2 files changed, 20 insertions, 4 deletions

diff --git a/net/openldap24-server/Makefile b/net/openldap24-server/Makefile
index 0efe7962e43a..aa3d8dafa451 100644
--- a/net/openldap24-server/Makefile
+++ b/net/openldap24-server/Makefile
@@ -218,10 +218,6 @@ CONFIGURE_ARGS=		--with-threads=posix \
 			--disable-dependency-tracking \
 			--enable-dynamic
 
-.if ${SSL_DEFAULT:Mlibressl*}
-IGNORE+=		requires OpenSSL 1.1 TLSv1.3 API in a future release of LibreSSL
-.endif
-
 .if ${PORT_OPTIONS:MSASL}
 LIB_DEPENDS+=		libsasl2.so:security/cyrus-sasl2
 CONFIGURE_ARGS+=	--with-cyrus-sasl
diff --git a/net/openldap24-server/files/patch-libraries_libldap_tls__o.c b/net/openldap24-server/files/patch-libraries_libldap_tls__o.c
new file mode 100644
index 000000000000..fa2c360671c0
--- /dev/null
+++ b/net/openldap24-server/files/patch-libraries_libldap_tls__o.c
@@ -0,0 +1,20 @@
+--- libraries/libldap/tls_o.c.orig	2021-06-03 18:40:31 UTC
++++ libraries/libldap/tls_o.c
+@@ -273,7 +273,7 @@ tlso_ctx_free ( tls_ctx *ctx )
+ 	SSL_CTX_free( c );
+ }
+ 
+-#if OPENSSL_VERSION_NUMBER >= 0x10101000
++#if OPENSSL_VERSION_NUMBER >= 0x10101000 && !defined(OPENSSL_NO_TLS1_3)
+ static char *
+ tlso_stecpy( char *dst, const char *src, const char *end )
+ {
+@@ -382,7 +382,7 @@ tlso_ctx_init( struct ldapoptions *lo, struct ldaptls 
+ 		SSL_CTX_set_options( ctx, SSL_OP_NO_SSLv2 );
+ 
+ 	if ( lo->ldo_tls_ciphersuite ) {
+-#if OPENSSL_VERSION_NUMBER >= 0x10101000
++#if OPENSSL_VERSION_NUMBER >= 0x10101000 && !defined(OPENSSL_NO_TLS1_3)
+ 		tlso_ctx_cipher13( ctx, lt->lt_ciphersuite );
+ #endif /* OpenSSL 1.1.1 */
+ 		if ( !SSL_CTX_set_cipher_list( ctx, lt->lt_ciphersuite ) )