author: Mahdi Mokhtari <mmokhi@FreeBSD.org> 2017-12-04 16:34:11 +0000
committer: Mahdi Mokhtari <mmokhi@FreeBSD.org> 2017-12-04 16:34:11 +0000
commit: bd4961ec4fe5e2125a14f0185da80f07e5a5d57c (patch)
tree: 77dba65e40c24f6317d9415931c4e1fd9fedb06f /www
parent: 5ae15ce2b135847b17c659825feb31270ca38bcd (diff)
5 files changed, 73 insertions, 10 deletions
diff --git a/www/mod_pagespeed/Makefile b/www/mod_pagespeed/Makefile
index 6b2b63d99d59..811687dc9e78 100644
--- a/www/mod_pagespeed/Makefile
+++ b/www/mod_pagespeed/Makefile
@@ -2,7 +2,7 @@
 
 PORTNAME=	mod_pagespeed
 PORTVERSION=	1.12.34.2
-PORTREVISION=	2
+PORTREVISION=	3
 PORTEPOCH=	1
 CATEGORIES=	www devel
 MASTER_SITES=	LOCAL/mmokhi:boringssl,chromium_base,chromium_build,googleurl,gflags_arch,gflags_src,libjpeg_turbo_src,yasm_patched,libwebp,modpb64 \
@@ -14,9 +14,6 @@ COMMENT=	Apache module for rewriting web pages to reduce latency
 
 LICENSE=	APACHE20
 
-BROKEN_SSL=	base
-BROKEN_SSL_REASON_base=	needs openssl.pc
-
 BUILD_DEPENDS=	bash:shells/bash \
 		curl:ftp/curl \
 		closure-compiler:www/closure-compiler \
@@ -34,7 +31,7 @@ LIB_DEPENDS=	libpng.so:graphics/png \
 		libicutu.so:devel/icu \
 		libopencv_legacy.so:graphics/opencv
 
-USES=		compiler:c++14-lang jpeg gmake localbase pkgconfig \
+USES=		compiler:c++14-lang gperf jpeg gmake localbase pkgconfig \
 		python shebangfix ssl tar:xz
 USE_APACHE=	22
 SHEBANG_GLOB=	*.gyp *.gypi *.py *.sh
@@ -145,7 +142,7 @@ post-patch:
 	    cd ${BUILD_WRKSRC}/third_party/google-sparsehash/gen/arch/freebsd && \
 	    ${MV} ia32 i386 && ${MV} x64 amd64 )
 	${REINPLACE_CMD} -e "s,%%LOCALBASE%%,${LOCALBASE},g" \
-	    ${WRKSRC}/base/base.gypi
+	    ${WRKSRC}/base/base.gypi ${WRKSRC}/third_party/serf/select_openssl.gyp
 	${REINPLACE_CMD} -e "s,%%PORTSSTAGE%%,${STAGEDIR},g" \
 	    ${WRKSRC}/install/Makefile
 	${FIND} ${WRKSRC} -type f \( -name "*.gyp" -o -name "*.gypi" \) -exec \
diff --git a/www/mod_pagespeed/files/patch-third__party_grpc_src_src_core_lib_tsi_ssl__transport__security.c b/www/mod_pagespeed/files/patch-third__party_grpc_src_src_core_lib_tsi_ssl__transport__security.c
index 165a37b827a0..31e1b5aa1f4a 100644
--- a/www/mod_pagespeed/files/patch-third__party_grpc_src_src_core_lib_tsi_ssl__transport__security.c
+++ b/www/mod_pagespeed/files/patch-third__party_grpc_src_src_core_lib_tsi_ssl__transport__security.c
@@ -8,3 +8,18 @@
  #include <limits.h>
  #include <string.h>
  
+@@ -54,11 +55,10 @@
+ #define TSI_SSL_MAX_PROTECTED_FRAME_SIZE_UPPER_BOUND 16384
+ #define TSI_SSL_MAX_PROTECTED_FRAME_SIZE_LOWER_BOUND 1024
+ 
+-/* Putting a macro like this and littering the source file with #if is really
+-   bad practice.
+-   TODO(jboeuf): refactor all the #if / #endif in a separate module. */
+-#ifndef TSI_OPENSSL_ALPN_SUPPORT
++#if OPENSSL_VERSION_NUMBER >= 0x10002000L
+ #define TSI_OPENSSL_ALPN_SUPPORT 1
++#else
++#define TSI_OPENSSL_ALPN_SUPPORT 0
+ #endif
+ 
+ /* TODO(jboeuf): I have not found a way to get this number dynamically from the 
diff --git a/www/mod_pagespeed/files/patch-third__party_serf_instaweb__ssl__buckets.c b/www/mod_pagespeed/files/patch-third__party_serf_instaweb__ssl__buckets.c
new file mode 100644
index 000000000000..91b7882a13cc
--- /dev/null
+++ b/www/mod_pagespeed/files/patch-third__party_serf_instaweb__ssl__buckets.c
@@ -0,0 +1,18 @@
+--- third_party/serf/instaweb_ssl_buckets.c.orig	2017-06-08 22:22:39 UTC
++++ third_party/serf/instaweb_ssl_buckets.c
+@@ -1697,11 +1697,15 @@ int serf_ssl_cert_depth(const serf_ssl_c
+ int serf_ssl_check_host(const serf_ssl_certificate_t *cert,
+                         const char* hostname)
+ {
++#if TSI_OPENSSL_ALPN_SUPPORT == 0
++  return (-1);
++#else
+   return X509_check_host(cert->ssl_cert,
+                          hostname,
+                          strlen(hostname),
+                          0 /* we don't need to set any flags */,
+                          NULL /* we don't need the SAN or CN extracted*/);
++#endif
+ }
+ 
+ apr_hash_t *serf_ssl_cert_issuer(
diff --git a/www/mod_pagespeed/files/patch-third__party_serf_select__openssl.gyp b/www/mod_pagespeed/files/patch-third__party_serf_select__openssl.gyp
index 568609ea818c..d122c8ae1040 100644
--- a/www/mod_pagespeed/files/patch-third__party_serf_select__openssl.gyp
+++ b/www/mod_pagespeed/files/patch-third__party_serf_select__openssl.gyp
@@ -1,15 +1,21 @@
---- third_party/serf/select_openssl.gyp.orig	2017-10-04 20:20:10 UTC
+--- third_party/serf/select_openssl.gyp.orig	2017-06-08 22:22:39 UTC
 +++ third_party/serf/select_openssl.gyp
-@@ -47,10 +47,10 @@
+@@ -42,15 +42,15 @@
+           'type': 'none',
+           'direct_dependent_settings': {
+             'cflags': [
+-              '<!@(pkg-config --cflags openssl)',
++              '<!@(if [ -e %%LOCALBASE%%/libdata/pkgconfig/openssl.pc ]; then pkg-config --cflags openssl; else echo "-I/usr/include -DTSI_OPENSSL_ALPN_SUPPORT=0"; fi)',
+             ],
            },
            'link_settings': {
              'ldflags': [
 -              '<!@(pkg-config --libs-only-L --libs-only-other openssl)',
-+              '<!@(pkg-config --libs openssl)',
++              '<!@(if [ -e %%LOCALBASE%%/libdata/pkgconfig/openssl.pc ]; then pkg-config --libs openssl; else echo "-L/usr/lib -lssl -lcrypto"; fi)',
              ],
              'libraries': [
 -              '<!@(pkg-config --libs-only-l openssl)',
-+              '<!@(pkg-config --libs openssl)',
++              '<!@(if [ -e %%LOCALBASE%%/libdata/pkgconfig/openssl.pc ]; then pkg-config --libs openssl; else echo "-L/usr/lib -lssl -lcrypto"; fi)',
              ],
            },
          },
diff --git a/www/mod_pagespeed/files/patch-third__party_serf_serf.diff b/www/mod_pagespeed/files/patch-third__party_serf_serf.diff
new file mode 100644
index 000000000000..6f55362f055f
--- /dev/null
+++ b/www/mod_pagespeed/files/patch-third__party_serf_serf.diff
@@ -0,0 +1,27 @@
+--- third_party/serf/serf.diff.orig	2017-06-08 22:22:39 UTC
++++ third_party/serf/serf.diff
+@@ -324,7 +324,7 @@
+  apr_status_t serf_ssl_load_cert_file(
+      serf_ssl_certificate_t **cert,
+      const char *file_path,
+-@@ -1652,6 +1688,21 @@
++@@ -1652,6 +1688,25 @@
+      return cert->depth;
+  }
+  
+@@ -337,11 +337,15 @@
+ +int serf_ssl_check_host(const serf_ssl_certificate_t *cert,
+ +                        const char* hostname)
+ +{
+++#if TSI_OPENSSL_ALPN_SUPPORT == 0
+++  return (-1);
+++#else
+ +  return X509_check_host(cert->ssl_cert,
+ +                         hostname,
+ +                         strlen(hostname),
+ +                         0 /* we don't need to set any flags */,
+ +                         NULL /* we don't need the SAN or CN extracted*/);
+++#endif
+ +}
+  
+  apr_hash_t *serf_ssl_cert_issuer(
author	Mahdi Mokhtari <mmokhi@FreeBSD.org>	2017-12-04 16:34:11 +0000
committer	Mahdi Mokhtari <mmokhi@FreeBSD.org>	2017-12-04 16:34:11 +0000
commit	bd4961ec4fe5e2125a14f0185da80f07e5a5d57c (patch)
tree	77dba65e40c24f6317d9415931c4e1fd9fedb06f /www
parent	5ae15ce2b135847b17c659825feb31270ca38bcd (diff)