From 04007e91b5153e5431cdaf375488bc6325cc2207 Mon Sep 17 00:00:00 2001 From: Emanuel Haupt Date: Tue, 16 Oct 2018 07:45:53 +0000 Subject: [PATCH] MFH: r482205 - Fix build with openssl 1.1.1 / unbreak on 12.0-ALPHA9 [1] - Merge a patch from upstream as some providers seem to require SNI when TLSv1.3 is used - Pacify portlint PR: 231776 Submitted by: Sascha Holzleiter Notified by: pkg-fallout [1] Approved by: ports-secteam (blanket) --- mail/isync/Makefile | 7 ++++++- mail/isync/files/patch-src_socket.c | 11 ++++++++++- 2 files changed, 16 insertions(+), 2 deletions(-) diff --git a/mail/isync/Makefile b/mail/isync/Makefile index 7c4084908f13..d8fafc30077c 100644 --- a/mail/isync/Makefile +++ b/mail/isync/Makefile @@ -3,6 +3,7 @@ PORTNAME= isync PORTVERSION= 1.3.0 +PORTREVISION= 1 CATEGORIES= mail MASTER_SITES= SF @@ -19,11 +20,15 @@ LIB_DEPENDS= libsasl2.so:security/cyrus-sasl2 USES= alias bdb cpe perl5 ssl USE_PERL5= build -CPE_VENDOR= oswald_buddenhagen + GNU_CONFIGURE= yes +CPE_VENDOR= oswald_buddenhagen + CONFIGURE_ARGS= --with-sasl=${LOCALBASE} \ --with-ssl=${OPENSSLLIB:H} +MAKE_ARGS+= SSL_LIBS="-L${OPENSSLLIB} -lssl -lcrypto" + CPPFLAGS+= -I${BDB_INCLUDE_DIR} LDFLAGS+= -L${BDB_LIB_DIR} diff --git a/mail/isync/files/patch-src_socket.c b/mail/isync/files/patch-src_socket.c index 4dbed8220aa8..f29ef7ff04a7 100644 --- a/mail/isync/files/patch-src_socket.c +++ b/mail/isync/files/patch-src_socket.c @@ -1,4 +1,4 @@ ---- src/socket.c.orig 2017-08-13 23:04:40 UTC +--- src/socket.c.orig 2017-10-01 08:42:35 UTC +++ src/socket.c @@ -40,7 +40,7 @@ # include @@ -9,3 +9,12 @@ # define X509_OBJECT_get0_X509(o) ((o)->data.x509) # define X509_STORE_get0_objects(o) ((o)->objs) # endif +@@ -270,6 +270,8 @@ socket_start_tls( conn_t *conn, void (*c + + init_wakeup( &conn->ssl_fake, ssl_fake_cb, conn ); + conn->ssl = SSL_new( ((server_conf_t *)conn->conf)->SSLContext ); ++ if (ssl_return( "set server name", conn, SSL_set_tlsext_host_name( conn->ssl, conn->conf->host ) ) < 0) ++ return; + SSL_set_fd( conn->ssl, conn->fd ); + SSL_set_mode( conn->ssl, SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER ); + socket_expect_read( conn, 1 );