diff --git a/srcpkgs/apache/patches/fix-libressl-2.7.patch b/srcpkgs/apache/patches/fix-libressl-2.7.patch deleted file mode 100644 index bdd5926bf54..00000000000 --- a/srcpkgs/apache/patches/fix-libressl-2.7.patch +++ /dev/null @@ -1,12 +0,0 @@ -LibreSSL 2.7 supports newer OpenSSL APIs. Remove special handling for libreSSL. ---- modules/ssl/ssl_private.h.orig 2018-04-23 11:51:35.849536609 +0200 -+++ modules/ssl/ssl_private.h 2018-04-23 11:51:49.578557354 +0200 -@@ -123,7 +123,7 @@ - #define MODSSL_SSL_METHOD_CONST - #endif - --#if defined(LIBRESSL_VERSION_NUMBER) -+#if 0 - /* Missing from LibreSSL */ - #if LIBRESSL_VERSION_NUMBER < 0x2060000f - #define SSL_CTRL_SET_MIN_PROTO_VERSION 123 diff --git a/srcpkgs/apache/patches/libressl-2.7.patch b/srcpkgs/apache/patches/libressl-2.7.patch new file mode 100644 index 00000000000..c3d3b7c7d12 --- /dev/null +++ b/srcpkgs/apache/patches/libressl-2.7.patch @@ -0,0 +1,74 @@ +diff --git a/modules/md/md_crypt.c b/modules/md/md_crypt.c +index 66682ea..9cc7862 100644 +--- ./modules/md/md_crypt.c ++++ ./modules/md/md_crypt.c +@@ -471,7 +471,7 @@ apr_status_t md_pkey_gen(md_pkey_t **ppkey, apr_pool_t *p, md_pkey_spec_t *spec) + } + } + +-#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) ++#if OPENSSL_VERSION_NUMBER < 0x10100000L || (defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x2070000f) + + #ifndef NID_tlsfeature + #define NID_tlsfeature 1020 +diff --git a/modules/ssl/mod_ssl.c b/modules/ssl/mod_ssl.c +index 48d64cb..2392019 100644 +--- ./modules/ssl/mod_ssl.c ++++ ./modules/ssl/mod_ssl.c +@@ -398,7 +398,7 @@ static int ssl_hook_pre_config(apr_pool_t *pconf, + /* We must register the library in full, to ensure our configuration + * code can successfully test the SSL environment. + */ +-#if MODSSL_USE_OPENSSL_PRE_1_1_API ++#if MODSSL_USE_OPENSSL_PRE_1_1_API || defined(LIBRESSL_VERSION_NUMBER) + (void)CRYPTO_malloc_init(); + #else + OPENSSL_malloc_init(); +diff --git a/modules/ssl/ssl_engine_init.c b/modules/ssl/ssl_engine_init.c +index a3a74f4..33ea494 100644 +--- ./modules/ssl/ssl_engine_init.c ++++ ./modules/ssl/ssl_engine_init.c +@@ -616,7 +616,8 @@ static apr_status_t ssl_init_ctx_protocol(server_rec *s, + + SSL_CTX_set_options(ctx, SSL_OP_ALL); + +-#if OPENSSL_VERSION_NUMBER < 0x10100000L ++#if OPENSSL_VERSION_NUMBER < 0x10100000L || \ ++ (defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x20800000L) + /* always disable SSLv2, as per RFC 6176 */ + SSL_CTX_set_options(ctx, SSL_OP_NO_SSLv2); + +diff --git a/modules/ssl/ssl_private.h b/modules/ssl/ssl_private.h +index a39569c..e0e1b37 100644 +--- ./modules/ssl/ssl_private.h ++++ ./modules/ssl/ssl_private.h +@@ -132,13 +132,14 @@ + SSL_CTX_ctrl(ctx, SSL_CTRL_SET_MIN_PROTO_VERSION, version, NULL) + #define SSL_CTX_set_max_proto_version(ctx, version) \ + SSL_CTX_ctrl(ctx, SSL_CTRL_SET_MAX_PROTO_VERSION, version, NULL) +-#endif +-/* LibreSSL declares OPENSSL_VERSION_NUMBER == 2.0 but does not include most +- * changes from OpenSSL >= 1.1 (new functions, macros, deprecations, ...), so +- * we have to work around this... ++#elif LIBRESSL_VERSION_NUMBER < 0x2070000f ++/* LibreSSL before 2.7 declares OPENSSL_VERSION_NUMBER == 2.0 but does not ++ * include most changes from OpenSSL >= 1.1 (new functions, macros, ++ * deprecations, ...), so we have to work around this... + */ + #define MODSSL_USE_OPENSSL_PRE_1_1_API (1) +-#else ++#endif /* LIBRESSL_VERSION_NUMBER < 0x2060000f */ ++#else /* defined(LIBRESSL_VERSION_NUMBER) */ + #define MODSSL_USE_OPENSSL_PRE_1_1_API (OPENSSL_VERSION_NUMBER < 0x10100000L) + #endif + +@@ -238,7 +239,8 @@ void init_bio_methods(void); + void free_bio_methods(void); + #endif + +-#if OPENSSL_VERSION_NUMBER < 0x10002000L || defined(LIBRESSL_VERSION_NUMBER) ++#if OPENSSL_VERSION_NUMBER < 0x10002000L || \ ++ (defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x2070000f) + #define X509_STORE_CTX_get0_store(x) (x->ctx) + #endif + diff --git a/srcpkgs/apache/template b/srcpkgs/apache/template index e68dc8e09c6..d3fe9f479b0 100644 --- a/srcpkgs/apache/template +++ b/srcpkgs/apache/template @@ -1,7 +1,7 @@ # Template file for 'apache' pkgname=apache version=2.4.29 -revision=3 +revision=4 wrksrc=httpd-${version} build_style=gnu-configure configure_args="--prefix= --sbindir=/usr/bin --enable-pie --enable-modules=all