aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--MOVED1
-rw-r--r--www/Makefile1
-rw-r--r--www/mod_gnutls/Makefile32
-rw-r--r--www/mod_gnutls/distinfo3
-rw-r--r--www/mod_gnutls/files/patch-src_gnutls__io.c36
-rw-r--r--www/mod_gnutls/files/patch-src_gnutls__ocsp.c32
-rw-r--r--www/mod_gnutls/files/patch-src_gnutls__util.c12
-rw-r--r--www/mod_gnutls/files/pkg-message.in27
-rw-r--r--www/mod_gnutls/pkg-descr5
-rw-r--r--www/mod_gnutls/pkg-plist5
10 files changed, 153 insertions, 1 deletions
diff --git a/MOVED b/MOVED
index 26650d11977f..bf9449098a84 100644
--- a/MOVED
+++ b/MOVED
@@ -6872,7 +6872,6 @@ www/lusca-head||2014-09-01|Not staged
www/mod_auth_form||2014-09-01|Not staged
www/mod_auth_mellon||2014-09-01|Not staged
www/mod_ftp||2014-09-01|Not staged
-www/mod_gnutls||2014-09-01|Not staged
www/mod_log_dbd||2014-09-01|Not staged
www/mod_pagespeed||2014-09-01|Not staged
www/moodle24||2014-09-01|Not staged
diff --git a/www/Makefile b/www/Makefile
index 0ba059b7186c..e6c932d8a41d 100644
--- a/www/Makefile
+++ b/www/Makefile
@@ -450,6 +450,7 @@
SUBDIR += mod_fileiri
SUBDIR += mod_flickr
SUBDIR += mod_geoip2
+ SUBDIR += mod_gnutls
SUBDIR += mod_gzip2
SUBDIR += mod_h264_streaming
SUBDIR += mod_hosts_access
diff --git a/www/mod_gnutls/Makefile b/www/mod_gnutls/Makefile
new file mode 100644
index 000000000000..c1bce5c79f01
--- /dev/null
+++ b/www/mod_gnutls/Makefile
@@ -0,0 +1,32 @@
+# $FreeBSD$
+
+PORTNAME= mod_gnutls
+PORTVERSION= 0.8.2
+CATEGORIES= www security
+MASTER_SITES= https://mod.gnutls.org/downloads/
+PKGNAMEPREFIX= ${APACHE_PKGNAMEPREFIX}
+
+MAINTAINER= ports@FreeBSD.org
+COMMENT= Extension for Apache httpd using GnuTLS library to provide HTTPS
+
+LICENSE= APACHE20
+LICENSE_FILE= ${WRKSRC}/LICENSE
+
+LIB_DEPENDS= libgnutls.so:security/gnutls
+
+GNU_CONFIGURE= yes
+USES= libtool pkgconfig tar:bzip2
+USE_APACHE= 24
+
+DBDIR= ${PREFIX}/var/db/${PORTNAME}
+PLIST_SUB= SED="${SED}" WWWGRP=${WWWGRP} WWWOWN=${WWWOWN}
+SUB_FILES= pkg-message
+SUB_LIST= DBDIR="${DBDIR}"
+
+CFLAGS+= -Wno-deprecated-declarations
+CONFIGURE_ARGS= --with-apxs="${APXS}"
+
+post-install:
+ ${MKDIR} "${STAGEDIR}${DBDIR}"
+
+.include <bsd.port.mk>
diff --git a/www/mod_gnutls/distinfo b/www/mod_gnutls/distinfo
new file mode 100644
index 000000000000..9f0091971c55
--- /dev/null
+++ b/www/mod_gnutls/distinfo
@@ -0,0 +1,3 @@
+TIMESTAMP = 1503524329
+SHA256 (mod_gnutls-0.8.2.tar.bz2) = 05eeb78e41f1fd6780607a17d705b1965ce5c3ce6223a9a8a86ba9288d22e683
+SIZE (mod_gnutls-0.8.2.tar.bz2) = 415903
diff --git a/www/mod_gnutls/files/patch-src_gnutls__io.c b/www/mod_gnutls/files/patch-src_gnutls__io.c
new file mode 100644
index 000000000000..2d3441f460b0
--- /dev/null
+++ b/www/mod_gnutls/files/patch-src_gnutls__io.c
@@ -0,0 +1,36 @@
+--- src/gnutls_io.c.orig 2016-12-25 18:36:37 UTC
++++ src/gnutls_io.c
+@@ -23,7 +23,8 @@
+ APLOG_USE_MODULE(gnutls);
+ #endif
+
+-#if defined(__GNUC__) && __GNUC__ < 5 && !defined(__clang__)
++#if defined(__GNUC__) && __GNUC__ < 5 && \
++ !(defined(__clang__) && __has_builtin(__builtin_add_overflow))
+ #include <inttypes.h>
+ #endif
+
+@@ -572,18 +573,21 @@ apr_status_t mgs_filter_input(ap_filter_t * f,
+ * might have different lengths. Read sizes should be too
+ * small for 32 or 64 bit to matter, but we have to make
+ * sure. */
+-#if defined(__GNUC__) && __GNUC__ < 5 && !defined(__clang__)
++#if defined(__GNUC__) && __GNUC__ < 5 && \
++ !(defined(__clang__) && __has_builtin(__builtin_add_overflow))
+ if ((apr_size_t) readbytes < len)
+ {
++#if INTMAX_MAX > SIZE_MAX
+ /* If readbytes is negative the function fails in the
+ * check above, but the compiler doesn't get that. */
+- if (__builtin_expect(imaxabs(readbytes) > SIZE_MAX, 0))
++ if (__builtin_expect(imaxabs(readbytes) > (intmax_t) SIZE_MAX, 0))
+ {
+ ap_log_cerror(APLOG_MARK, APLOG_CRIT, APR_EINVAL, ctxt->c,
+ "%s: prevented buffer length overflow",
+ __func__);
+ return APR_EINVAL;
+ }
++#endif
+ len = (apr_size_t) readbytes;
+ }
+ #else
diff --git a/www/mod_gnutls/files/patch-src_gnutls__ocsp.c b/www/mod_gnutls/files/patch-src_gnutls__ocsp.c
new file mode 100644
index 000000000000..458b418a08fd
--- /dev/null
+++ b/www/mod_gnutls/files/patch-src_gnutls__ocsp.c
@@ -0,0 +1,32 @@
+--- src/gnutls_ocsp.c.orig 2017-01-08 14:16:07 UTC
++++ src/gnutls_ocsp.c
+@@ -414,7 +414,8 @@ static gnutls_datum_t mgs_get_cert_fingerprint(apr_poo
+ /* Safe integer type conversion: The types of fingerprint.size
+ * (unsigned int) and fplen (size_t) may have different
+ * lengths. */
+-#if defined(__GNUC__) && __GNUC__ < 5 && !defined(__clang__)
++#if defined(__GNUC__) && __GNUC__ < 5 && \
++ !(defined(__clang__) && __has_builtin(__builtin_add_overflow))
+ if (__builtin_expect(fplen <= UINT_MAX, 1))
+ {
+ fingerprint.size = (unsigned int) fplen;
+@@ -569,7 +570,8 @@ static apr_status_t do_ocsp_request(apr_pool_t *p, ser
+ }
+
+ /* With the length restriction this really should not overflow. */
+-#if defined(__GNUC__) && __GNUC__ < 5 && !defined(__clang__)
++#if defined(__GNUC__) && __GNUC__ < 5 && \
++ !(defined(__clang__) && __has_builtin(__builtin_add_overflow))
+ if (__builtin_expect(len > UINT_MAX, 0))
+ #else
+ if (__builtin_add_overflow(len, 0, &response->size))
+@@ -580,7 +582,8 @@ static apr_status_t do_ocsp_request(apr_pool_t *p, ser
+ }
+ else
+ {
+-#if defined(__GNUC__) && __GNUC__ < 5 && !defined(__clang__)
++#if defined(__GNUC__) && __GNUC__ < 5 && \
++ !(defined(__clang__) && __has_builtin(__builtin_add_overflow))
+ response->size = (unsigned int) len;
+ #endif
+ response->data = apr_pmemdup(p, buf, len);
diff --git a/www/mod_gnutls/files/patch-src_gnutls__util.c b/www/mod_gnutls/files/patch-src_gnutls__util.c
new file mode 100644
index 000000000000..138353bcfc0a
--- /dev/null
+++ b/www/mod_gnutls/files/patch-src_gnutls__util.c
@@ -0,0 +1,12 @@
+--- src/gnutls_util.c.orig 2016-12-25 18:36:37 UTC
++++ src/gnutls_util.c
+@@ -113,7 +113,8 @@ apr_status_t datum_from_file(apr_pool_t *p, const char
+
+ /* safe integer type conversion: unsigned int and apr_size_t might
+ * have different sizes */
+-#if defined(__GNUC__) && __GNUC__ < 5 && !defined(__clang__)
++#if defined(__GNUC__) && __GNUC__ < 5 && \
++ !(defined(__clang__) && __has_builtin(__builtin_add_overflow))
+ if (__builtin_expect(br > UINT_MAX, 0))
+ return APR_EINVAL;
+ else
diff --git a/www/mod_gnutls/files/pkg-message.in b/www/mod_gnutls/files/pkg-message.in
new file mode 100644
index 000000000000..f8dad14e39ee
--- /dev/null
+++ b/www/mod_gnutls/files/pkg-message.in
@@ -0,0 +1,27 @@
+*********************************************************************
+
+Sample %%PREFIX%%/%%APACHEETCDIR%%/httpd.conf:
+
+ #LoadModule ssl_module %%APACHEMODDIR%%/mod_ssl.so
+ LoadModule gnutls_module %%APACHEMODDIR%%/mod_gnutls.so
+
+ <IfModule gnutls_module>
+ Include %%APACHEETCDIR%%/extra/httpd-gnutls.conf
+ </IfModule>
+
+Sample %%PREFIX%%/%%APACHEETCDIR%%/extra/httpd-gnutls.conf:
+
+ Listen 443
+
+ GnuTLSCache dbm %%DBDIR%%/tls-cache
+ GnuTLSCacheTimeout 500
+
+ <VirtualHost _default_:443>
+ GnuTLSEnable on
+ GnuTLSKeyFile %%PREFIX%%/etc/ssl/certs/private/example_com.key.pem
+ GnuTLSCertificateFile %%PREFIX%%/etc/ssl/certs/example_com.crt.pem
+ GnuTLSClientCAFile %%PREFIX%%/etc/ssl/certs/example_com.ca.pem
+ GnuTLSPriorities NORMAL:%COMPAT
+ </VirtualHost>
+
+*********************************************************************
diff --git a/www/mod_gnutls/pkg-descr b/www/mod_gnutls/pkg-descr
new file mode 100644
index 000000000000..03cd06e5f73d
--- /dev/null
+++ b/www/mod_gnutls/pkg-descr
@@ -0,0 +1,5 @@
+mod_gnutls uses the GnuTLS library to provide SSL 3.0, TLS 1.0, TLS
+1.1 and 1.2 encryption for Apache HTTPD. It is similar to mod_ssl in
+purpose, but does not use OpenSSL.
+
+WWW: https://mod.gnutls.org
diff --git a/www/mod_gnutls/pkg-plist b/www/mod_gnutls/pkg-plist
new file mode 100644
index 000000000000..97abb05cf659
--- /dev/null
+++ b/www/mod_gnutls/pkg-plist
@@ -0,0 +1,5 @@
+%%APACHEMODDIR%%/%%AP_MODULE%%
+@postexec %D/sbin/apxs -e %%AP_MOD_EN%% -n %%AP_NAME%% %D/%F
+@postunexec %%SED%% -i '' -E '/LoadModule[[:blank:]]+%%AP_NAME%%_module/d' %D/%%APACHEETCDIR%%/httpd.conf
+@postunexec echo "Don't forget to remove all mod_%%AP_NAME%%-related directives in your httpd.conf"
+@dir(%%WWWOWN%%,%%WWWGRP%%,750) var/db/mod_%%AP_NAME%%