From d849e6cc7a25b9d8fe5411d9f2082227278b224d Mon Sep 17 00:00:00 2001 From: Bernd Kuhls Date: Tue, 5 Feb 2019 11:07:36 -0600 Subject: package/pound: Fix build with OpenSSL 1.1.x The patches enable two new API configurations, one for OpenSSL 1.1.x and the other LibreSSL. A dependency is added to use the Buildroot host tool openssl to create headers (dh512.h). This resolves a host OS mismatch with openssl versions. (The Makefile does this generation as part of the initial build) Signed-off-by: Bernd Kuhls Signed-off-by: Patrick Havelange Signed-off-by: Matt Weber Signed-off-by: Peter Korsgaard --- package/pound/0002-fix-openssl-1.1.0.patch | 334 +++++++++++++++++++++ ...or-libressl-coexisting-with-openssl-1.1.x.patch | 140 +++++++++ package/pound/pound.mk | 2 +- 3 files changed, 475 insertions(+), 1 deletion(-) create mode 100644 package/pound/0002-fix-openssl-1.1.0.patch create mode 100644 package/pound/0003-Support-for-libressl-coexisting-with-openssl-1.1.x.patch (limited to 'package/pound') diff --git a/package/pound/0002-fix-openssl-1.1.0.patch b/package/pound/0002-fix-openssl-1.1.0.patch new file mode 100644 index 0000000000..04eddb15d7 --- /dev/null +++ b/package/pound/0002-fix-openssl-1.1.0.patch @@ -0,0 +1,334 @@ +From a2c9dde4d055ea8942afb150b7fc3a807d4e5d60 Mon Sep 17 00:00:00 2001 +From: Sergey Poznyakoff +Date: Wed, 28 Feb 2018 13:44:01 +0000 +Subject: [PATCH] Support for Openssl 1.1 + +Fixes +http://autobuild.buildroot.net/results/ef2/ef2de6c280bf8622a00d4573bc5bd143e3baa002 + +Downloaded from github fork: +https://github.com/graygnuorg/pound/commit/a2c9dde4d055ea8942afb150b7fc3a807d4e5d60 + +This patch was announced on the upstream mailinglist: +http://www.apsis.ch/pound/pound_list/archive/2018/2018-03/1519920322000 + +Signed-off-by: Bernd Kuhls +--- + .gitignore | 15 ++++++++ + config.c | 17 +++++++-- + http.c | 12 ++++++- + pound.h | 4 ++- + svc.c | 101 +++++++++++++++++++++++++++++++++++++++++++---------- + 5 files changed, 125 insertions(+), 24 deletions(-) + create mode 100644 .gitignore + +diff --git a/config.c b/config.c +index d41a3ee..e8fec0f 100644 +--- a/config.c ++++ b/config.c +@@ -174,6 +174,16 @@ conf_fgets(char *buf, const int max) + } + } + ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++# define general_name_string(n) \ ++ strndup(ASN1_STRING_get0_data(n->d.dNSName), \ ++ ASN1_STRING_length(n->d.dNSName) + 1) ++#else ++# define general_name_string(n) \ ++ strndup(ASN1_STRING_data(n->d.dNSName), \ ++ ASN1_STRING_length(n->d.dNSName) + 1) ++#endif ++ + unsigned char ** + get_subjectaltnames(X509 *x509, unsigned int *count) + { +@@ -194,8 +204,7 @@ get_subjectaltnames(X509 *x509, unsigned int *count) + name = sk_GENERAL_NAME_pop(san_stack); + switch(name->type) { + case GEN_DNS: +- temp[local_count] = strndup(ASN1_STRING_data(name->d.dNSName), ASN1_STRING_length(name->d.dNSName) +- + 1); ++ temp[local_count] = general_name_string(name); + if(temp[local_count] == NULL) + conf_err("out of memory"); + local_count++; +@@ -565,7 +574,9 @@ parse_service(const char *svc_name) + pthread_mutex_init(&res->mut, NULL); + if(svc_name) + strncpy(res->name, svc_name, KEY_SIZE); +-#if OPENSSL_VERSION_NUMBER >= 0x10000000L ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++ if((res->sessions = lh_TABNODE_new(t_hash, t_cmp)) == NULL) ++#elif OPENSSL_VERSION_NUMBER >= 0x10000000L + if((res->sessions = LHM_lh_new(TABNODE, t)) == NULL) + #else + if((res->sessions = lh_new(LHASH_HASH_FN(t_hash), LHASH_COMP_FN(t_cmp))) == NULL) +diff --git a/http.c b/http.c +index dd211e4..c8e756a 100644 +--- a/http.c ++++ b/http.c +@@ -527,12 +527,22 @@ log_bytes(char *res, const LONG cnt) + + /* Cleanup code. This should really be in the pthread_cleanup_push, except for bugs in some implementations */ + ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++# define clear_error() ++#elif OPENSSL_VERSION_NUMBER >= 0x10000000L ++# define clear_error() \ ++ if(ssl != NULL) { ERR_clear_error(); ERR_remove_thread_state(NULL); } ++#else ++# define clear_error() \ ++ if(ssl != NULL) { ERR_clear_error(); ERR_remove_state(0); } ++#endif ++ + #define clean_all() { \ + if(ssl != NULL) { BIO_ssl_shutdown(cl); } \ + if(be != NULL) { BIO_flush(be); BIO_reset(be); BIO_free_all(be); be = NULL; } \ + if(cl != NULL) { BIO_flush(cl); BIO_reset(cl); BIO_free_all(cl); cl = NULL; } \ + if(x509 != NULL) { X509_free(x509); x509 = NULL; } \ +- if(ssl != NULL) { ERR_clear_error(); ERR_remove_state(0); } \ ++ clear_error(); \ + } + + /* +diff --git a/pound.h b/pound.h +index fa22c36..9603b91 100644 +--- a/pound.h ++++ b/pound.h +@@ -344,7 +344,9 @@ typedef struct _tn { + /* maximal session key size */ + #define KEY_SIZE 127 + +-#if OPENSSL_VERSION_NUMBER >= 0x10000000L ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++ DEFINE_LHASH_OF(TABNODE); ++#elif OPENSSL_VERSION_NUMBER >= 0x10000000L + DECLARE_LHASH_OF(TABNODE); + #endif + +diff --git a/svc.c b/svc.c +index 60ba488..063b92c 100644 +--- a/svc.c ++++ b/svc.c +@@ -27,10 +27,17 @@ + + #include "pound.h" + ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++# define TABNODE_GET_DOWN_LOAD(t) lh_TABNODE_get_down_load(t) ++# define TABNODE_SET_DOWN_LOAD(t,n) lh_TABNODE_set_down_load(t,n) ++#else + #ifndef LHASH_OF + #define LHASH_OF(x) LHASH + #define CHECKED_LHASH_OF(type, h) h + #endif ++# define TABNODE_GET_DOWN_LOAD(t) (CHECKED_LHASH_OF(TABNODE, t)->down_load) ++# define TABNODE_SET_DOWN_LOAD(t,n) (CHECKED_LHASH_OF(TABNODE, t)->down_load = n) ++#endif + + /* + * Add a new key/content pair to a hash table +@@ -58,7 +65,9 @@ t_add(LHASH_OF(TABNODE) *const tab, const char *key, const void *content, const + } + memcpy(t->content, content, cont_len); + t->last_acc = time(NULL); +-#if OPENSSL_VERSION_NUMBER >= 0x10000000L ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++ if((old = lh_TABNODE_insert(tab, t)) != NULL) { ++#elif OPENSSL_VERSION_NUMBER >= 0x10000000L + if((old = LHM_lh_insert(TABNODE, tab, t)) != NULL) { + #else + if((old = (TABNODE *)lh_insert(tab, t)) != NULL) { +@@ -82,7 +91,9 @@ t_find(LHASH_OF(TABNODE) *const tab, char *const key) + TABNODE t, *res; + + t.key = key; +-#if OPENSSL_VERSION_NUMBER >= 0x10000000L ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++ if((res = lh_TABNODE_retrieve(tab, &t)) != NULL) { ++#elif OPENSSL_VERSION_NUMBER >= 0x10000000L + if((res = (TABNODE *)LHM_lh_retrieve(TABNODE, tab, &t)) != NULL) { + #else + if((res = (TABNODE *)lh_retrieve(tab, &t)) != NULL) { +@@ -102,7 +113,9 @@ t_remove(LHASH_OF(TABNODE) *const tab, char *const key) + TABNODE t, *res; + + t.key = key; +-#if OPENSSL_VERSION_NUMBER >= 0x10000000L ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++ if((res = lh_TABNODE_delete(tab, &t)) != NULL) { ++#elif OPENSSL_VERSION_NUMBER >= 0x10000000L + if((res = LHM_lh_delete(TABNODE, tab, &t)) != NULL) { + #else + if((res = (TABNODE *)lh_delete(tab, &t)) != NULL) { +@@ -127,7 +140,9 @@ t_old_doall_arg(TABNODE *t, ALL_ARG *a) + TABNODE *res; + + if(t->last_acc < a->lim) +-#if OPENSSL_VERSION_NUMBER >= 0x10000000L ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++ if((res = lh_TABNODE_delete(a->tab, t)) != NULL) { ++#elif OPENSSL_VERSION_NUMBER >= 0x10000000L + if((res = LHM_lh_delete(TABNODE, a->tab, t)) != NULL) { + #else + if((res = lh_delete(a->tab, t)) != NULL) { +@@ -145,6 +160,10 @@ IMPLEMENT_LHASH_DOALL_ARG_FN(t_old, TABNODE, ALL_ARG) + IMPLEMENT_LHASH_DOALL_ARG_FN(t_old, TABNODE *, ALL_ARG *) + #endif + ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++IMPLEMENT_LHASH_DOALL_ARG(TABNODE,ALL_ARG); ++#endif ++ + /* + * Expire all old nodes + */ +@@ -156,14 +175,16 @@ t_expire(LHASH_OF(TABNODE) *const tab, const time_t lim) + + a.tab = tab; + a.lim = lim; +- down_load = CHECKED_LHASH_OF(TABNODE, tab)->down_load; +- CHECKED_LHASH_OF(TABNODE, tab)->down_load = 0; +-#if OPENSSL_VERSION_NUMBER >= 0x10000000L ++ down_load = TABNODE_GET_DOWN_LOAD(tab); ++ TABNODE_SET_DOWN_LOAD(tab, 0); ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++ lh_TABNODE_doall_ALL_ARG(tab, t_old_doall_arg, &a); ++#elif OPENSSL_VERSION_NUMBER >= 0x10000000L + LHM_lh_doall_arg(TABNODE, tab, LHASH_DOALL_ARG_FN(t_old), ALL_ARG, &a); + #else + lh_doall_arg(tab, LHASH_DOALL_ARG_FN(t_old), &a); + #endif +- CHECKED_LHASH_OF(TABNODE, tab)->down_load = down_load; ++ TABNODE_SET_DOWN_LOAD(tab, down_load); + return; + } + +@@ -173,7 +194,9 @@ t_cont_doall_arg(TABNODE *t, ALL_ARG *arg) + TABNODE *res; + + if(memcmp(t->content, arg->content, arg->cont_len) == 0) +-#if OPENSSL_VERSION_NUMBER >= 0x10000000L ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++ if((res = lh_TABNODE_delete(arg->tab, t)) != NULL) { ++#elif OPENSSL_VERSION_NUMBER >= 0x10000000L + if((res = LHM_lh_delete(TABNODE, arg->tab, t)) != NULL) { + #else + if((res = lh_delete(arg->tab, t)) != NULL) { +@@ -203,15 +226,16 @@ t_clean(LHASH_OF(TABNODE) *const tab, void *const content, const size_t cont_len + a.tab = tab; + a.content = content; + a.cont_len = cont_len; +- down_load = CHECKED_LHASH_OF(TABNODE, tab)->down_load; +- CHECKED_LHASH_OF(TABNODE, tab)->down_load = 0; +-#if OPENSSL_VERSION_NUMBER >= 0x10000000L ++ down_load = TABNODE_GET_DOWN_LOAD(tab); ++ TABNODE_SET_DOWN_LOAD(tab, 0); ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++ lh_TABNODE_doall_ALL_ARG(tab, t_cont_doall_arg, &a); ++#elif OPENSSL_VERSION_NUMBER >= 0x10000000L + LHM_lh_doall_arg(TABNODE, tab, LHASH_DOALL_ARG_FN(t_cont), ALL_ARG, &a); + #else + lh_doall_arg(tab, LHASH_DOALL_ARG_FN(t_cont), &a); + #endif +- CHECKED_LHASH_OF(TABNODE, tab)->down_load = down_load; +- return; ++ TABNODE_SET_DOWN_LOAD(tab, down_load); + } + + /* +@@ -1262,6 +1286,31 @@ RSA_tmp_callback(/* not used */SSL *ssl, /* not used */int is_export, int keylen + return res; + } + ++static int ++generate_key(RSA **ret_rsa, unsigned long bits) ++{ ++#if OPENSSL_VERSION_NUMBER > 0x00908000L ++ int rc = 0; ++ RSA *rsa; ++ ++ rsa = RSA_new(); ++ if (rsa) { ++ BIGNUM *bne = BN_new(); ++ if (BN_set_word(bne, RSA_F4)) ++ rc = RSA_generate_key_ex(rsa, bits, bne, NULL); ++ BN_free(bne); ++ if (rc) ++ *ret_rsa = rsa; ++ else ++ RSA_free(rsa); ++ } ++ return rc; ++#else ++ *ret_rsa = RSA_generate_key(bits, RSA_F4, NULL, NULL); ++ return *ret_rsa != NULL; ++#endif ++} ++ + /* + * Periodically regenerate ephemeral RSA keys + * runs every T_RSA_KEYS seconds +@@ -1274,8 +1323,9 @@ do_RSAgen(void) + RSA *t_RSA1024_keys[N_RSA_KEYS]; + + for(n = 0; n < N_RSA_KEYS; n++) { +- t_RSA512_keys[n] = RSA_generate_key(512, RSA_F4, NULL, NULL); +- t_RSA1024_keys[n] = RSA_generate_key(1024, RSA_F4, NULL, NULL); ++ /* FIXME: Error handling */ ++ generate_key(&t_RSA512_keys[n], 512); ++ generate_key(&t_RSA1024_keys[n], 1024); + } + if(ret_val = pthread_mutex_lock(&RSA_mut)) + logmsg(LOG_WARNING, "thr_RSAgen() lock: %s", strerror(ret_val)); +@@ -1329,11 +1379,11 @@ init_timer(void) + * Pre-generate ephemeral RSA keys + */ + for(n = 0; n < N_RSA_KEYS; n++) { +- if((RSA512_keys[n] = RSA_generate_key(512, RSA_F4, NULL, NULL)) == NULL) { ++ if(!generate_key(&RSA512_keys[n], 512)) { + logmsg(LOG_WARNING,"RSA_generate(%d, 512) failed", n); + return; + } +- if((RSA1024_keys[n] = RSA_generate_key(1024, RSA_F4, NULL, NULL)) == NULL) { ++ if(!generate_key(&RSA1024_keys[n], 1024)) { + logmsg(LOG_WARNING,"RSA_generate(%d, 1024) failed", n); + return; + } +@@ -1420,6 +1470,10 @@ IMPLEMENT_LHASH_DOALL_ARG_FN(t_dump, TABNODE, DUMP_ARG) + IMPLEMENT_LHASH_DOALL_ARG_FN(t_dump, TABNODE *, DUMP_ARG *) + #endif + ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++IMPLEMENT_LHASH_DOALL_ARG(TABNODE,DUMP_ARG); ++#endif ++ + /* + * write sessions to the control socket + */ +@@ -1430,7 +1484,9 @@ dump_sess(const int control_sock, LHASH_OF(TABNODE) *const sess, BACKEND *const + + a.control_sock = control_sock; + a.backends = backends; +-#if OPENSSL_VERSION_NUMBER >= 0x10000000L ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++ lh_TABNODE_doall_DUMP_ARG(sess, t_dump_doall_arg, &a); ++#elif OPENSSL_VERSION_NUMBER >= 0x10000000L + LHM_lh_doall_arg(TABNODE, sess, LHASH_DOALL_ARG_FN(t_dump), DUMP_ARG, &a); + #else + lh_doall_arg(sess, LHASH_DOALL_ARG_FN(t_dump), &a); +@@ -1664,6 +1720,13 @@ thr_control(void *arg) + } + } + ++#ifndef SSL3_ST_SR_CLNT_HELLO_A ++# define SSL3_ST_SR_CLNT_HELLO_A (0x110|SSL_ST_ACCEPT) ++#endif ++#ifndef SSL23_ST_SR_CLNT_HELLO_A ++# define SSL23_ST_SR_CLNT_HELLO_A (0x210|SSL_ST_ACCEPT) ++#endif ++ + void + SSLINFO_callback(const SSL *ssl, int where, int rc) + { diff --git a/package/pound/0003-Support-for-libressl-coexisting-with-openssl-1.1.x.patch b/package/pound/0003-Support-for-libressl-coexisting-with-openssl-1.1.x.patch new file mode 100644 index 0000000000..3befc271d7 --- /dev/null +++ b/package/pound/0003-Support-for-libressl-coexisting-with-openssl-1.1.x.patch @@ -0,0 +1,140 @@ +From 145b88d0c1a71ba6f4d216768388e0c5853d3990 Mon Sep 17 00:00:00 2001 +From: Matt Weber +Date: Tue, 5 Feb 2019 10:34:55 -0600 +Subject: [PATCH] Support for libressl coexisting with openssl 1.1.x +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +libressl needs to not follow the 1.1.x path of APIs + +Resolves build failure like +In file included from svc.c:28:0: +pound.h:348:3: warning: data definition has no type or storage class + DEFINE_LHASH_OF(TABNODE); + ^~~~~~~~~~~~~~~ +pound.h:348:3: warning: type defaults to ‘int’ in declaration of ‘DEFINE_LHASH_OF’ [-Wimplicit-int] +svc.c: In function ‘t_add’: +svc.c:69:15: warning: implicit declaration of function ‘lh_TABNODE_insert’; did you mean ‘lh_OBJ_NAME_insert’? [-Wimplicit-function-declaration] + if((old = lh_TABNODE_insert(tab, t)) != NULL) { + ^~~~~~~~~~~~~~~~~ + lh_OBJ_NAME_insert + +Upstream: Site was down when I tried (http://www.apsis.ch/pound) + +Signed-off-by: Matthew Weber +--- + config.c | 2 +- + svc.c | 20 ++++++++++---------- + 2 files changed, 11 insertions(+), 11 deletions(-) + +diff --git a/config.c b/config.c +index 58b928e..3ad7fbb 100644 +--- a/config.c ++++ b/config.c +@@ -574,7 +574,7 @@ parse_service(const char *svc_name) + pthread_mutex_init(&res->mut, NULL); + if(svc_name) + strncpy(res->name, svc_name, KEY_SIZE); +-#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined LIBRESSL_VERSION_NUMBER + if((res->sessions = lh_TABNODE_new(t_hash, t_cmp)) == NULL) + #elif OPENSSL_VERSION_NUMBER >= 0x10000000L + if((res->sessions = LHM_lh_new(TABNODE, t)) == NULL) +diff --git a/svc.c b/svc.c +index f125be4..8a2f62c 100644 +--- a/svc.c ++++ b/svc.c +@@ -27,7 +27,7 @@ + + #include "pound.h" + +-#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined LIBRESSL_VERSION_NUMBER + # define TABNODE_GET_DOWN_LOAD(t) lh_TABNODE_get_down_load(t) + # define TABNODE_SET_DOWN_LOAD(t,n) lh_TABNODE_set_down_load(t,n) + #else +@@ -65,7 +65,7 @@ t_add(LHASH_OF(TABNODE) *const tab, const char *key, const void *content, const + } + memcpy(t->content, content, cont_len); + t->last_acc = time(NULL); +-#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined LIBRESSL_VERSION_NUMBER + if((old = lh_TABNODE_insert(tab, t)) != NULL) { + #elif OPENSSL_VERSION_NUMBER >= 0x10000000L + if((old = LHM_lh_insert(TABNODE, tab, t)) != NULL) { +@@ -91,7 +91,7 @@ t_find(LHASH_OF(TABNODE) *const tab, char *const key) + TABNODE t, *res; + + t.key = key; +-#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined LIBRESSL_VERSION_NUMBER + if((res = lh_TABNODE_retrieve(tab, &t)) != NULL) { + #elif OPENSSL_VERSION_NUMBER >= 0x10000000L + if((res = (TABNODE *)LHM_lh_retrieve(TABNODE, tab, &t)) != NULL) { +@@ -113,7 +113,7 @@ t_remove(LHASH_OF(TABNODE) *const tab, char *const key) + TABNODE t, *res; + + t.key = key; +-#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined LIBRESSL_VERSION_NUMBER + if((res = lh_TABNODE_delete(tab, &t)) != NULL) { + #elif OPENSSL_VERSION_NUMBER >= 0x10000000L + if((res = LHM_lh_delete(TABNODE, tab, &t)) != NULL) { +@@ -140,7 +140,7 @@ t_old_doall_arg(TABNODE *t, ALL_ARG *a) + TABNODE *res; + + if(t->last_acc < a->lim) +-#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined LIBRESSL_VERSION_NUMBER + if((res = lh_TABNODE_delete(a->tab, t)) != NULL) { + #elif OPENSSL_VERSION_NUMBER >= 0x10000000L + if((res = LHM_lh_delete(TABNODE, a->tab, t)) != NULL) { +@@ -160,7 +160,7 @@ IMPLEMENT_LHASH_DOALL_ARG_FN(t_old, TABNODE, ALL_ARG) + IMPLEMENT_LHASH_DOALL_ARG_FN(t_old, TABNODE *, ALL_ARG *) + #endif + +-#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined LIBRESSL_VERSION_NUMBER + IMPLEMENT_LHASH_DOALL_ARG(TABNODE,ALL_ARG); + #endif + +@@ -177,7 +177,7 @@ t_expire(LHASH_OF(TABNODE) *const tab, const time_t lim) + a.lim = lim; + down_load = TABNODE_GET_DOWN_LOAD(tab); + TABNODE_SET_DOWN_LOAD(tab, 0); +-#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined LIBRESSL_VERSION_NUMBER + lh_TABNODE_doall_ALL_ARG(tab, t_old_doall_arg, &a); + #elif OPENSSL_VERSION_NUMBER >= 0x10000000L + LHM_lh_doall_arg(TABNODE, tab, LHASH_DOALL_ARG_FN(t_old), ALL_ARG, &a); +@@ -194,7 +194,7 @@ t_cont_doall_arg(TABNODE *t, ALL_ARG *arg) + TABNODE *res; + + if(memcmp(t->content, arg->content, arg->cont_len) == 0) +-#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined LIBRESSL_VERSION_NUMBER + if((res = lh_TABNODE_delete(arg->tab, t)) != NULL) { + #elif OPENSSL_VERSION_NUMBER >= 0x10000000L + if((res = LHM_lh_delete(TABNODE, arg->tab, t)) != NULL) { +@@ -228,7 +228,7 @@ t_clean(LHASH_OF(TABNODE) *const tab, void *const content, const size_t cont_len + a.cont_len = cont_len; + down_load = TABNODE_GET_DOWN_LOAD(tab); + TABNODE_SET_DOWN_LOAD(tab, 0); +-#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined LIBRESSL_VERSION_NUMBER + lh_TABNODE_doall_ALL_ARG(tab, t_cont_doall_arg, &a); + #elif OPENSSL_VERSION_NUMBER >= 0x10000000L + LHM_lh_doall_arg(TABNODE, tab, LHASH_DOALL_ARG_FN(t_cont), ALL_ARG, &a); +@@ -1514,7 +1514,7 @@ dump_sess(const int control_sock, LHASH_OF(TABNODE) *const sess, BACKEND *const + + a.control_sock = control_sock; + a.backends = backends; +-#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined LIBRESSL_VERSION_NUMBER + lh_TABNODE_doall_DUMP_ARG(sess, t_dump_doall_arg, &a); + #elif OPENSSL_VERSION_NUMBER >= 0x10000000L + LHM_lh_doall_arg(TABNODE, sess, LHASH_DOALL_ARG_FN(t_dump), DUMP_ARG, &a); +-- +1.9.1 + diff --git a/package/pound/pound.mk b/package/pound/pound.mk index 9a62cf7a58..d6839fc2e7 100644 --- a/package/pound/pound.mk +++ b/package/pound/pound.mk @@ -9,7 +9,7 @@ POUND_SITE = http://www.apsis.ch/pound POUND_SOURCE = Pound-$(POUND_VERSION).tgz POUND_LICENSE = GPL-3.0+ POUND_LICENSE_FILES = GPL.txt -POUND_DEPENDENCIES = openssl +POUND_DEPENDENCIES = openssl host-openssl # Force owner/group to us, otherwise it will try proxy:proxy by # default. -- cgit v1.2.1