dovecot: Make OpenSSL ENGINE support optional

Allows libopenssl to be smaller.

Signed-off-by: Rosen Penev <rosenp@gmail.com>

diff --git a/mail/dovecot/Makefile b/mail/dovecot/Makefile
index 2c1d4ca5e8db77d32da7d2c11664b1b95927a4e6..0fbf74fba7993abfcd55b251b176985beee1483c 100644 (file)
--- a/mail/dovecot/Makefile
+++ b/mail/dovecot/Makefile
@@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
 
 PKG_NAME:=dovecot
 PKG_VERSION:=2.3.4
-PKG_RELEASE:=1
+PKG_RELEASE:=2
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
 PKG_SOURCE_URL:=https://www.dovecot.org/releases/2.3

diff --git a/mail/dovecot/patches/110-openssl-engine.patch b/mail/dovecot/patches/110-openssl-engine.patch
new file mode 100644 (file)
index 0000000..164ec4e
--- /dev/null
+++ b/mail/dovecot/patches/110-openssl-engine.patch
@@ -0,0 +1,86 @@
+--- a/src/lib-dcrypt/dcrypt-openssl.c
++++ b/src/lib-dcrypt/dcrypt-openssl.c
+@@ -17,10 +17,12 @@
+ #include <openssl/bio.h>
+ #include <openssl/pem.h>
+ #include <openssl/x509.h>
+-#include <openssl/engine.h>
+ #include <openssl/hmac.h>
+ #include <openssl/objects.h>
+ #include <openssl/bn.h>
++#ifndef OPENSSL_NO_ENGINE
++#include <openssl/engine.h>
++#endif
+ #include "dcrypt.h"
+ #include "dcrypt-private.h"
+ 
+@@ -179,11 +181,13 @@ static bool dcrypt_openssl_error(const char **error_r)
+ static bool dcrypt_openssl_initialize(const struct dcrypt_settings *set,
+                                     const char **error_r)
+ {
++#ifndef OPENSSL_NO_ENGINE
+       if (set->crypto_device != NULL && set->crypto_device[0] != '\0') {
+               if (dovecot_openssl_common_global_set_engine(
+                       set->crypto_device, error_r) <= 0)
+                       return FALSE;
+       }
++#endif
+       return TRUE;
+ }
+ 
+--- a/src/lib-ssl-iostream/dovecot-openssl-common.c
++++ b/src/lib-ssl-iostream/dovecot-openssl-common.c
+@@ -5,11 +5,14 @@
+ #include "dovecot-openssl-common.h"
+ 
+ #include <openssl/ssl.h>
+-#include <openssl/engine.h>
+ #include <openssl/rand.h>
++#ifndef OPENSSL_NO_ENGINE
++#include <openssl/engine.h>
+ 
+-static int openssl_init_refcount = 0;
+ static ENGINE *dovecot_openssl_engine;
++#endif
++
++static int openssl_init_refcount = 0;
+ 
+ #ifdef HAVE_SSL_NEW_MEM_FUNCS
+ static void *dovecot_openssl_malloc(size_t size, const char *u0 ATTR_UNUSED, int u1 ATTR_UNUSED)
+@@ -75,17 +78,21 @@ bool dovecot_openssl_common_global_unref(void)
+       if (--openssl_init_refcount > 0)
+               return TRUE;
+ 
++#ifndef OPENSSL_NO_ENGINE
+       if (dovecot_openssl_engine != NULL) {
+               ENGINE_finish(dovecot_openssl_engine);
+               dovecot_openssl_engine = NULL;
+       }
++#endif
+       /* OBJ_cleanup() is called automatically by EVP_cleanup() in
+          newer versions. Doesn't hurt to call it anyway. */
+       OBJ_cleanup();
+ #ifdef HAVE_SSL_COMP_FREE_COMPRESSION_METHODS
+       SSL_COMP_free_compression_methods();
+ #endif
++#ifndef OPENSSL_NO_ENGINE
+       ENGINE_cleanup();
++#endif
+       EVP_cleanup();
+       CRYPTO_cleanup_all_ex_data();
+ #ifdef HAVE_OPENSSL_AUTO_THREAD_DEINIT
+@@ -107,6 +114,7 @@ bool dovecot_openssl_common_global_unref(void)
+ int dovecot_openssl_common_global_set_engine(const char *engine,
+                                            const char **error_r)
+ {
++#ifndef OPENSSL_NO_ENGINE
+       if (dovecot_openssl_engine != NULL)
+               return 1;
+ 
+@@ -128,5 +136,6 @@ int dovecot_openssl_common_global_set_engine(const char *engine,
+               dovecot_openssl_engine = NULL;
+               return -1;
+       }
++#endif
+       return 1;
+ }