From d9fa9b0fadd60414f5a7dcdb1849dadb5435892e Mon Sep 17 00:00:00 2001
From: Rosen Penev <rosenp@gmail.com>
Date: Tue, 1 Jan 2019 23:32:05 -0800
Subject: [PATCH] dovecot: Make OpenSSL ENGINE support optional

Allows libopenssl to be smaller.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
---
 mail/dovecot/Makefile                         |  2 +-
 mail/dovecot/patches/110-openssl-engine.patch | 86 +++++++++++++++++++
 2 files changed, 87 insertions(+), 1 deletion(-)
 create mode 100644 mail/dovecot/patches/110-openssl-engine.patch

diff --git a/mail/dovecot/Makefile b/mail/dovecot/Makefile
index 2c1d4ca5e..0fbf74fba 100644
--- a/mail/dovecot/Makefile
+++ b/mail/dovecot/Makefile
@@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
 
 PKG_NAME:=dovecot
 PKG_VERSION:=2.3.4
-PKG_RELEASE:=1
+PKG_RELEASE:=2
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
 PKG_SOURCE_URL:=https://www.dovecot.org/releases/2.3
diff --git a/mail/dovecot/patches/110-openssl-engine.patch b/mail/dovecot/patches/110-openssl-engine.patch
new file mode 100644
index 000000000..164ec4ef1
--- /dev/null
+++ b/mail/dovecot/patches/110-openssl-engine.patch
@@ -0,0 +1,86 @@
+--- a/src/lib-dcrypt/dcrypt-openssl.c
++++ b/src/lib-dcrypt/dcrypt-openssl.c
+@@ -17,10 +17,12 @@
+ #include <openssl/bio.h>
+ #include <openssl/pem.h>
+ #include <openssl/x509.h>
+-#include <openssl/engine.h>
+ #include <openssl/hmac.h>
+ #include <openssl/objects.h>
+ #include <openssl/bn.h>
++#ifndef OPENSSL_NO_ENGINE
++#include <openssl/engine.h>
++#endif
+ #include "dcrypt.h"
+ #include "dcrypt-private.h"
+ 
+@@ -179,11 +181,13 @@ static bool dcrypt_openssl_error(const char **error_r)
+ static bool dcrypt_openssl_initialize(const struct dcrypt_settings *set,
+ 				      const char **error_r)
+ {
++#ifndef OPENSSL_NO_ENGINE
+ 	if (set->crypto_device != NULL && set->crypto_device[0] != '\0') {
+ 		if (dovecot_openssl_common_global_set_engine(
+ 			set->crypto_device, error_r) <= 0)
+ 			return FALSE;
+ 	}
++#endif
+ 	return TRUE;
+ }
+ 
+--- a/src/lib-ssl-iostream/dovecot-openssl-common.c
++++ b/src/lib-ssl-iostream/dovecot-openssl-common.c
+@@ -5,11 +5,14 @@
+ #include "dovecot-openssl-common.h"
+ 
+ #include <openssl/ssl.h>
+-#include <openssl/engine.h>
+ #include <openssl/rand.h>
++#ifndef OPENSSL_NO_ENGINE
++#include <openssl/engine.h>
+ 
+-static int openssl_init_refcount = 0;
+ static ENGINE *dovecot_openssl_engine;
++#endif
++
++static int openssl_init_refcount = 0;
+ 
+ #ifdef HAVE_SSL_NEW_MEM_FUNCS
+ static void *dovecot_openssl_malloc(size_t size, const char *u0 ATTR_UNUSED, int u1 ATTR_UNUSED)
+@@ -75,17 +78,21 @@ bool dovecot_openssl_common_global_unref(void)
+ 	if (--openssl_init_refcount > 0)
+ 		return TRUE;
+ 
++#ifndef OPENSSL_NO_ENGINE
+ 	if (dovecot_openssl_engine != NULL) {
+ 		ENGINE_finish(dovecot_openssl_engine);
+ 		dovecot_openssl_engine = NULL;
+ 	}
++#endif
+ 	/* OBJ_cleanup() is called automatically by EVP_cleanup() in
+ 	   newer versions. Doesn't hurt to call it anyway. */
+ 	OBJ_cleanup();
+ #ifdef HAVE_SSL_COMP_FREE_COMPRESSION_METHODS
+ 	SSL_COMP_free_compression_methods();
+ #endif
++#ifndef OPENSSL_NO_ENGINE
+ 	ENGINE_cleanup();
++#endif
+ 	EVP_cleanup();
+ 	CRYPTO_cleanup_all_ex_data();
+ #ifdef HAVE_OPENSSL_AUTO_THREAD_DEINIT
+@@ -107,6 +114,7 @@ bool dovecot_openssl_common_global_unref(void)
+ int dovecot_openssl_common_global_set_engine(const char *engine,
+ 					     const char **error_r)
+ {
++#ifndef OPENSSL_NO_ENGINE
+ 	if (dovecot_openssl_engine != NULL)
+ 		return 1;
+ 
+@@ -128,5 +136,6 @@ int dovecot_openssl_common_global_set_engine(const char *engine,
+ 		dovecot_openssl_engine = NULL;
+ 		return -1;
+ 	}
++#endif
+ 	return 1;
+ }