[arch-commits] Commit in mongodb/repos (10 files)

Jan de Groot jgc at archlinux.org
Tue Mar 21 23:22:52 UTC 2017


    Date: Tuesday, March 21, 2017 @ 23:22:51
  Author: jgc
Revision: 218240

archrelease: copy trunk to community-staging-x86_64

Added:
  mongodb/repos/community-staging-x86_64/
  mongodb/repos/community-staging-x86_64/PKGBUILD
    (from rev 218239, mongodb/trunk/PKGBUILD)
  mongodb/repos/community-staging-x86_64/asio-openssl-1.1.0.patch
    (from rev 218239, mongodb/trunk/asio-openssl-1.1.0.patch)
  mongodb/repos/community-staging-x86_64/boost160.patch
    (from rev 218239, mongodb/trunk/boost160.patch)
  mongodb/repos/community-staging-x86_64/mongodb-3.2.10-boost-1.62.0.patch
    (from rev 218239, mongodb/trunk/mongodb-3.2.10-boost-1.62.0.patch)
  mongodb/repos/community-staging-x86_64/mongodb-3.2.10-network_interface_asio_integration_test.patch
    (from rev 218239, mongodb/trunk/mongodb-3.2.10-network_interface_asio_integration_test.patch)
  mongodb/repos/community-staging-x86_64/mongodb.conf
    (from rev 218239, mongodb/trunk/mongodb.conf)
  mongodb/repos/community-staging-x86_64/mongodb.install
    (from rev 218239, mongodb/trunk/mongodb.install)
  mongodb/repos/community-staging-x86_64/mongodb.service
    (from rev 218239, mongodb/trunk/mongodb.service)
  mongodb/repos/community-staging-x86_64/openssl-1.1.0.patch
    (from rev 218239, mongodb/trunk/openssl-1.1.0.patch)

--------------------------------------------------------------+
 PKGBUILD                                                     |   92 +
 asio-openssl-1.1.0.patch                                     |  666 ++++++++++
 boost160.patch                                               |   11 
 mongodb-3.2.10-boost-1.62.0.patch                            |   15 
 mongodb-3.2.10-network_interface_asio_integration_test.patch |   23 
 mongodb.conf                                                 |    8 
 mongodb.install                                              |   20 
 mongodb.service                                              |   10 
 openssl-1.1.0.patch                                          |   71 +
 9 files changed, 916 insertions(+)

Copied: mongodb/repos/community-staging-x86_64/PKGBUILD (from rev 218239, mongodb/trunk/PKGBUILD)
===================================================================
--- community-staging-x86_64/PKGBUILD	                        (rev 0)
+++ community-staging-x86_64/PKGBUILD	2017-03-21 23:22:51 UTC (rev 218240)
@@ -0,0 +1,92 @@
+# $Id$
+# Maintainer: Felix Yan <felixonmars at archlinux.org>
+# Contributor: Sven-Hendrik Haase <sh at lutzhaase.com>
+# Contributor: Thomas Dziedzic < gostrc at gmail >
+# Contributor: Mathias Stearn <mathias at 10gen.com>
+# Contributor: Alec Thomas
+
+pkgname=mongodb
+pkgver=3.4.2
+pkgrel=1
+pkgdesc='A high-performance, open source, schema-free document-oriented database'
+arch=('x86_64')
+url='http://www.mongodb.org'
+license=('AGPL3')
+depends=('pcre' 'snappy' 'openssl' 'libsasl' 'boost-libs' 'yaml-cpp' 'lsb-release' 'wiredtiger')
+makedepends=('scons' 'readline' 'ncurses' 'libpcap' 'boost')
+checkdepends=('python2-pymongo' 'python2-yaml')
+optdepends=('libpcap: needed for mongosniff'
+            'mongodb-tools: mongoimport, mongodump, mongotop, etc')
+backup=('etc/mongodb.conf')
+install=mongodb.install
+source=("http://downloads.mongodb.org/src/mongodb-src-r${pkgver}.tar.gz"
+        'mongodb.conf' 'mongodb.service' 'mongodb-3.2.10-boost-1.62.0.patch'
+        'asio-openssl-1.1.0.patch'
+        'openssl-1.1.0.patch')
+sha512sums=('42f1b946e4be22670a3d79ec5ea359c2c43f0cff6f6329486b2cc797fd57981982544fbce53412ab91eafa3a1fbecb30bc95316cc9405d778b20a270f77df777'
+            '05dead727d3ea5fe8af1a3c3888693f6b3e2b8cb7f197a5d793352e10d2c524e96c9a5c55ad2e88c1114643a9612ec0b26a2574b48a5260a9b51ec8941461f1c'
+            '177251404b2e818ae2b546fe8b13cb76e348c99e85c7bef22a04b0f07b600fd515a309ede50214f4198594388a6d2b31f46e945b9dae84aabb4dfa13b1123bb9'
+            'd6f014d2778decde268b9e856d812bc61f7c45986aad751e44fdece39aa8a96505b77e0b917ea38880501497e01d4b051a6f3205c82af653425b5247cd813417'
+            'aea8fecb17be07e4517822798810751114f61164dc3ab3e335a7b837876acb918d287caa8b9fe32d7b1d9e7cad2e677d9818a1532ae08b8b013840d2a68b25f5'
+            '62ec95ac4eef42b6fefa1063336812e5e6a78f2d119e5f9a7206e063c5b5a859d160ce77bc57123150a55a51e8695eefea7e301259154bc009bfe027d40de314')
+
+_scons_args=(
+  --use-system-boost
+  --use-system-pcre
+  --use-system-snappy
+  --use-system-yaml
+  --use-system-zlib
+  --use-system-wiredtiger
+  --use-sasl-client
+  --ssl
+  --disable-warnings-as-errors
+  # --use-system-asio     # https://jira.mongodb.org/browse/SERVER-21839
+  # --use-system-v8       # Doesn't compile
+  # --use-system-tcmalloc # Disabled as upstream suggests in https://jira.mongodb.org/browse/SERVER-17447?focusedCommentId=841890&page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#comment-841890
+)
+
+prepare() {
+  cd mongodb-src-r${pkgver}
+  patch -Np1 -i ../mongodb-3.2.10-boost-1.62.0.patch
+  patch -Np1 -i ../openssl-1.1.0.patch
+
+  sed -e 's|-std=c++11|-std=gnu++11|g' -i SConstruct  # tests use hex floats, not supported in plain C++
+
+  cd src/third_party/asio-asio-1-11-0
+  patch -Np1 -i "${srcdir}/asio-openssl-1.1.0.patch"
+}
+
+build() {
+  cd mongodb-src-r${pkgver}
+  export SCONSFLAGS="$MAKEFLAGS"
+
+  scons core tools "${_scons_args[@]}"
+}
+
+check() {
+  cd mongodb-src-r${pkgver}
+  export SCONSFLAGS="$MAKEFLAGS"
+
+  # Setting LANG to workaround the following test error:
+  # std::exception: locale::facet::_S_create_c_locale name not valid
+  scons unittests "${_scons_args[@]}"
+  sed -i -e '/oplog_buffer_collection_test/d' build/unittests.txt
+  LANG=en_US.UTF-8 python2 buildscripts/resmoke.py --suites=unittests
+
+  scons dbtest "${_scons_args[@]}"
+  python2 buildscripts/resmoke.py --suites=dbtest
+
+  #scons integration_tests "${_scons_args[@]}"
+  #python2 buildscripts/resmoke.py --suites=integration_tests_replset,integration_tests_standalone --dbpathPrefix="$srcdir"
+}
+
+package() {
+  cd mongodb-src-r${pkgver}
+
+  scons install --prefix="$pkgdir/usr" --nostrip "${_scons_args[@]}"
+
+  install -Dm644 "$srcdir/mongodb.conf" "$pkgdir/etc/mongodb.conf"
+  install -Dm644 "$srcdir/mongodb.service" "$pkgdir/usr/lib/systemd/system/mongodb.service"
+  install -dm700 "$pkgdir/var/lib/mongodb"
+  install -dm755 "$pkgdir/var/log/mongodb"
+}

Copied: mongodb/repos/community-staging-x86_64/asio-openssl-1.1.0.patch (from rev 218239, mongodb/trunk/asio-openssl-1.1.0.patch)
===================================================================
--- community-staging-x86_64/asio-openssl-1.1.0.patch	                        (rev 0)
+++ community-staging-x86_64/asio-openssl-1.1.0.patch	2017-03-21 23:22:51 UTC (rev 218240)
@@ -0,0 +1,666 @@
+From 628e3ca9fe7a1bed1ce2308e2df4a1a4ecd1dfe7 Mon Sep 17 00:00:00 2001
+From: Christopher Kohlhoff <chris at kohlhoff.com>
+Date: Fri, 20 Mar 2015 08:46:51 +1100
+Subject: [PATCH] ERR_remove_state is deprecated, use ERR_remove_thread_state
+ instead.
+
+---
+ asio/include/asio/ssl/detail/impl/openssl_init.ipp | 4 ++++
+ 1 file changed, 4 insertions(+)
+
+diff --git a/asio/include/asio/ssl/detail/impl/openssl_init.ipp b/asio/include/asio/ssl/detail/impl/openssl_init.ipp
+index 2c40d40..da66fc1 100644
+--- a/asio/include/asio/ssl/detail/impl/openssl_init.ipp
++++ b/asio/include/asio/ssl/detail/impl/openssl_init.ipp
+@@ -63,7 +63,11 @@ public:
+     ::CRYPTO_set_id_callback(0);
+     ::CRYPTO_set_locking_callback(0);
+     ::ERR_free_strings();
++#if (OPENSSL_VERSION_NUMBER >= 0x10000000L)
++    ::ERR_remove_thread_state(NULL);
++#else // (OPENSSL_VERSION_NUMBER >= 0x10000000L)
+     ::ERR_remove_state(0);
++#endif // (OPENSSL_VERSION_NUMBER >= 0x10000000L)
+     ::EVP_cleanup();
+     ::CRYPTO_cleanup_all_ex_data();
+     ::CONF_modules_unload(1);
+From aa21de0944b4327f998fe161dde5ddaaf38cec5c Mon Sep 17 00:00:00 2001
+From: Christopher Kohlhoff <chris at kohlhoff.com>
+Date: Sat, 21 Mar 2015 20:52:42 +1100
+Subject: [PATCH] Remove redundant pointer check in SSL engine.
+
+---
+ asio/include/asio/ssl/detail/impl/engine.ipp | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/asio/include/asio/ssl/detail/impl/engine.ipp b/asio/include/asio/ssl/detail/impl/engine.ipp
+index 5504411..2e4a39d 100644
+--- a/asio/include/asio/ssl/detail/impl/engine.ipp
++++ b/asio/include/asio/ssl/detail/impl/engine.ipp
+@@ -206,7 +206,7 @@ const asio::error_code& engine::map_error_code(
+ 
+   // SSL v2 doesn't provide a protocol-level shutdown, so an eof on the
+   // underlying transport is passed through.
+-  if (ssl_ && ssl_->version == SSL2_VERSION)
++  if (ssl_->version == SSL2_VERSION)
+     return ec;
+ 
+   // Otherwise, the peer should have negotiated a proper shutdown.
+From 6c70257e20ef159c581298b54838361bb54bfce4 Mon Sep 17 00:00:00 2001
+From: Christopher Kohlhoff <chris at kohlhoff.com>
+Date: Thu, 1 Oct 2015 08:44:30 +1000
+Subject: [PATCH] Use SSL_CTX_clear_chain_certs, if available.
+
+---
+ asio/include/asio/ssl/impl/context.ipp | 4 ++++
+ 1 file changed, 4 insertions(+)
+
+diff --git a/asio/include/asio/ssl/impl/context.ipp b/asio/include/asio/ssl/impl/context.ipp
+index 08705e7..77da84e 100644
+--- a/asio/include/asio/ssl/impl/context.ipp
++++ b/asio/include/asio/ssl/impl/context.ipp
+@@ -539,11 +539,15 @@ asio::error_code context::use_certificate_chain(
+       return ec;
+     }
+ 
++#if (OPENSSL_VERSION_NUMBER >= 0x10002000L)
++    ::SSL_CTX_clear_chain_certs(handle_);
++#else
+     if (handle_->extra_certs)
+     {
+       ::sk_X509_pop_free(handle_->extra_certs, X509_free);
+       handle_->extra_certs = 0;
+     }
++#endif // (OPENSSL_VERSION_NUMBER >= 0x10002000L)
+ 
+     while (X509* cacert = ::PEM_read_bio_X509(bio.p, 0,
+           handle_->default_passwd_callback,
+From 92bfc623e6a71353dd2c783f4c9fef5591ac550d Mon Sep 17 00:00:00 2001
+From: Christopher Kohlhoff <chris at kohlhoff.com>
+Date: Thu, 19 Nov 2015 10:24:56 +1100
+Subject: [PATCH] Add new error category and constant for
+ ssl::error::stream_truncated.
+
+This error replaces uses of SSL_R_SHORT_READ, and indicates that the
+SSL stream has been shut down abruptly. (I.e. the underlying socket
+has been closed without performing an SSL-layer shutdown.)
+---
+ asio/include/asio/ssl/detail/impl/engine.ipp |  8 ++-----
+ asio/include/asio/ssl/error.hpp              | 34 ++++++++++++++++++++++++++++
+ asio/include/asio/ssl/impl/error.ipp         | 33 ++++++++++++++++++++++++++-
+ 3 files changed, 68 insertions(+), 7 deletions(-)
+
+diff --git a/asio/include/asio/ssl/detail/impl/engine.ipp b/asio/include/asio/ssl/detail/impl/engine.ipp
+index b59cf18..9abe010 100644
+--- a/asio/include/asio/ssl/detail/impl/engine.ipp
++++ b/asio/include/asio/ssl/detail/impl/engine.ipp
+@@ -195,9 +195,7 @@ const asio::error_code& engine::map_error_code(
+   // If there's data yet to be read, it's an error.
+   if (BIO_wpending(ext_bio_))
+   {
+-    ec = asio::error_code(
+-        ERR_PACK(ERR_LIB_SSL, 0, SSL_R_SHORT_READ),
+-        asio::error::get_ssl_category());
++    ec = asio::ssl::error::stream_truncated;
+     return ec;
+   }
+ 
+@@ -209,9 +207,7 @@ const asio::error_code& engine::map_error_code(
+   // Otherwise, the peer should have negotiated a proper shutdown.
+   if ((::SSL_get_shutdown(ssl_) & SSL_RECEIVED_SHUTDOWN) == 0)
+   {
+-    ec = asio::error_code(
+-        ERR_PACK(ERR_LIB_SSL, 0, SSL_R_SHORT_READ),
+-        asio::error::get_ssl_category());
++    ec = asio::ssl::error::stream_truncated;
+   }
+ 
+   return ec;
+diff --git a/asio/include/asio/ssl/error.hpp b/asio/include/asio/ssl/error.hpp
+index 1385d2a..f044f59 100644
+--- a/asio/include/asio/ssl/error.hpp
++++ b/asio/include/asio/ssl/error.hpp
+@@ -25,6 +25,7 @@ namespace error {
+ 
+ enum ssl_errors
+ {
++  // Error numbers are those produced by openssl.
+ };
+ 
+ extern ASIO_DECL
+@@ -34,6 +35,23 @@ static const asio::error_category& ssl_category
+   = asio::error::get_ssl_category();
+ 
+ } // namespace error
++namespace ssl {
++namespace error {
++
++enum stream_errors
++{
++  /// The underlying stream closed before the ssl stream gracefully shut down.
++  stream_truncated = 1
++};
++
++extern ASIO_DECL
++const asio::error_category& get_stream_category();
++
++static const asio::error_category& stream_category
++  = asio::ssl::error::get_stream_category();
++
++} // namespace error
++} // namespace ssl
+ } // namespace asio
+ 
+ #if defined(ASIO_HAS_STD_SYSTEM_ERROR)
+@@ -44,6 +62,11 @@ template<> struct is_error_code_enum<asio::error::ssl_errors>
+   static const bool value = true;
+ };
+ 
++template<> struct is_error_code_enum<asio::ssl::error::stream_errors>
++{
++  static const bool value = true;
++};
++
+ } // namespace std
+ #endif // defined(ASIO_HAS_STD_SYSTEM_ERROR)
+ 
+@@ -57,6 +80,17 @@ inline asio::error_code make_error_code(ssl_errors e)
+ }
+ 
+ } // namespace error
++namespace ssl {
++namespace error {
++
++inline asio::error_code make_error_code(stream_errors e)
++{
++  return asio::error_code(
++      static_cast<int>(e), get_stream_category());
++}
++
++} // namespace error
++} // namespace ssl
+ } // namespace asio
+ 
+ #include "asio/detail/pop_options.hpp"
+diff --git a/asio/include/asio/ssl/impl/error.ipp b/asio/include/asio/ssl/impl/error.ipp
+index 9e76039..8c20e81 100644
+--- a/asio/include/asio/ssl/impl/error.ipp
++++ b/asio/include/asio/ssl/impl/error.ipp
+@@ -23,7 +23,6 @@
+ 
+ namespace asio {
+ namespace error {
+-
+ namespace detail {
+ 
+ class ssl_category : public asio::error_category
+@@ -50,6 +49,38 @@ const asio::error_category& get_ssl_category()
+ }
+ 
+ } // namespace error
++namespace ssl {
++namespace error {
++namespace detail {
++
++class stream_category : public asio::error_category
++{
++public:
++  const char* name() const ASIO_ERROR_CATEGORY_NOEXCEPT
++  {
++    return "asio.ssl.stream";
++  }
++
++  std::string message(int value) const
++  {
++    switch (value)
++    {
++    case stream_truncated: return "stream truncated";
++    default: return "asio.ssl.stream error";
++    }
++  }
++};
++
++} // namespace detail
++
++const asio::error_category& get_stream_category()
++{
++  static detail::stream_category instance;
++  return instance;
++}
++
++} // namespace error
++} // namespace ssl
+ } // namespace asio
+ 
+ #include "asio/detail/pop_options.hpp"
+From 5fa80539834c10406611bb02c20cdba2a9171f4a Mon Sep 17 00:00:00 2001
+From: Christopher Kohlhoff <chris at kohlhoff.com>
+Date: Thu, 19 Nov 2015 10:25:42 +1100
+Subject: [PATCH] BoringSSL does not provide CONF_modules_unload.
+
+---
+ asio/include/asio/ssl/detail/impl/openssl_init.ipp | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/asio/include/asio/ssl/detail/impl/openssl_init.ipp b/asio/include/asio/ssl/detail/impl/openssl_init.ipp
+index da66fc1..2a70bf5 100644
+--- a/asio/include/asio/ssl/detail/impl/openssl_init.ipp
++++ b/asio/include/asio/ssl/detail/impl/openssl_init.ipp
+@@ -70,7 +70,9 @@ public:
+ #endif // (OPENSSL_VERSION_NUMBER >= 0x10000000L)
+     ::EVP_cleanup();
+     ::CRYPTO_cleanup_all_ex_data();
++#if !defined(OPENSSL_IS_BORINGSSL)
+     ::CONF_modules_unload(1);
++#endif // !defined(OPENSSL_IS_BORINGSSL)
+ #if !defined(OPENSSL_NO_ENGINE)
+     ::ENGINE_cleanup();
+ #endif // !defined(OPENSSL_NO_ENGINE)
+From 062b19c97bb85f4625b46f93ee19b234948ff235 Mon Sep 17 00:00:00 2001
+From: Marcel Raad <raad at teamviewer.com>
+Date: Fri, 1 Apr 2016 10:46:17 +0200
+Subject: [PATCH] Add compatibility with OpenSSL 1.1 - SSLv2 has been
+ completely removed from OpenSSL, even without OPENSSL_NO_SSL2 - there is a
+ new threading API without locking callbacks - struct SSL_CTX has been made
+ opaque and must be used via accessor functions - some cleanup functions have
+ been removed
+
+---
+ asio/include/asio/ssl/detail/impl/engine.ipp       |  2 +
+ asio/include/asio/ssl/detail/impl/openssl_init.ipp | 20 ++++--
+ asio/include/asio/ssl/impl/context.ipp             | 71 +++++++++++++++++-----
+ 3 files changed, 72 insertions(+), 21 deletions(-)
+
+diff --git a/asio/include/asio/ssl/detail/impl/engine.ipp b/asio/include/asio/ssl/detail/impl/engine.ipp
+index fa5d4b0..22b7cdd 100644
+--- a/asio/include/asio/ssl/detail/impl/engine.ipp
++++ b/asio/include/asio/ssl/detail/impl/engine.ipp
+@@ -201,8 +201,10 @@ const asio::error_code& engine::map_error_code(
+ 
+   // SSL v2 doesn't provide a protocol-level shutdown, so an eof on the
+   // underlying transport is passed through.
++#if (OPENSSL_VERSION_NUMBER < 0x10100000L)
+   if (ssl_->version == SSL2_VERSION)
+     return ec;
++#endif // (OPENSSL_VERSION_NUMBER < 0x10100000L)
+ 
+   // Otherwise, the peer should have negotiated a proper shutdown.
+   if ((::SSL_get_shutdown(ssl_) & SSL_RECEIVED_SHUTDOWN) == 0)
+diff --git a/asio/include/asio/ssl/detail/impl/openssl_init.ipp b/asio/include/asio/ssl/detail/impl/openssl_init.ipp
+index 700b678..62a49cd 100644
+--- a/asio/include/asio/ssl/detail/impl/openssl_init.ipp
++++ b/asio/include/asio/ssl/detail/impl/openssl_init.ipp
+@@ -39,11 +39,13 @@ public:
+     ::SSL_load_error_strings();        
+     ::OpenSSL_add_all_algorithms();
+ 
++#if (OPENSSL_VERSION_NUMBER < 0x10100000L)
+     mutexes_.resize(::CRYPTO_num_locks());
+     for (size_t i = 0; i < mutexes_.size(); ++i)
+       mutexes_[i].reset(new asio::detail::mutex);
+     ::CRYPTO_set_locking_callback(&do_init::openssl_locking_func);
+     ::CRYPTO_set_id_callback(&do_init::openssl_id_func);
++#endif // (OPENSSL_VERSION_NUMBER < 0x10100000L)
+ 
+ #if !defined(SSL_OP_NO_COMPRESSION) \
+   && (OPENSSL_VERSION_NUMBER >= 0x00908000L)
+@@ -60,22 +62,26 @@ public:
+ #endif // !defined(SSL_OP_NO_COMPRESSION)
+        // && (OPENSSL_VERSION_NUMBER >= 0x00908000L)
+ 
++#if (OPENSSL_VERSION_NUMBER < 0x10100000L)
+     ::CRYPTO_set_id_callback(0);
+     ::CRYPTO_set_locking_callback(0);
+     ::ERR_free_strings();
+-#if (OPENSSL_VERSION_NUMBER >= 0x10000000L)
+-    ::ERR_remove_thread_state(NULL);
+-#else // (OPENSSL_VERSION_NUMBER >= 0x10000000L)
+-    ::ERR_remove_state(0);
+-#endif // (OPENSSL_VERSION_NUMBER >= 0x10000000L)
+     ::EVP_cleanup();
+     ::CRYPTO_cleanup_all_ex_data();
++#endif // (OPENSSL_VERSION_NUMBER < 0x10100000L)
++#if (OPENSSL_VERSION_NUMBER < 0x10000000L)
++    ::ERR_remove_state(0);
++#elif (OPENSSL_VERSION_NUMBER < 0x10100000L)
++    ::ERR_remove_thread_state(NULL);
++#endif // (OPENSSL_VERSION_NUMBER < 0x10000000L)
+ #if !defined(OPENSSL_IS_BORINGSSL)
+     ::CONF_modules_unload(1);
+ #endif // !defined(OPENSSL_IS_BORINGSSL)
+-#if !defined(OPENSSL_NO_ENGINE)
++#if !defined(OPENSSL_NO_ENGINE) \
++  && (OPENSSL_VERSION_NUMBER < 0x10100000L)
+     ::ENGINE_cleanup();
+ #endif // !defined(OPENSSL_NO_ENGINE)
++       // && (OPENSSL_VERSION_NUMBER < 0x10100000L)
+   }
+ 
+ #if !defined(SSL_OP_NO_COMPRESSION) \
+@@ -104,10 +110,12 @@ private:
+   static void openssl_locking_func(int mode, int n, 
+     const char* /*file*/, int /*line*/)
+   {
++#if (OPENSSL_VERSION_NUMBER < 0x10100000L)
+     if (mode & CRYPTO_LOCK)
+       instance()->mutexes_[n]->lock();
+     else
+       instance()->mutexes_[n]->unlock();
++#endif // (OPENSSL_VERSION_NUMBER < 0x10100000L)
+   }
+ 
+   // Mutexes to be used in locking callbacks.
+diff --git a/asio/include/asio/ssl/impl/context.ipp b/asio/include/asio/ssl/impl/context.ipp
+index 02210d9..fde7709 100644
+--- a/asio/include/asio/ssl/impl/context.ipp
++++ b/asio/include/asio/ssl/impl/context.ipp
+@@ -66,7 +66,8 @@ context::context(context::method m)
+ 
+   switch (m)
+   {
+-#if defined(OPENSSL_NO_SSL2)
++#if defined(OPENSSL_NO_SSL2) \
++  || (OPENSSL_VERSION_NUMBER >= 0x10100000L)
+   case context::sslv2:
+   case context::sslv2_client:
+   case context::sslv2_server:
+@@ -74,6 +75,7 @@ context::context(context::method m)
+         asio::error::invalid_argument, "context");
+     break;
+ #else // defined(OPENSSL_NO_SSL2)
++      // || (OPENSSL_VERSION_NUMBER >= 0x10100000L)
+   case context::sslv2:
+     handle_ = ::SSL_CTX_new(::SSLv2_method());
+     break;
+@@ -84,6 +86,7 @@ context::context(context::method m)
+     handle_ = ::SSL_CTX_new(::SSLv2_server_method());
+     break;
+ #endif // defined(OPENSSL_NO_SSL2)
++       // || (OPENSSL_VERSION_NUMBER >= 0x10100000L)
+ #if defined(OPENSSL_NO_SSL3)
+   case context::sslv3:
+   case context::sslv3_client:
+@@ -192,13 +195,22 @@ context::~context()
+ {
+   if (handle_)
+   {
+-    if (handle_->default_passwd_callback_userdata)
++#if (OPENSSL_VERSION_NUMBER >= 0x10100000L)
++    void* cb_userdata = ::SSL_CTX_get_default_passwd_cb_userdata(handle_);
++#else // (OPENSSL_VERSION_NUMBER >= 0x10100000L)
++    void* cb_userdata = handle_->default_passwd_callback_userdata;
++#endif // (OPENSSL_VERSION_NUMBER >= 0x10100000L)
++    if (cb_userdata)
+     {
+       detail::password_callback_base* callback =
+         static_cast<detail::password_callback_base*>(
+-            handle_->default_passwd_callback_userdata);
++            cb_userdata);
+       delete callback;
++#if (OPENSSL_VERSION_NUMBER >= 0x10100000L)
++      ::SSL_CTX_set_default_passwd_cb_userdata(handle_, 0);
++#else // (OPENSSL_VERSION_NUMBER >= 0x10100000L)
+       handle_->default_passwd_callback_userdata = 0;
++#endif // (OPENSSL_VERSION_NUMBER >= 0x10100000L)
+     }
+ 
+     if (SSL_CTX_get_app_data(handle_))
+@@ -528,10 +540,17 @@ ASIO_SYNC_OP_VOID context::use_certificate_chain(
+   bio_cleanup bio = { make_buffer_bio(chain) };
+   if (bio.p)
+   {
++#if (OPENSSL_VERSION_NUMBER >= 0x10100000L)
++    pem_password_cb* callback = ::SSL_CTX_get_default_passwd_cb(handle_);
++    void* cb_userdata = ::SSL_CTX_get_default_passwd_cb_userdata(handle_);
++#else // (OPENSSL_VERSION_NUMBER >= 0x10100000L)
++    pem_password_cb* callback = handle_->default_passwd_callback;
++    void* cb_userdata = handle_->default_passwd_callback_userdata;
++#endif // (OPENSSL_VERSION_NUMBER >= 0x10100000L)
+     x509_cleanup cert = {
+       ::PEM_read_bio_X509_AUX(bio.p, 0,
+-          handle_->default_passwd_callback,
+-          handle_->default_passwd_callback_userdata) };
++          callback,
++          cb_userdata) };
+     if (!cert.p)
+     {
+       ec = asio::error_code(ERR_R_PEM_LIB,
+@@ -559,8 +578,8 @@ ASIO_SYNC_OP_VOID context::use_certificate_chain(
+ #endif // (OPENSSL_VERSION_NUMBER >= 0x10002000L)
+ 
+     while (X509* cacert = ::PEM_read_bio_X509(bio.p, 0,
+-          handle_->default_passwd_callback,
+-          handle_->default_passwd_callback_userdata))
++          callback,
++          cb_userdata))
+     {
+       if (!::SSL_CTX_add_extra_chain_cert(handle_, cacert))
+       {
+@@ -625,6 +644,14 @@ ASIO_SYNC_OP_VOID context::use_private_key(
+ {
+   ::ERR_clear_error();
+ 
++#if (OPENSSL_VERSION_NUMBER >= 0x10100000L)
++    pem_password_cb* callback = ::SSL_CTX_get_default_passwd_cb(handle_);
++    void* cb_userdata = ::SSL_CTX_get_default_passwd_cb_userdata(handle_);
++#else // (OPENSSL_VERSION_NUMBER >= 0x10100000L)
++    pem_password_cb* callback = handle_->default_passwd_callback;
++    void* cb_userdata = handle_->default_passwd_callback_userdata;
++#endif // (OPENSSL_VERSION_NUMBER >= 0x10100000L)
++
+   bio_cleanup bio = { make_buffer_bio(private_key) };
+   if (bio.p)
+   {
+@@ -636,8 +663,8 @@ ASIO_SYNC_OP_VOID context::use_private_key(
+       break;
+     case context_base::pem:
+       evp_private_key.p = ::PEM_read_bio_PrivateKey(
+-          bio.p, 0, handle_->default_passwd_callback,
+-          handle_->default_passwd_callback_userdata);
++          bio.p, 0, callback,
++          cb_userdata);
+       break;
+     default:
+       {
+@@ -684,6 +711,14 @@ ASIO_SYNC_OP_VOID context::use_rsa_private_key(
+ {
+   ::ERR_clear_error();
+ 
++#if (OPENSSL_VERSION_NUMBER >= 0x10100000L)
++    pem_password_cb* callback = ::SSL_CTX_get_default_passwd_cb(handle_);
++    void* cb_userdata = ::SSL_CTX_get_default_passwd_cb_userdata(handle_);
++#else // (OPENSSL_VERSION_NUMBER >= 0x10100000L)
++    pem_password_cb* callback = handle_->default_passwd_callback;
++    void* cb_userdata = handle_->default_passwd_callback_userdata;
++#endif // (OPENSSL_VERSION_NUMBER >= 0x10100000L)
++
+   bio_cleanup bio = { make_buffer_bio(private_key) };
+   if (bio.p)
+   {
+@@ -695,8 +730,8 @@ ASIO_SYNC_OP_VOID context::use_rsa_private_key(
+       break;
+     case context_base::pem:
+       rsa_private_key.p = ::PEM_read_bio_RSAPrivateKey(
+-          bio.p, 0, handle_->default_passwd_callback,
+-          handle_->default_passwd_callback_userdata);
++          bio.p, 0, callback,
++          cb_userdata);
+       break;
+     default:
+       {
+@@ -915,11 +950,17 @@ int context::verify_callback_function(int preverified, X509_STORE_CTX* ctx)
+ ASIO_SYNC_OP_VOID context::do_set_password_callback(
+     detail::password_callback_base* callback, asio::error_code& ec)
+ {
+-  if (handle_->default_passwd_callback_userdata)
+-    delete static_cast<detail::password_callback_base*>(
+-        handle_->default_passwd_callback_userdata);
+-
++#if (OPENSSL_VERSION_NUMBER >= 0x10100000L)
++  void* old_callback = ::SSL_CTX_get_default_passwd_cb_userdata(handle_);
++  ::SSL_CTX_set_default_passwd_cb_userdata(handle_, callback);
++#else // (OPENSSL_VERSION_NUMBER >= 0x10100000L)
++  void* old_callback = handle_->default_passwd_callback_userdata;
+   handle_->default_passwd_callback_userdata = callback;
++#endif // (OPENSSL_VERSION_NUMBER >= 0x10100000L)
++
++  if (old_callback)
++    delete static_cast<detail::password_callback_base*>(
++        old_callback);
+ 
+   SSL_CTX_set_default_passwd_cb(handle_, &context::password_callback_function);
+ 
+From 69e44a4cc6eb5ba21ede409779a7b777c0eb3869 Mon Sep 17 00:00:00 2001
+From: Christopher Kohlhoff <chris at kohlhoff.com>
+Date: Sun, 28 Aug 2016 10:02:08 +1000
+Subject: [PATCH] Fix errors when OPENSSL_NO_DEPRECATED is defined.
+
+---
+ asio/include/asio/ssl/detail/impl/openssl_init.ipp | 23 +++++++++++-----------
+ asio/include/asio/ssl/detail/openssl_types.hpp     |  2 ++
+ 2 files changed, 13 insertions(+), 12 deletions(-)
+
+diff --git a/asio/include/asio/ssl/detail/impl/openssl_init.ipp b/asio/include/asio/ssl/detail/impl/openssl_init.ipp
+index 62a49cd..4cc9859 100644
+--- a/asio/include/asio/ssl/detail/impl/openssl_init.ipp
++++ b/asio/include/asio/ssl/detail/impl/openssl_init.ipp
+@@ -44,8 +44,10 @@ public:
+     for (size_t i = 0; i < mutexes_.size(); ++i)
+       mutexes_[i].reset(new asio::detail::mutex);
+     ::CRYPTO_set_locking_callback(&do_init::openssl_locking_func);
+-    ::CRYPTO_set_id_callback(&do_init::openssl_id_func);
+ #endif // (OPENSSL_VERSION_NUMBER < 0x10100000L)
++#if (OPENSSL_VERSION_NUMBER < 0x10000000L)
++    ::CRYPTO_set_id_callback(&do_init::openssl_id_func);
++#endif // (OPENSSL_VERSION_NUMBER < 0x10000000L)
+ 
+ #if !defined(SSL_OP_NO_COMPRESSION) \
+   && (OPENSSL_VERSION_NUMBER >= 0x00908000L)
+@@ -62,8 +64,10 @@ public:
+ #endif // !defined(SSL_OP_NO_COMPRESSION)
+        // && (OPENSSL_VERSION_NUMBER >= 0x00908000L)
+ 
+-#if (OPENSSL_VERSION_NUMBER < 0x10100000L)
++#if (OPENSSL_VERSION_NUMBER < 0x10000000L)
+     ::CRYPTO_set_id_callback(0);
++#endif // (OPENSSL_VERSION_NUMBER < 0x10000000L)
++#if (OPENSSL_VERSION_NUMBER < 0x10100000L)
+     ::CRYPTO_set_locking_callback(0);
+     ::ERR_free_strings();
+     ::EVP_cleanup();
+@@ -94,38 +98,33 @@ public:
+        // && (OPENSSL_VERSION_NUMBER >= 0x00908000L)
+ 
+ private:
++#if (OPENSSL_VERSION_NUMBER < 0x10000000L)
+   static unsigned long openssl_id_func()
+   {
+ #if defined(ASIO_WINDOWS) || defined(__CYGWIN__)
+     return ::GetCurrentThreadId();
+ #else // defined(ASIO_WINDOWS) || defined(__CYGWIN__)
+-    void* id = instance()->thread_id_;
+-    if (id == 0)
+-      instance()->thread_id_ = id = &id; // Ugh.
++    void* id = &errno;
+     ASIO_ASSERT(sizeof(unsigned long) >= sizeof(void*));
+     return reinterpret_cast<unsigned long>(id);
+ #endif // defined(ASIO_WINDOWS) || defined(__CYGWIN__)
+   }
++#endif // (OPENSSL_VERSION_NUMBER < 0x10000000L)
+ 
++#if (OPENSSL_VERSION_NUMBER < 0x10100000L)
+   static void openssl_locking_func(int mode, int n, 
+     const char* /*file*/, int /*line*/)
+   {
+-#if (OPENSSL_VERSION_NUMBER < 0x10100000L)
+     if (mode & CRYPTO_LOCK)
+       instance()->mutexes_[n]->lock();
+     else
+       instance()->mutexes_[n]->unlock();
+-#endif // (OPENSSL_VERSION_NUMBER < 0x10100000L)
+   }
+ 
+   // Mutexes to be used in locking callbacks.
+   std::vector<asio::detail::shared_ptr<
+         asio::detail::mutex> > mutexes_;
+-
+-#if !defined(ASIO_WINDOWS) && !defined(__CYGWIN__)
+-  // The thread identifiers to be used by openssl.
+-  asio::detail::tss_ptr<void> thread_id_;
+-#endif // !defined(ASIO_WINDOWS) && !defined(__CYGWIN__)
++#endif // (OPENSSL_VERSION_NUMBER < 0x10100000L)
+ 
+ #if !defined(SSL_OP_NO_COMPRESSION) \
+   && (OPENSSL_VERSION_NUMBER >= 0x00908000L)
+diff --git a/asio/include/asio/ssl/detail/openssl_types.hpp b/asio/include/asio/ssl/detail/openssl_types.hpp
+index d9cfc71..eda740d 100644
+--- a/asio/include/asio/ssl/detail/openssl_types.hpp
++++ b/asio/include/asio/ssl/detail/openssl_types.hpp
+@@ -21,7 +21,9 @@
+ #if !defined(OPENSSL_NO_ENGINE)
+ # include <openssl/engine.h>
+ #endif // !defined(OPENSSL_NO_ENGINE)
++#include <openssl/dh.h>
+ #include <openssl/err.h>
++#include <openssl/rsa.h>
+ #include <openssl/x509v3.h>
+ #include "asio/detail/socket_types.hpp"
+ 
+From 2cde22623ca0fd9571d8d57c5a8965082d815e1c Mon Sep 17 00:00:00 2001
+From: Christopher Kohlhoff <chris at kohlhoff.com>
+Date: Tue, 13 Sep 2016 21:59:03 +1000
+Subject: [PATCH] Call SSL_COMP_free_compression_methods() on ssl cleanup.
+
+This call is needed for OpenSSL >=1.0.2 and <1.1.0.
+---
+ asio/include/asio/ssl/detail/impl/openssl_init.ipp | 5 +++++
+ 1 file changed, 5 insertions(+)
+
+diff --git a/asio/include/asio/ssl/detail/impl/openssl_init.ipp b/asio/include/asio/ssl/detail/impl/openssl_init.ipp
+index 4cc9859..392eff9 100644
+--- a/asio/include/asio/ssl/detail/impl/openssl_init.ipp
++++ b/asio/include/asio/ssl/detail/impl/openssl_init.ipp
+@@ -78,6 +78,11 @@ public:
+ #elif (OPENSSL_VERSION_NUMBER < 0x10100000L)
+     ::ERR_remove_thread_state(NULL);
+ #endif // (OPENSSL_VERSION_NUMBER < 0x10000000L)
++#if (OPENSSL_VERSION_NUMBER >= 0x10002000L) \
++    && (OPENSSL_VERSION_NUMBER < 0x10100000L)
++    ::SSL_COMP_free_compression_methods();
++#endif // (OPENSSL_VERSION_NUMBER >= 0x10002000L)
++       // && (OPENSSL_VERSION_NUMBER < 0x10100000L)
+ #if !defined(OPENSSL_IS_BORINGSSL)
+     ::CONF_modules_unload(1);
+ #endif // !defined(OPENSSL_IS_BORINGSSL)
+From dc2b5b9ac09326ba1e38a28b48170063ca2b1332 Mon Sep 17 00:00:00 2001
+From: Marcel Raad <MarcelRaad at users.noreply.github.com>
+Date: Mon, 31 Oct 2016 10:32:19 +0100
+Subject: [PATCH] Fix compilation with OpenSSL 1.1 API
+
+With OPENSSL_API_COMPAT=0x10100000L, SSL_library_init, SSL_load_error_strings, and OpenSSL_add_all_algorithms are removed.
+With OPENSSL_API_COMPAT=0x10000000L, these are function-style macros mapping to OPENSSL_init_ssl, which is called automatically anyway.
+
+References:
+https://www.openssl.org/docs/man1.1.0/ssl/OPENSSL_init_ssl.html
+https://www.openssl.org/docs/man1.1.0/crypto/OPENSSL_init_crypto.html
+---
+ asio/include/asio/ssl/detail/impl/openssl_init.ipp | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/asio/include/asio/ssl/detail/impl/openssl_init.ipp b/asio/include/asio/ssl/detail/impl/openssl_init.ipp
+index 392eff9..5de0caa 100644
+--- a/asio/include/asio/ssl/detail/impl/openssl_init.ipp
++++ b/asio/include/asio/ssl/detail/impl/openssl_init.ipp
+@@ -35,11 +35,11 @@ class openssl_init_base::do_init
+ public:
+   do_init()
+   {
++#if (OPENSSL_VERSION_NUMBER < 0x10100000L)
+     ::SSL_library_init();
+     ::SSL_load_error_strings();        
+     ::OpenSSL_add_all_algorithms();
+ 
+-#if (OPENSSL_VERSION_NUMBER < 0x10100000L)
+     mutexes_.resize(::CRYPTO_num_locks());
+     for (size_t i = 0; i < mutexes_.size(); ++i)
+       mutexes_[i].reset(new asio::detail::mutex);

Copied: mongodb/repos/community-staging-x86_64/boost160.patch (from rev 218239, mongodb/trunk/boost160.patch)
===================================================================
--- community-staging-x86_64/boost160.patch	                        (rev 0)
+++ community-staging-x86_64/boost160.patch	2017-03-21 23:22:51 UTC (rev 218240)
@@ -0,0 +1,11 @@
+diff -uprb mongodb-src-r3.2.0.orig/SConstruct mongodb-src-r3.2.0/SConstruct
+--- mongodb-src-r3.2.0.orig/SConstruct	2015-12-02 21:01:34.000000000 +0200
++++ mongodb-src-r3.2.0/SConstruct	2015-12-22 11:18:23.613216445 +0200
+@@ -2245,6 +2245,7 @@ def doConfigure(myenv):
+             # permit more than four parameters.
+             "BOOST_THREAD_DONT_PROVIDE_VARIADIC_THREAD",
+             "BOOST_SYSTEM_NO_DEPRECATED",
++            "BOOST_OPTIONAL_USE_SINGLETON_DEFINITION_OF_NONE",
+         ]
+     )
+ 

Copied: mongodb/repos/community-staging-x86_64/mongodb-3.2.10-boost-1.62.0.patch (from rev 218239, mongodb/trunk/mongodb-3.2.10-boost-1.62.0.patch)
===================================================================
--- community-staging-x86_64/mongodb-3.2.10-boost-1.62.0.patch	                        (rev 0)
+++ community-staging-x86_64/mongodb-3.2.10-boost-1.62.0.patch	2017-03-21 23:22:51 UTC (rev 218240)
@@ -0,0 +1,15 @@
+$NetBSD: patch-src_mongo_db_fts_unicode_string.cpp,v 1.1 2016/10/10 13:15:40 ryoon Exp $
+
+* Fix build with boost 1.62.0
+
+--- a/src/mongo/db/fts/unicode/string.cpp.orig	2016-09-26 12:10:04.000000000 +0000
++++ b/src/mongo/db/fts/unicode/string.cpp
+@@ -274,7 +274,7 @@ bool String::substrMatch(const std::stri
+ 
+     // Case sensitive and diacritic sensitive.
+     return boost::algorithm::boyer_moore_search(
+-               haystack.begin(), haystack.end(), needle.begin(), needle.end()) != haystack.end();
++               haystack.begin(), haystack.end(), needle.begin(), needle.end()) != std::make_pair(haystack.end(), haystack.end());
+ }
+ 
+ }  // namespace unicode

Copied: mongodb/repos/community-staging-x86_64/mongodb-3.2.10-network_interface_asio_integration_test.patch (from rev 218239, mongodb/trunk/mongodb-3.2.10-network_interface_asio_integration_test.patch)
===================================================================
--- community-staging-x86_64/mongodb-3.2.10-network_interface_asio_integration_test.patch	                        (rev 0)
+++ community-staging-x86_64/mongodb-3.2.10-network_interface_asio_integration_test.patch	2017-03-21 23:22:51 UTC (rev 218240)
@@ -0,0 +1,23 @@
+From ea20ce71ee1151abc5bbe5ea60713a86d34a751a Mon Sep 17 00:00:00 2001
+From: Waley Chen <waleycz at gmail.com>
+Date: Fri, 6 May 2016 17:53:10 -0400
+Subject: [PATCH] SERVER-23951 network_interface_asio_integration_test //
+ ExceededTimeLimit
+
+---
+ src/mongo/executor/network_interface_asio_integration_test.cpp | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/mongo/executor/network_interface_asio_integration_test.cpp b/src/mongo/executor/network_interface_asio_integration_test.cpp
+index cb85f27..617ae36 100644
+--- a/src/mongo/executor/network_interface_asio_integration_test.cpp
++++ b/src/mongo/executor/network_interface_asio_integration_test.cpp
+@@ -170,7 +170,7 @@ class StressTestOp {
+     using Fixture = NetworkInterfaceASIOIntegrationTest;
+     using Pool = ThreadPoolInterface;
+ 
+-    Deferred<Status> run(Fixture* fixture, Pool* pool, Milliseconds timeout = Milliseconds(5000)) {
++    Deferred<Status> run(Fixture* fixture, Pool* pool, Milliseconds timeout = Milliseconds(60000)) {
+         auto cb = makeCallbackHandle();
+         auto self = *this;
+         auto out =

Copied: mongodb/repos/community-staging-x86_64/mongodb.conf (from rev 218239, mongodb/trunk/mongodb.conf)
===================================================================
--- community-staging-x86_64/mongodb.conf	                        (rev 0)
+++ community-staging-x86_64/mongodb.conf	2017-03-21 23:22:51 UTC (rev 218240)
@@ -0,0 +1,8 @@
+# See http://www.mongodb.org/display/DOCS/File+Based+Configuration for format details
+# Run mongod --help to see a list of options
+
+bind_ip = 127.0.0.1
+quiet = true
+dbpath = /var/lib/mongodb
+logpath = /var/log/mongodb/mongod.log
+logappend = true

Copied: mongodb/repos/community-staging-x86_64/mongodb.install (from rev 218239, mongodb/trunk/mongodb.install)
===================================================================
--- community-staging-x86_64/mongodb.install	                        (rev 0)
+++ community-staging-x86_64/mongodb.install	2017-03-21 23:22:51 UTC (rev 218240)
@@ -0,0 +1,20 @@
+# vim: syntax=sh
+
+post_install() {
+  post_upgrade $1 ''
+
+  if [ "$(uname -m)" != "x86_64" ]
+  then
+    echo '==> Warning: the 32 bit version of MongoDB is limited to about 2GB of data.'
+    echo '==> See http://blog.mongodb.org/post/137788967/32-bit-limitations'
+  fi
+}
+
+post_upgrade() {
+  if ! getent passwd mongodb >/dev/null
+  then
+    useradd -r -g daemon -d /var/lib/mongodb -s /bin/bash mongodb
+  fi
+  chown -R mongodb:daemon /var/lib/mongodb
+  chown -R mongodb:daemon /var/log/mongodb
+}

Copied: mongodb/repos/community-staging-x86_64/mongodb.service (from rev 218239, mongodb/trunk/mongodb.service)
===================================================================
--- community-staging-x86_64/mongodb.service	                        (rev 0)
+++ community-staging-x86_64/mongodb.service	2017-03-21 23:22:51 UTC (rev 218240)
@@ -0,0 +1,10 @@
+[Unit]
+Description=High-performance, schema-free document-oriented database
+After=network.target
+
+[Service]
+User=mongodb
+ExecStart=/usr/bin/mongod --quiet --config /etc/mongodb.conf
+
+[Install]
+WantedBy=multi-user.target

Copied: mongodb/repos/community-staging-x86_64/openssl-1.1.0.patch (from rev 218239, mongodb/trunk/openssl-1.1.0.patch)
===================================================================
--- community-staging-x86_64/openssl-1.1.0.patch	                        (rev 0)
+++ community-staging-x86_64/openssl-1.1.0.patch	2017-03-21 23:22:51 UTC (rev 218240)
@@ -0,0 +1,71 @@
+diff --git a/src/mongo/crypto/crypto_openssl.cpp b/src/mongo/crypto/crypto_openssl.cpp
+index ca6844a..cd9bf17 100644
+--- a/src/mongo/crypto/crypto_openssl.cpp
++++ b/src/mongo/crypto/crypto_openssl.cpp
+@@ -45,19 +45,26 @@ namespace crypto {
+  * Computes a SHA-1 hash of 'input'.
+  */
+ bool sha1(const unsigned char* input, const size_t inputLen, unsigned char* output) {
+-    EVP_MD_CTX digestCtx;
+-    EVP_MD_CTX_init(&digestCtx);
+-    ON_BLOCK_EXIT(EVP_MD_CTX_cleanup, &digestCtx);
++    EVP_MD_CTX *digestCtx;
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
++    digestCtx = (EVP_MD_CTX*) malloc(sizeof(EVP_MD_CTX));
++    EVP_MD_CTX_init(digestCtx);
++    ON_BLOCK_EXIT(free, digestCtx);
++    ON_BLOCK_EXIT(EVP_MD_CTX_cleanup, digestCtx);
++#else
++    digestCtx = EVP_MD_CTX_new();
++    ON_BLOCK_EXIT(EVP_MD_CTX_free, digestCtx);
++#endif
+ 
+-    if (1 != EVP_DigestInit_ex(&digestCtx, EVP_sha1(), NULL)) {
++    if (1 != EVP_DigestInit_ex(digestCtx, EVP_sha1(), NULL)) {
+         return false;
+     }
+ 
+-    if (1 != EVP_DigestUpdate(&digestCtx, input, inputLen)) {
++    if (1 != EVP_DigestUpdate(digestCtx, input, inputLen)) {
+         return false;
+     }
+ 
+-    return (1 == EVP_DigestFinal_ex(&digestCtx, output, NULL));
++    return (1 == EVP_DigestFinal_ex(digestCtx, output, NULL));
+ }
+ 
+ /*
+diff --git a/src/mongo/util/net/ssl_manager.cpp b/src/mongo/util/net/ssl_manager.cpp
+index 504e3d5..16c34fa 100644
+--- a/src/mongo/util/net/ssl_manager.cpp
++++ b/src/mongo/util/net/ssl_manager.cpp
+@@ -741,7 +741,7 @@ bool SSLManager::_parseAndValidateCertificate(const std::string& keyFile,
+                                               const std::string& keyPassword,
+                                               std::string* subjectName,
+                                               Date_t* serverCertificateExpirationDate) {
+-    BIO* inBIO = BIO_new(BIO_s_file_internal());
++    BIO* inBIO = BIO_new(BIO_s_file());
+     if (inBIO == NULL) {
+         error() << "failed to allocate BIO object: " << getSSLErrorMessage(ERR_get_error());
+         return false;
+@@ -800,7 +800,7 @@ bool SSLManager::_setupPEM(SSL_CTX* context,
+         return false;
+     }
+ 
+-    BIO* inBio = BIO_new(BIO_s_file_internal());
++    BIO* inBio = BIO_new(BIO_s_file());
+     if (!inBio) {
+         error() << "failed to allocate BIO object: " << getSSLErrorMessage(ERR_get_error());
+         return false;
+@@ -1276,7 +1276,11 @@ SSLPeerInfo SSLManager::parseAndValidatePeerCertificateDeprecated(const SSLConne
+ 
+ StatusWith<stdx::unordered_set<RoleName>> SSLManager::_parsePeerRoles(X509* peerCert) const {
+     // exts is owned by the peerCert
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
+     STACK_OF(X509_EXTENSION)* exts = peerCert->cert_info->extensions;
++#else
++    const STACK_OF(X509_EXTENSION)* exts = X509_get0_extensions(peerCert);
++#endif
+ 
+     int extCount = 0;
+     if (exts) {


More information about the arch-commits mailing list