<pre style='margin:0'>
Marius Schamschula (Schamschula) pushed a commit to branch master
in repository macports-ports.
</pre>
<p><a href="https://github.com/macports/macports-ports/commit/9535fdff21d764948182c6bc3f3c9e6fc318f23f">https://github.com/macports/macports-ports/commit/9535fdff21d764948182c6bc3f3c9e6fc318f23f</a></p>
<pre style="white-space: pre; background: #F8F8F8">The following commit(s) were added to refs/heads/master by this push:
<span style='display:block; white-space:pre;color:#404040;'> new 9535fdff21d apache2: fix "ERR_GET_FUNC" is invalid with openssl 3.0
</span>9535fdff21d is described below
<span style='display:block; white-space:pre;color:#808000;'>commit 9535fdff21d764948182c6bc3f3c9e6fc318f23f
</span>Author: Marius Schamschula <mps@macports.org>
AuthorDate: Sun Nov 7 20:02:44 2021 -0600
<span style='display:block; white-space:pre;color:#404040;'> apache2: fix "ERR_GET_FUNC" is invalid with openssl 3.0
</span><span style='display:block; white-space:pre;color:#404040;'>
</span><span style='display:block; white-space:pre;color:#404040;'> Uses upstream patch
</span><span style='display:block; white-space:pre;color:#404040;'> See: https://trac.macports.org/ticket/63846
</span>---
www/apache2/Portfile | 5 ++--
www/apache2/files/patch-ssl_engine_init.c.diff | 35 ++++++++++++++++++++++++++
2 files changed, 38 insertions(+), 2 deletions(-)
<span style='display:block; white-space:pre;color:#808080;'>diff --git a/www/apache2/Portfile b/www/apache2/Portfile
</span><span style='display:block; white-space:pre;color:#808080;'>index 2cd0ae6744e..fbd0be86b30 100644
</span><span style='display:block; white-space:pre;background:#e0e0ff;'>--- a/www/apache2/Portfile
</span><span style='display:block; white-space:pre;background:#e0e0ff;'>+++ b/www/apache2/Portfile
</span><span style='display:block; white-space:pre;background:#e0e0e0;'>@@ -5,7 +5,7 @@ PortGroup apache2 1.0
</span>
name apache2
version 2.4.51
<span style='display:block; white-space:pre;background:#ffe0e0;'>-revision 1
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+revision 2
</span> checksums rmd160 339cf2df89613855dc44affe6296ba1b1652db14 \
sha256 20e01d81fecf077690a4439e3969a9b22a09a8d43c525356e863407741b838f4 \
size 7653609
<span style='display:block; white-space:pre;background:#e0e0e0;'>@@ -37,7 +37,8 @@ depends_lib port:apr \
</span> patch.pre_args -p1
patchfiles patch-build-rules.mk.in.diff \
patch-config.layout.diff \
<span style='display:block; white-space:pre;background:#ffe0e0;'>- patch-support-apxs.in.diff
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ patch-support-apxs.in.diff \
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ patch-ssl_engine_init.c.diff
</span>
post-patch {
reinplace "s,@MANDIR@,\${prefix}/share/${name},g" \
<span style='display:block; white-space:pre;color:#808080;'>diff --git a/www/apache2/files/patch-ssl_engine_init.c.diff b/www/apache2/files/patch-ssl_engine_init.c.diff
</span>new file mode 100644
<span style='display:block; white-space:pre;color:#808080;'>index 00000000000..d19f0bcf3b6
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--- /dev/null
</span><span style='display:block; white-space:pre;background:#e0e0ff;'>+++ b/www/apache2/files/patch-ssl_engine_init.c.diff
</span><span style='display:block; white-space:pre;background:#e0e0e0;'>@@ -0,0 +1,35 @@
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+--- a/modules/ssl/ssl_engine_init.c 2021/06/29 09:30:24 1891137
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++++ b/modules/ssl/ssl_engine_init.c 2021/06/29 11:24:17 1891138
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -1378,6 +1378,22 @@
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ #endif
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ }
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++/* SSL_CTX_use_PrivateKey_file() can fail either because the private
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ * key was encrypted, or due to a mismatch between an already-loaded
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ * cert and the key - a common misconfiguration - from calling
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ * X509_check_private_key(). This macro is passed the last error code
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ * off the OpenSSL stack and evaluates to true only for the first
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ * case. With OpenSSL < 3 the second case is identifiable by the
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ * function code, but function codes are not used from 3.0. */
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++#if OPENSSL_VERSION_NUMBER < 0x30000000L
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++#define CHECK_PRIVKEY_ERROR(ec) (ERR_GET_FUNC(ec) != X509_F_X509_CHECK_PRIVATE_KEY)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++#else
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++#define CHECK_PRIVKEY_ERROR(ec) (ERR_GET_LIB != ERR_LIB_X509 \
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ || (ERR_GET_REASON(ec) != X509_R_KEY_TYPE_MISMATCH \
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ && ERR_GET_REASON(ec) != X509_R_KEY_VALUES_MISMATCH \
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ && ERR_GET_REASON(ec) != X509_R_UNKNOWN_KEY_TYPE))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++#endif
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ static apr_status_t ssl_init_server_certs(server_rec *s,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ apr_pool_t *p,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ apr_pool_t *ptemp,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -1483,8 +1499,7 @@
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ }
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ else if ((SSL_CTX_use_PrivateKey_file(mctx->ssl_ctx, keyfile,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ SSL_FILETYPE_PEM) < 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- && (ERR_GET_FUNC(ERR_peek_last_error())
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- != X509_F_X509_CHECK_PRIVATE_KEY)) {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ && CHECK_PRIVKEY_ERROR(ERR_peek_last_error())) {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ ssl_asn1_t *asn1;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ const unsigned char *ptr;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+
</span></pre><pre style='margin:0'>
</pre>