc -@@ -88,7 +88,7 @@ SSLClient::SSLClient(const string& serve - - SSL_CTX_set_cert_verify_callback(ctx_.get(), &VerifyCallback, &verify_args_); - --#if OPENSSL_VERSION_NUMBER >= 0x10002000L -+#if OPENSSL_VERSION_NUMBER >= 0x10002000L && !defined(LIBRESSL_VERSION_NUMBER) - SSL_CTX_add_client_custom_ext(ctx_.get(), CT_EXTENSION_TYPE, NULL, NULL, - NULL, ExtensionCallback, &verify_args_); - #else Property changes on: head/security/certificate-transparency/files/patch-cpp_client_ssl__client.cc ___________________________________________________________________ Deleted: fbsd:nokeywords ## -1 +0,0 ## -yes \ No newline at end of property Deleted: svn:eol-style ## -1 +0,0 ## -native \ No newline at end of property Deleted: svn:mime-type ## -1 +0,0 ## -text/plain \ No newline at end of property Index: head/security/certificate-transparency/files/patch-cpp_log_cert.cc =================================================================== --- head/security/certificate-transparency/files/patch-cpp_log_cert.cc (revision 437392) +++ head/security/certificate-transparency/files/patch-cpp_log_cert.cc (nonexistent) @@ -1,20 +0,0 @@ ---- cpp/log/cert.cc.orig 2016-10-14 17:11:57 UTC -+++ cpp/log/cert.cc -@@ -31,7 +31,7 @@ using util::StatusOr; - using util::error::Code; - - --#if OPENSSL_VERSION_NUMBER < 0x10002000L || defined(OPENSSL_IS_BORINGSSL) -+#if OPENSSL_VERSION_NUMBER < 0x10002000L || defined(OPENSSL_IS_BORINGSSL) || defined(LIBRESSL_VERSION_NUMBER) - // Backport from 1.0.2-beta3. - static int i2d_re_X509_tbs(X509* x, unsigned char** pp) { - x->cert_info->enc.modified = 1; -@@ -39,7 +39,7 @@ static int i2d_re_X509_tbs(X509* x, unsi - } - #endif - --#if OPENSSL_VERSION_NUMBER < 0x10002000L -+#if OPENSSL_VERSION_NUMBER < 0x10002000L || defined(LIBRESSL_VERSION_NUMBER) - static int X509_get_signature_nid(const X509* x) { - return OBJ_obj2nid(x->sig_alg->algorithm); - } Property changes on: head/security/certificate-transparency/files/patch-cpp_log_cert.cc ___________________________________________________________________ Deleted: fbsd:nokeywords ## -1 +0,0 ## -yes \ No newline at end of property Deleted: svn:eol-style ## -1 +0,0 ## -native \ No newline at end of property Deleted: svn:mime-type ## -1 +0,0 ## -text/plain \ No newline at end of property Index: head/security/certificate-transparency/files/patch-Makefile.am =================================================================== --- head/security/certificate-transparency/files/patch-Makefile.am (revision 437392) +++ head/security/certificate-transparency/files/patch-Makefile.am (revision 437393) @@ -1,57 +1,30 @@ --- Makefile.am.orig 2016-10-14 17:11:57 UTC +++ Makefile.am @@ -11,8 +11,6 @@ AM_CXXFLAGS = \ -fno-exceptions BUILT_SOURCES = \ - cpp/gmock-all.cc \ - cpp/gtest-all.cc \ cpp/monitoring/prometheus/metrics.pb.cc \ cpp/monitoring/prometheus/metrics.pb.h \ proto/ct.pb.cc \ -@@ -112,7 +110,7 @@ TESTS = \ - cpp/util/sync_task_test \ - cpp/util/task_test - --if !OPENSSL_IS_BORINGSSL -+if !OPENSSL_NO_CMS - TESTS += cpp/log/cms_verifier_test - endif - @@ -131,9 +129,6 @@ endif cpp/gtest-all.cc: $(GTEST_DIR)/src/gtest-all.cc $(AM_V_at)cp $^ $@ -cpp/gmock-all.cc: $(GMOCK_DIR)/src/gmock-all.cc - $(AM_V_at)cp $^ $@ - test/testdata/urlfetcher_test_certs/localhost-key.pem: test/create_url_fetcher_test_certs.sh $(AM_V_GEN)test/create_url_fetcher_test_certs.sh -@@ -217,7 +212,7 @@ cpp_libcore_a_SOURCES = \ - proto/ct.pb.cc \ - proto/ct.pb.h - --if !OPENSSL_IS_BORINGSSL -+if !OPENSSL_NO_CMS - cpp_libcore_a_SOURCES += cpp/log/cms_verifier.cc - endif - @@ -226,8 +221,6 @@ cpp_libtest_a_CPPFLAGS = \ -I$(GTEST_DIR) \ $(AM_CPPFLAGS) cpp_libtest_a_SOURCES = \ - cpp/gmock-all.cc \ - cpp/gtest-all.cc \ cpp/util/testing.cc cpp_server_ct_mirror_LDADD = \ -@@ -907,7 +900,7 @@ cpp_log_cert_test_SOURCES = \ - cpp/log/cert_test.cc \ - cpp/util/util.cc - --if !OPENSSL_IS_BORINGSSL -+if !OPENSSL_NO_CMS - cpp_log_cms_verifier_test_LDADD = \ - cpp/libcore.a \ - cpp/libtest.a \ Index: head/security/certificate-transparency/files/patch-configure.ac =================================================================== --- head/security/certificate-transparency/files/patch-configure.ac (revision 437392) +++ head/security/certificate-transparency/files/patch-configure.ac (revision 437393) @@ -1,57 +1,31 @@ --- configure.ac.orig 2016-10-14 17:11:57 UTC +++ configure.ac @@ -84,9 +84,7 @@ AC_CHECK_HEADER([gtest/gtest.h],, [missi AS_VAR_APPEND([CPPFLAGS], [" -I$GMOCK_DIR/include"]) AC_CHECK_HEADER([gmock/gmock.h],, [missing_gmock=1]) AS_VAR_APPEND([CPPFLAGS], [" -I$GTEST_DIR"]) -AC_CHECK_HEADER([$GTEST_DIR/src/gtest-all.cc],, [missing_gtest=1]) AS_VAR_APPEND([CPPFLAGS], [" -I$GMOCK_DIR"]) -AC_CHECK_HEADER([$GMOCK_DIR/src/gmock-all.cc],, [missing_gmock=1]) CPPFLAGS="$saved_CPPFLAGS" AS_IF([test -n "$missing_gtest"], [AC_MSG_ERROR([could not find a working Google Test])]) @@ -106,7 +104,7 @@ AC_SEARCH_LIBS([clock_gettime], [rt],,, AC_MSG_CHECKING([checking for gflags library]) LIBS="-lgflags $LIBS" -AC_LINK_IFELSE([AC_LANG_PROGRAM([[#include ]], [[google::ParseCommandLineFlags(NULL, NULL, true)]])], [have_gflags=yes], [have_gflags=no]) +AC_LINK_IFELSE([AC_LANG_PROGRAM([[#include ]], [[gflags::ParseCommandLineFlags(NULL, NULL, true)]])], [have_gflags=yes], [have_gflags=no]) AC_MSG_RESULT([$have_gflags]) AS_IF([test "x$have_gflags" = "xno"], [AC_MSG_ERROR([gflags library could not be found])]) @@ -118,6 +116,9 @@ AC_MSG_RESULT([$have_glog]) AS_IF([test "x$have_glog" = "xno"], [AC_MSG_ERROR([glog library could not be found])]) +# Required for "make check" to build. +LIBS="$LIBS -lgtest -lgmock" + save_LIBS="$LIBS" AS_UNSET([LIBS]) AC_SEARCH_LIBS([snappy_compress], [snappy],,, [$save_LIBS]) -@@ -146,6 +147,17 @@ AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[#in - [AC_MSG_RESULT([yes]); openssl_is_boringssl=1], - [AC_MSG_RESULT([no])]) - -+AC_MSG_CHECKING([for LibreSSL]) -+AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[#include ]], -+ [[ -+ #ifndef LIBRESSL_VERSION_NUMBER -+ # error not LibreSSL -+ #endif -+ ]]) -+ ], -+ [AC_MSG_RESULT([yes]); openssl_is_libressl=1], -+ [AC_MSG_RESULT([no])]) -+ - save_LIBS="$LIBS" - AS_UNSET([LIBS]) - AC_SEARCH_LIBS([event_base_dispatch], [event],, [missing_libevent=1], -@@ -212,6 +224,7 @@ AM_CONDITIONAL([HAVE_ANT], [test -n "$AN - AM_CONDITIONAL([HAVE_LDNS], [test -z "$missing_ldns"]) - AM_CONDITIONAL([HAVE_OBJECTHASH], [test -z "$missing_objecthash"]) - AM_CONDITIONAL([OPENSSL_IS_BORINGSSL], [test -n "$openssl_is_boringssl"]) -+AM_CONDITIONAL([OPENSSL_NO_CMS], [test -z "$openssl_is_boringssl" -o -z "$openssl_is_boringssl"]) - AC_DEFINE_UNQUOTED([TEST_SRCDIR], ["$srcdir"], [Top of the source directory, for tests.]) - AC_SUBST([INSTALL_DIR]) - AC_CONFIG_FILES([Makefile]) Index: head/security/certificate-transparency/files/patch-cpp-client-ct.cc =================================================================== --- head/security/certificate-transparency/files/patch-cpp-client-ct.cc (revision 437392) +++ head/security/certificate-transparency/files/patch-cpp-client-ct.cc (revision 437393) @@ -1,11 +1,49 @@ ---- cpp/client/ct.cc.orig 2017-02-11 20:58:57 UTC +--- cpp/client/ct.cc.orig 2016-10-14 17:11:57 UTC +++ cpp/client/ct.cc -@@ -530,7 +530,7 @@ static void ProofToExtensionData() { - << " for writing:" << strerror(errno); +@@ -451,8 +451,8 @@ static void MakeCert() { + // (This means the relevant section should be last in the configuration.) + // 1.2.3.1=DER:[raw encoding of proof] + static void WriteProofToConfig() { +- CHECK(!FLAGS_sct_token.empty()) << google::ProgramUsage(); +- CHECK(!FLAGS_extensions_config_out.empty()) << google::ProgramUsage(); ++ CHECK(!FLAGS_sct_token.empty()) << gflags::ProgramUsage(); ++ CHECK(!FLAGS_extensions_config_out.empty()) << gflags::ProgramUsage(); - // Work around broken PEM_write() declaration in older OpenSSL versions. --#if OPENSSL_VERSION_NUMBER < 0x10002000L -+#if OPENSSL_VERSION_NUMBER < 0x10002000L || defined(LIBRESSL_VERSION_NUMBER) - PEM_write(out, const_cast(kPEMLabel), const_cast(""), - const_cast(reinterpret_cast( - extension_data_out.str().data())), + string sct; + +@@ -479,8 +479,8 @@ static const char kPEMLabel[] = "SERVERI + // Wrap the proof in the format expected by the TLS extension, + // so that we can feed it to OpenSSL. + static void ProofToExtensionData() { +- CHECK(!FLAGS_sct_token.empty()) << google::ProgramUsage(); +- CHECK(!FLAGS_tls_extension_data_out.empty()) << google::ProgramUsage(); ++ CHECK(!FLAGS_sct_token.empty()) << gflags::ProgramUsage(); ++ CHECK(!FLAGS_tls_extension_data_out.empty()) << gflags::ProgramUsage(); + + string serialized_sct; + PCHECK(util::ReadBinaryFile(FLAGS_sct_token, &serialized_sct)) +@@ -939,13 +939,13 @@ int GetSTH() { + // Exit code upon abnormal exit (CHECK failures): != 0 + // (on UNIX, 134 is expected) + int main(int argc, char** argv) { +- google::SetUsageMessage(argv[0] + string(kUsage)); ++ gflags::SetUsageMessage(argv[0] + string(kUsage)); + util::InitCT(&argc, &argv); + ConfigureSerializerForV1CT(); + + const string main_command(argv[0]); + if (argc < 2) { +- std::cout << google::ProgramUsage(); ++ std::cout << gflags::ProgramUsage(); + return 1; + } + +@@ -983,7 +983,7 @@ int main(int argc, char** argv) { + } else if (cmd == "sth") { + ret = GetSTH(); + } else { +- std::cout << google::ProgramUsage(); ++ std::cout << gflags::ProgramUsage(); + ret = 1; + } +