main/postfix: upgrade to 3.1.3 and build against libressl

1 files changed, 138 insertions, 0 deletions

diff --git a/main/postfix/libressl.patch b/main/postfix/libressl.patch
new file mode 100644
index 0000000000..835edd689f
--- /dev/null
+++ b/main/postfix/libressl.patch
@@ -0,0 +1,138 @@
+$OpenBSD: patch-src_tls_tls_h,v 1.1 2016/03/05 17:34:24 sthen Exp $
+
+Fix building with LibreSSL
+
+--- a/src/tls/tls.h.orig	Sat Feb  6 15:09:41 2016
++++ b/src/tls/tls.h	Fri Feb 12 20:15:25 2016
+@@ -89,7 +89,7 @@ extern const char *str_tls_level(int);
+ #endif
+ 
+  /* Backwards compatibility with OpenSSL < 1.1.0 */
+-#if OPENSSL_VERSION_NUMBER < 0x10100000L
++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
+ #define OpenSSL_version_num SSLeay
+ #define OpenSSL_version SSLeay_version
+ #define OPENSSL_VERSION SSLEAY_VERSION
+diff -urp src/posttls-finger/posttls-finger.c src/posttls-finger/posttls-finger.c
+--- a/src/posttls-finger/posttls-finger.c.orig	2016-08-27 22:27:50.000000000 +0200
++++ b/src/posttls-finger/posttls-finger.c	2016-08-29 15:57:24.941368708 +0200
+@@ -1511,7 +1511,7 @@ static int finger(STATE *state)
+     return (0);
+ }
+ 
+-#if defined(USE_TLS) && OPENSSL_VERSION_NUMBER < 0x10100000L
++#if defined(USE_TLS) && (OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER))
+ 
+ /* ssl_cleanup - free memory allocated in the OpenSSL library */
+ 
+@@ -1958,7 +1958,7 @@ int     main(int argc, char *argv[])
+     cleanup(&state);
+ 
+     /* OpenSSL 1.1.0 and later (de)initialization is implicit */
+-#if defined(USE_TLS) && OPENSSL_VERSION_NUMBER < 0x10100000L
++#if defined(USE_TLS) && OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
+     ssl_cleanup();
+ #endif
+ 
+diff -urp src/tls/tls_client.c src/tls/tls_client.c
+--- a/src/tls/tls_client.c.orig	2016-08-27 22:27:50.000000000 +0200
++++ b/src/tls/tls_client.c	2016-08-29 16:00:17.115355822 +0200
+@@ -299,7 +299,7 @@ TLS_APPL_STATE *tls_client_init(const TL
+      */
+     tls_check_version();
+ 
+-#if OPENSSL_VERSION_NUMBER < 0x10100000L
++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
+ 
+     /*
+      * Initialize the OpenSSL library by the book! To start with, we must
+@@ -356,7 +356,7 @@ TLS_APPL_STATE *tls_client_init(const TL
+      * TLS_ANY_VERSION macro.
+      */
+     ERR_clear_error();
+-#if OPENSSL_VERSION_NUMBER >= 0x10100000L && defined(TLS_ANY_VERSION)
++#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) && defined(TLS_ANY_VERSION)
+     client_ctx = SSL_CTX_new(TLS_client_method());
+ #else
+     client_ctx = SSL_CTX_new(SSLv23_client_method());
+@@ -441,7 +441,7 @@ TLS_APPL_STATE *tls_client_init(const TL
+     /*
+      * 2015-12-05: Ephemeral RSA removed from OpenSSL 1.1.0-dev
+      */
+-#if OPENSSL_VERSION_NUMBER < 0x10100000L
++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
+ 
+     /*
+      * According to the OpenSSL documentation, temporary RSA key is needed
+diff -urp src/tls/tls_dane.c src/tls/tls_dane.c
+--- a/src/tls/tls_dane.c.orig	2016-08-27 22:27:50.000000000 +0200
++++ b/src/tls/tls_dane.c	2016-08-29 15:58:30.467363804 +0200
+@@ -2163,7 +2163,7 @@ static SSL_CTX *ctx_init(const char *CAf
+     tls_param_init();
+     tls_check_version();
+ 
+-#if OPENSSL_VERSION_NUMBER < 0x10100000L
++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
+     SSL_load_error_strings();
+     SSL_library_init();
+ #endif
+diff -urp src/tls/tls_rsa.c src/tls/tls_rsa.c
+--- a/src/tls/tls_rsa.c.orig	2016-01-03 15:49:51.000000000 +0100
++++ b/src/tls/tls_rsa.c	2016-08-29 15:57:58.067366229 +0200
+@@ -57,7 +57,7 @@
+  /*
+   * 2015-12-05: Ephemeral RSA removed from OpenSSL 1.1.0-dev
+   */
+-#if OPENSSL_VERSION_NUMBER < 0x10100000L
++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
+ 
+ /* tls_tmp_rsa_cb - call-back to generate ephemeral RSA key */
+ 
+@@ -109,7 +109,7 @@ int     main(int unused_argc, char *cons
+     /*
+      * 2015-12-05: Ephemeral RSA removed from OpenSSL 1.1.0-dev
+      */
+-#if OPENSSL_VERSION_NUMBER < 0x10100000L
++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
+     RSA    *rsa;
+ 
+     msg_vstream_init(argv[0], VSTREAM_ERR);
+diff -urp src/tls/tls_server.c src/tls/tls_server.c
+--- a/src/tls/tls_server.c.orig	2016-08-27 22:27:50.000000000 +0200
++++ b/src/tls/tls_server.c	2016-08-29 15:59:41.807358465 +0200
+@@ -174,7 +174,7 @@ static const char server_session_id_cont
+ #endif					/* OPENSSL_VERSION_NUMBER */
+ 
+  /* OpenSSL 1.1.0 bitrot */
+-#if OPENSSL_VERSION_NUMBER >= 0x10100000L
++#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
+ typedef const unsigned char *session_id_t;
+ 
+ #else
+@@ -377,7 +377,7 @@ TLS_APPL_STATE *tls_server_init(const TL
+      */
+     tls_check_version();
+ 
+-#if OPENSSL_VERSION_NUMBER < 0x10100000L
++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
+ 
+     /*
+      * Initialize the OpenSSL library by the book! To start with, we must
+@@ -447,7 +447,7 @@ TLS_APPL_STATE *tls_server_init(const TL
+      * TLS_ANY_VERSION macro.
+      */
+     ERR_clear_error();
+-#if OPENSSL_VERSION_NUMBER >= 0x10100000L && defined(TLS_ANY_VERSION)
++#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) && defined(TLS_ANY_VERSION)
+     server_ctx = SSL_CTX_new(TLS_server_method());
+ #else
+     server_ctx = SSL_CTX_new(SSLv23_server_method());
+@@ -588,7 +588,7 @@ TLS_APPL_STATE *tls_server_init(const TL
+     /*
+      * 2015-12-05: Ephemeral RSA removed from OpenSSL 1.1.0-dev
+      */
+-#if OPENSSL_VERSION_NUMBER < 0x10100000L
++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
+ 
+     /*
+      * According to OpenSSL documentation, a temporary RSA key is needed when