UPDATE net/ocserv-1.1.0

Diff below brings ocserv to 1.1.0. Biggest change is that ocserv
switched from fork to fork/exec model to achieve better scaling.
Implementation of this fork/exec model does not really agree with
OpenBSD because it depends heavily on procfs, which we do not have.
Upstream was so friendly to address this issue in the upcoming release
(1.1.1). In the meantime I propose to cherry-pick the fix.

Overview on changes can be found at
https://gitlab.com/openconnect/ocserv/-/blob/1.1.0/NEWS.

'make test' runs successfully. Run tested on amd64.

Comments/OK?


diff --git Makefile Makefile
index 6c0b80e762d..5bbae2e5aa3 100644
--- Makefile
+++ Makefile
@@ -2,7 +2,7 @@

COMMENT= server implementing the AnyConnect SSL VPN protocol

-DISTNAME= ocserv-1.0.1
+DISTNAME= ocserv-1.1.0
EXTRACT_SUFX= .tar.xz

CATEGORIES= net
@@ -34,7 +34,8 @@ LIB_DEPENDS= archivers/lz4 \
security/openpam
TEST_DEPENDS= net/openconnect \
shells/bash \
- sysutils/coreutils
+ sysutils/coreutils \
+ textproc/gsed

CONFIGURE_STYLE= autoconf
CONFIGURE_ARGS= --without-docker-tests \
@@ -79,6 +80,7 @@ post-install:
# tests use socket_wrapper, which is not in ports.
pre-test:
ln -fs ${LOCALBASE}/bin/gtimeout ${WRKDIR}/bin/timeout
+ ln -fs ${LOCALBASE}/bin/gsed ${WRKDIR}/bin/sed
sed -i 's#\/bin\/true#\/usr\/bin\/true#g' ${WRKSRC}/tests/test-*

post-test:
diff --git distinfo distinfo
index d426fcd637a..9bf8734762b 100644
--- distinfo
+++ distinfo
@@ -1,2 +1,2 @@
-SHA256 (ocserv-1.0.1.tar.xz) = Wdnvehrrlf9udi4qDyMbP64upCD2ihzwnTmiY5UED0s=
-SIZE (ocserv-1.0.1.tar.xz) = 787800
+SHA256 (ocserv-1.1.0.tar.xz) = o/r+hHsIvexams1y5pjf13zpeZyxkUZndSbmeUuUp3k=
+SIZE (ocserv-1.1.0.tar.xz) = 806964
diff --git patches/patch-configure_ac patches/patch-configure_ac
index e2a13a78076..b9f58a5cc1e 100644
--- patches/patch-configure_ac
+++ patches/patch-configure_ac
@@ -1,8 +1,12 @@
$OpenBSD: patch-configure_ac,v 1.12 2019/12/29 07:28:22 bket Exp $
+
+OpenBSD does not have procfs. Taken from
+https://gitlab.com/openconnect/ocserv/-/merge_requests/184
+
Index: configure.ac
--- configure.ac.orig
+++ configure.ac
-@@ -199,7 +199,7 @@ if test "$test_for_geoip" = yes && test "$have_maxmind
+@@ -211,7 +211,7 @@ if test "$test_for_geoip" = yes && test "$have_maxmind
fi

have_readline=no
@@ -11,3 +15,12 @@ Index: configure.ac
#include <stdio.h>
#include <readline/readline.h>], [rl_replace_line(0,0);])
if test x$ac_cv_libreadline = xyes; then
+@@ -641,6 +641,8 @@ fi
+
+ AM_CONDITIONAL(ENABLE_OIDC_AUTH, test "x$enable_oidc_auth" = xyes)
+ AM_CONDITIONAL(ENABLE_OIDC_AUTH_TESTS, test "x$enable_oidc_auth" = xyes)
++
++AC_CHECK_FILE(/proc/self/exe, AC_DEFINE([PROC_FS_SUPPORTED],[1], [procfs supported]), [])
+
+ uid=$(id -u)
+ gid=$(id -g)
diff --git patches/patch-src_config_c patches/patch-src_config_c
new file mode 100644
index 00000000000..fc4755622e5
--- /dev/null
+++ patches/patch-src_config_c
@@ -0,0 +1,44 @@
+$OpenBSD$
+
+OpenBSD does not have procfs. Taken from
+https://gitlab.com/openconnect/ocserv/-/merge_requests/184
+
+Index: src/config.c
+--- src/config.c.orig
++++ src/config.c
+@@ -1130,6 +1130,7 @@ static void parse_cfg_file(void *pool, const char *fil
+ ctx.reload = (flags&CFG_FLAG_RELOAD)?1:0;
+ ctx.head = head;
+
++#if defined(PROC_FS_SUPPORTED)
+ // Worker always reads from snapshot
+ if ((flags & CFG_FLAG_WORKER) == CFG_FLAG_WORKER) {
+ char * snapshot_file = NULL;
+@@ -1192,6 +1193,27 @@ static void parse_cfg_file(void *pool, const char *fil
+ }
+
+ }
++#else
++ const char * cfg_file = file;
++
++ if (cfg_file == NULL) {
++ fprintf(stderr, ERRSTR"no config file!\n");
++ exit(1);
++ }
++
++ /* parse configuration
++ */
++ ret = ini_parse(cfg_file, cfg_ini_handler, &ctx);
++ if (ret < 0 && file != NULL && strcmp(file, DEFAULT_CFG_FILE) == 0) {
++ cfg_file = OLD_DEFAULT_CFG_FILE;
++ ret = ini_parse(cfg_file, cfg_ini_handler, &ctx);
++ }
++
++ if (ret < 0) {
++ fprintf(stderr, ERRSTR"cannot load config file %s\n", cfg_file);
++ exit(1);
++ }
++