Hi,

Here's a diff to move haproxy from the oldstable branch to stable
branch. I didn't succeed before because the libressl stuff but
trueos/hbsd did the job so I just stole their diff.

Comments? OK?

Cheers,
Daniel

Index: Makefile
===================================================================
RCS file: /cvs/ports/net/haproxy/Makefile,v
retrieving revision 1.42
diff -u -p -r1.42 Makefile
--- Makefile    20 Jun 2017 17:38:40 -0000      1.42
+++ Makefile    11 Aug 2017 16:09:12 -0000
@@ -2,7 +2,7 @@
 
 COMMENT =      reliable, high performance TCP/HTTP load balancer
 
-DISTNAME =     haproxy-1.6.13
+DISTNAME =     haproxy-1.7.8
 CATEGORIES =   net www
 HOMEPAGE =     http://www.haproxy.org/
 MAINTAINER =   Daniel Jakots <o...@chown.me>
@@ -12,7 +12,7 @@ PERMIT_PACKAGE_CDROM =                Yes
 
 WANTLIB =      c crypto pcre pcreposix ssl
 
-MASTER_SITES = ${HOMEPAGE}/download/1.6/src/
+MASTER_SITES = ${HOMEPAGE}/download/1.7/src/
 
 HAPROXYCONF =  ${SYSCONFDIR}/haproxy
 HAPROXYSTATE = /var/haproxy
Index: distinfo
===================================================================
RCS file: /cvs/ports/net/haproxy/distinfo,v
retrieving revision 1.25
diff -u -p -r1.25 distinfo
--- distinfo    20 Jun 2017 17:38:40 -0000      1.25
+++ distinfo    11 Aug 2017 16:09:12 -0000
@@ -1,2 +1,2 @@
-SHA256 (haproxy-1.6.13.tar.gz) = fTGFg/OhvxhehXvUBEkASynJVUfIm7s2cY8oTilQKhs=
-SIZE (haproxy-1.6.13.tar.gz) = 1580214
+SHA256 (haproxy-1.7.8.tar.gz) = 7JAVPM7dIK1AFdPq92tQL/H2G0MdVMIrhFe1eEqa4UI=
+SIZE (haproxy-1.7.8.tar.gz) = 1746321
Index: patches/patch-Makefile
===================================================================
RCS file: patches/patch-Makefile
diff -N patches/patch-Makefile
--- patches/patch-Makefile      20 Jun 2017 17:38:40 -0000      1.6
+++ /dev/null   1 Jan 1970 00:00:00 -0000
@@ -1,23 +0,0 @@
-$OpenBSD: patch-Makefile,v 1.6 2017/06/20 17:38:40 danj Exp $
-
-Make use of accept4() on OpenBSD.
-
-Committed upstream
-http://git.haproxy.org/?p=haproxy.git;a=commit;h=9705ba2981016dd6b3b8d690bb8935a396cc0994
-
-Index: Makefile
---- Makefile.orig
-+++ Makefile
-@@ -306,10 +306,11 @@ ifeq ($(TARGET),osx)
-   USE_TPROXY     = implicit
- else
- ifeq ($(TARGET),openbsd)
--  # This is for OpenBSD >= 3.0
-+  # This is for OpenBSD >= 5.7
-   USE_POLL       = implicit
-   USE_KQUEUE     = implicit
-   USE_TPROXY     = implicit
-+  USE_ACCEPT4    = implicit
- else
- ifeq ($(TARGET),netbsd)
-   # This is for NetBSD
Index: patches/patch-doc_haproxy_1
===================================================================
RCS file: /cvs/ports/net/haproxy/patches/patch-doc_haproxy_1,v
retrieving revision 1.3
diff -u -p -r1.3 patch-doc_haproxy_1
--- patches/patch-doc_haproxy_1 11 Sep 2014 14:47:20 -0000      1.3
+++ patches/patch-doc_haproxy_1 11 Aug 2017 16:09:12 -0000
@@ -1,7 +1,8 @@
 $OpenBSD: patch-doc_haproxy_1,v 1.3 2014/09/11 14:47:20 gonzalo Exp $
---- doc/haproxy.1.orig Fri Jul 25 03:56:07 2014
-+++ doc/haproxy.1      Thu Sep  4 12:12:46 2014
-@@ -188,8 +188,7 @@ This signal is intercepted and ignored on systems with
+Index: doc/haproxy.1
+--- doc/haproxy.1.orig
++++ doc/haproxy.1
+@@ -190,8 +190,7 @@ This signal is intercepted and ignored on systems with
  
  .SH SEE ALSO
  
Index: patches/patch-src_ssl_sock_c
===================================================================
RCS file: /cvs/ports/net/haproxy/patches/patch-src_ssl_sock_c,v
retrieving revision 1.6
diff -u -p -r1.6 patch-src_ssl_sock_c
--- patches/patch-src_ssl_sock_c        1 Feb 2017 15:49:34 -0000       1.6
+++ patches/patch-src_ssl_sock_c        11 Aug 2017 16:09:12 -0000
@@ -1,21 +1,51 @@
 $OpenBSD: patch-src_ssl_sock_c,v 1.6 2017/02/01 15:49:34 naddy Exp $
---- src/ssl_sock.c.orig        Sun Dec 25 09:26:16 2016
-+++ src/ssl_sock.c     Thu Jan 26 21:09:45 2017
-@@ -2810,7 +2810,7 @@ int ssl_sock_handshake(struct connection *conn, unsign
-                               if (!errno && conn->flags & CO_FL_WAIT_L4_CONN)
-                                       conn->flags &= ~CO_FL_WAIT_L4_CONN;
-                               if (!conn->err_code) {
--                                      if (!((SSL 
*)conn->xprt_ctx)->packet_length) {
-+                                      if (SSL_state((SSL *)conn->xprt_ctx) == 
SSL_ST_BEFORE) {
-                                               if (!errno) {
-                                                       if (conn->xprt_st & 
SSL_SOCK_RECV_HEARTBEAT)
-                                                               conn->err_code 
= CO_ER_SSL_HANDSHAKE_HB;
-@@ -2877,7 +2877,7 @@ int ssl_sock_handshake(struct connection *conn, unsign
-                       if (!errno && conn->flags & CO_FL_WAIT_L4_CONN)
-                               conn->flags &= ~CO_FL_WAIT_L4_CONN;
+
+From
+https://github.com/trueos/freebsd-ports/blob/3745ead2e0f43985c3647e1e3aecae2751decfda/net/haproxy/files/patch-src_ssl__sock.c
+
+Index: src/ssl_sock.c
+--- src/ssl_sock.c.orig
++++ src/ssl_sock.c
+@@ -794,8 +794,11 @@ static int ssl_sock_load_ocsp(SSL_CTX *ctx, const char
+               ocsp = NULL;
  
--                      if (!((SSL *)conn->xprt_ctx)->packet_length) {
-+                      if (SSL_state((SSL *)conn->xprt_ctx) == SSL_ST_BEFORE) {
+ #ifndef SSL_CTX_get_tlsext_status_cb
++#ifndef SSL_CTRL_GET_TLSEXT_STATUS_REQ_CB
++#define SSL_CTRL_GET_TLSEXT_STATUS_REQ_CB 128
++#endif
+ # define SSL_CTX_get_tlsext_status_cb(ctx, cb) \
+-      *cb = (void (*) (void))ctx->tlsext_status_cb;
++      *cb = SSL_CTX_ctrl(ctx,SSL_CTRL_GET_TLSEXT_STATUS_REQ_CB,0, (void 
(**)(void))cb)
+ #endif
+       SSL_CTX_get_tlsext_status_cb(ctx, &callback);
+ 
+@@ -823,7 +826,10 @@ static int ssl_sock_load_ocsp(SSL_CTX *ctx, const char
+               int key_type;
+               EVP_PKEY *pkey;
+ 
+-#ifdef SSL_CTX_get_tlsext_status_arg
++#if defined(SSL_CTX_get_tlsext_status_arg) || defined(LIBRESSL_VERSION_NUMBER)
++#ifndef SSL_CTRL_GET_TLSEXT_STATUS_REQ_CB_ARG
++#define SSL_CTRL_GET_TLSEXT_STATUS_REQ_CB_ARG 129
++#endif
+               SSL_CTX_ctrl(ctx, SSL_CTRL_GET_TLSEXT_STATUS_REQ_CB_ARG, 0, 
&cb_arg);
+ #else
+               cb_arg = ctx->tlsext_status_arg;
+@@ -3539,7 +3545,7 @@ int ssl_sock_handshake(struct connection *conn, unsign
+                                       OSSL_HANDSHAKE_STATE state = 
SSL_get_state((SSL *)conn->xprt_ctx);
+                                       empty_handshake = state == 
TLS_ST_BEFORE;
+ #else
+-                                      empty_handshake = !((SSL 
*)conn->xprt_ctx)->packet_length;
++                                      empty_handshake = SSL_state((SSL 
*)conn->xprt_ctx) == SSL_ST_BEFORE;
+ #endif
+ 
+                                       if (empty_handshake) {
+@@ -3617,7 +3623,7 @@ int ssl_sock_handshake(struct connection *conn, unsign
+                       state = SSL_get_state((SSL *)conn->xprt_ctx);
+                       empty_handshake = state == TLS_ST_BEFORE;
+ #else
+-                      empty_handshake = !((SSL 
*)conn->xprt_ctx)->packet_length;
++                      empty_handshake = SSL_state((SSL *)conn->xprt_ctx) == 
SSL_ST_BEFORE;
+ #endif
+                       if (empty_handshake) {
                                if (!errno) {
-                                       if (conn->xprt_st & 
SSL_SOCK_RECV_HEARTBEAT)
-                                               conn->err_code = 
CO_ER_SSL_HANDSHAKE_HB;

Reply via email to