diff options
| author | Bernard Spil <brnrd@FreeBSD.org> | 2017-07-12 19:31:40 +0000 |
|---|---|---|
| committer | Bernard Spil <brnrd@FreeBSD.org> | 2017-07-12 19:31:40 +0000 |
| commit | ffb5710ba5048473ef3ae3415262df15db4a0d87 (patch) | |
| tree | eaf2552947165efe371d90d58d666ac19cc07009 /www/apache24/files/patch-modules_ssl_ssl__engine__init.c | |
| parent | www/apache22: Update to 2.2.34 (diff) | |
www/apache24: Update to 2.4.27
- Bugfix update to 2.4.27
- Fix build with LibreSSL [1]
- Add brotli compression option
- Add pkg-message for 10.3 base-ssl users
- HTTP/2 is production ready, default enable
- warn users of 10.3 for mod_http2/OpenSSL 1.0.1
[1] https://bz.apache.org/bugzilla/show_bug.cgi?id=61184
PR: 220160 [1]
Reported by: Markus Kohlmeyer <rootservice@gmail.com>
Reviewed by: ohauer (hat)
Approved by: ohauer (hat)
Differential Revision: https://reviews.freebsd.org/D11285
Diffstat (limited to 'www/apache24/files/patch-modules_ssl_ssl__engine__init.c')
| -rw-r--r-- | www/apache24/files/patch-modules_ssl_ssl__engine__init.c | 47 |
1 files changed, 47 insertions, 0 deletions
diff --git a/www/apache24/files/patch-modules_ssl_ssl__engine__init.c b/www/apache24/files/patch-modules_ssl_ssl__engine__init.c new file mode 100644 index 000000000000..31c7f94d6a79 --- /dev/null +++ b/www/apache24/files/patch-modules_ssl_ssl__engine__init.c @@ -0,0 +1,47 @@ +--- modules/ssl/ssl_engine_init.c.orig 2017-04-03 11:39:20 UTC ++++ modules/ssl/ssl_engine_init.c +@@ -47,7 +47,7 @@ APR_IMPLEMENT_OPTIONAL_HOOK_RUN_ALL(ssl, + #define KEYTYPES "RSA or DSA" + #endif + +-#if OPENSSL_VERSION_NUMBER < 0x10100000L ++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) + /* OpenSSL Pre-1.1.0 compatibility */ + /* Taken from OpenSSL 1.1.0 snapshot 20160410 */ + static int DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g) +@@ -257,7 +257,7 @@ apr_status_t ssl_init_Module(apr_pool_t + #endif + } + +-#if APR_HAS_THREADS && OPENSSL_VERSION_NUMBER < 0x10100000L ++#if APR_HAS_THREADS && ( OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) ) + ssl_util_thread_setup(p); + #endif + +@@ -380,7 +380,7 @@ apr_status_t ssl_init_Module(apr_pool_t + modssl_init_app_data2_idx(); /* for modssl_get_app_data2() at request time */ + + init_dh_params(); +-#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) + init_bio_methods(); + #endif + +@@ -1301,7 +1301,7 @@ static apr_status_t ssl_init_server_cert + * or configure NIST P-256 (required to enable ECDHE for earlier versions) + * ECDH is always enabled in 1.1.0 unless excluded from SSLCipherList + */ +-#if (OPENSSL_VERSION_NUMBER < 0x10100000L) ++#if (OPENSSL_VERSION_NUMBER < 0x10100000L) || defined(LIBRESSL_VERSION_NUMBER) + else { + #if defined(SSL_CTX_set_ecdh_auto) + SSL_CTX_set_ecdh_auto(mctx->ssl_ctx, 1); +@@ -2011,7 +2011,7 @@ apr_status_t ssl_init_ModuleKill(void *d + + } + +-#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) + free_bio_methods(); + #endif + free_dh_params(); |