This is needed to unbreak nsca-ng which depends on RFC4279 (PSK Ciphersuites for TLS) - the API for this has been removed from LibReSSL.
Care has been taken to prevent this from being picked up automatically in standard search paths. It may also useful for comparisons/tests between OpenSSL and LibReSSL. Diff to update/fix nsca-ng also included - ignore port-lib-depends-check errors for this one, they are wrong. Any OKs to import?
openssl.tgz
Description: application/tar-gz
Index: Makefile
===================================================================
RCS file: /cvs/ports/net/nagios/nsca-ng/Makefile,v
retrieving revision 1.7
diff -u -p -r1.7 Makefile
--- Makefile 12 Jul 2014 23:32:55 -0000 1.7
+++ Makefile 15 Jul 2014 00:48:17 -0000
@@ -1,11 +1,9 @@
# $OpenBSD: Makefile,v 1.7 2014/07/12 23:32:55 sthen Exp $
-BROKEN= requires TLS PSK ciphersuites, not supported by libressl
-
COMMENT-main= server to accept passive check results for Nagios/Icinga
COMMENT-client= client to send passive check results to Nagios/Icinga
-V= 1.2
+V= 1.3
DISTNAME= nsca-ng-$V
PKGNAME-main= nsca-ng-$V
PKGNAME-client= nsca-ng-client-$V
@@ -18,17 +16,20 @@ MAINTAINER= Stuart Henderson <sthen@open
# BSD
PERMIT_PACKAGE_CDROM= Yes
-WANTLIB= c crypto ev ssl
+WANTLIB= c ev lib/eopenssl/crypto lib/eopenssl/ssl
WANTLIB-main= ${WANTLIB} confuse
MASTER_SITES= https://www.nsca-ng.org/download/
-LIB_DEPENDS= devel/libev
+LIB_DEPENDS= devel/libev \
+ security/openssl
LIB_DEPENDS-main= ${LIB_DEPENDS} \
devel/libconfuse
CONFIGURE_STYLE= gnu
CONFIGURE_ARGS= --enable-server
+CONFIGURE_ENV= CPPFLAGS="-I${LOCALBASE}/include/eopenssl" \
+ LDFLAGS="-L${LOCALBASE}/lib/eopenssl
-Wl,-rpath,${LOCALBASE}/lib/eopenssl"
SEPARATE_BUILD= Yes
MULTI_PACKAGES= -main -client
Index: distinfo
===================================================================
RCS file: /cvs/ports/net/nagios/nsca-ng/distinfo,v
retrieving revision 1.3
diff -u -p -r1.3 distinfo
--- distinfo 7 Nov 2013 10:34:12 -0000 1.3
+++ distinfo 15 Jul 2014 00:48:17 -0000
@@ -1,2 +1,2 @@
-SHA256 (nsca-ng-1.2.tar.gz) = /Q7fejxNpGr/UyG/AFxohT2tW64LiJ5eQjNuhct6JOc=
-SIZE (nsca-ng-1.2.tar.gz) = 327702
+SHA256 (nsca-ng-1.3.tar.gz) = fd7lP+wSlLiYKLA+ra3+usoWQWOVxp3fomXVkgHvZ58=
+SIZE (nsca-ng-1.3.tar.gz) = 332975
Index: patches/patch-src_server_nsca-ng_c
===================================================================
RCS file: patches/patch-src_server_nsca-ng_c
diff -N patches/patch-src_server_nsca-ng_c
--- patches/patch-src_server_nsca-ng_c 7 Nov 2013 10:34:12 -0000 1.3
+++ /dev/null 1 Jan 1970 00:00:00 -0000
@@ -1,28 +0,0 @@
-$OpenBSD: patch-src_server_nsca-ng_c,v 1.3 2013/11/07 10:34:12 sthen Exp $
-
-From 28d4dc879545e4a797c4dd14441e6f12992372ce Mon Sep 17 00:00:00 2001
-From: Holger Weiß <[email protected]>
-Date: Thu, 07 Nov 2013 09:21:05 +0100
-Subject: Ignore errors when closing file descriptors
-
-Don't check the return value of closefrom(3) or fcntl(3) when closing
-open file descriptors on startup. If there are no file descriptors to
-close, closefrom(3) will fail with EBADF on NetBSD and OpenBSD. On
-FreeBSD and Solaris, closefrom(3) is actually declared to return void.
-
---- src/server/nsca-ng.c.orig Thu Nov 7 10:30:02 2013
-+++ src/server/nsca-ng.c Thu Nov 7 10:30:21 2013
-@@ -300,11 +300,9 @@ close_descriptors(void)
- int min_fd = STDERR_FILENO + 1;
-
- #if HAVE_CLOSEFROM /* BSD and Solaris. */
-- if (closefrom(min_fd) == -1)
-- die("Cannot close file descriptors >= %d: %m", min_fd);
-+ (void)closefrom(min_fd);
- #elif defined(F_CLOSEM) /* AIX and IRIX. */
-- if (fcntl(min_fd, F_CLOSEM, 0) == -1)
-- die("Cannot close file descriptors >= %d: %m", min_fd);
-+ (void)fcntl(min_fd, F_CLOSEM, 0);
- #else
- int max_fd = MIN(sysconf(_SC_OPEN_MAX), /* Arbitrary limit: */ 1048576);
- int fd;
