diff options
| author | nia <nia@pkgsrc.org> | 2019-07-04 12:15:04 +0000 |
|---|---|---|
| committer | nia <nia@pkgsrc.org> | 2019-07-04 12:15:04 +0000 |
| commit | 98b24a7f08a664a3e3dca0842dbe3138d0b0de53 (patch) | |
| tree | 8d56d8738ad804ca8727d50783f68197f9f311ee /www/elinks/patches | |
| parent | 187bc2117bc3f972fc4c9c232aeaf2e26027bfb7 (diff) | |
| download | pkgsrc-98b24a7f08a664a3e3dca0842dbe3138d0b0de53.tar.gz | |
elinks: Support OpenSSL 1.1. Based on the FreeBSD Ports patches.
While here, define LICENSE.
Bump PKGREVISION.
Diffstat (limited to 'www/elinks/patches')
| -rw-r--r-- | www/elinks/patches/patch-src_network_ssl_socket.c | 26 | ||||
| -rw-r--r-- | www/elinks/patches/patch-src_network_ssl_ssl.c | 28 |
2 files changed, 54 insertions, 0 deletions
diff --git a/www/elinks/patches/patch-src_network_ssl_socket.c b/www/elinks/patches/patch-src_network_ssl_socket.c new file mode 100644 index 00000000000..b3527825b54 --- /dev/null +++ b/www/elinks/patches/patch-src_network_ssl_socket.c @@ -0,0 +1,26 @@ +$NetBSD: patch-src_network_ssl_socket.c,v 1.1 2019/07/04 12:15:04 nia Exp $ + +Support OpenSSL 1.1. + +Derived from FreeBSD Ports. + +--- src/network/ssl/socket.c.orig 2012-10-28 12:57:15.000000000 +0000 ++++ src/network/ssl/socket.c +@@ -67,7 +67,7 @@ static void + ssl_set_no_tls(struct socket *socket) + { + #ifdef CONFIG_OPENSSL +- ((ssl_t *) socket->ssl)->options |= SSL_OP_NO_TLSv1; ++ SSL_set_options((ssl_t *) socket->ssl, SSL_OP_NO_TLSv1); + #elif defined(CONFIG_GNUTLS) + { + /* GnuTLS does not support SSLv2 because it is "insecure". +@@ -145,7 +145,7 @@ ssl_connect(struct socket *socket) + } + + if (client_cert) { +- SSL_CTX *ctx = ((SSL *) socket->ssl)->ctx; ++ SSL_CTX *ctx = SSL_get_SSL_CTX(socket->ssl); + + SSL_CTX_use_certificate_chain_file(ctx, client_cert); + SSL_CTX_use_PrivateKey_file(ctx, client_cert, diff --git a/www/elinks/patches/patch-src_network_ssl_ssl.c b/www/elinks/patches/patch-src_network_ssl_ssl.c new file mode 100644 index 00000000000..fed46998e3d --- /dev/null +++ b/www/elinks/patches/patch-src_network_ssl_ssl.c @@ -0,0 +1,28 @@ +$NetBSD: patch-src_network_ssl_ssl.c,v 1.1 2019/07/04 12:15:04 nia Exp $ + +Build on newer OpenSSL without RAND_egd. + +Derived from upstream: + +https://repo.or.cz/elinks.git/blobdiff/6eba447e8ae12cacac3b479c7148d189bea3e8ea..f4a58ba3b574a478fd5954ba2c5b29e8b809ff9b:/src/network/ssl/ssl.c + +--- src/network/ssl/ssl.c.orig 2012-10-28 12:57:15.000000000 +0000 ++++ src/network/ssl/ssl.c +@@ -50,11 +50,16 @@ init_openssl(struct module *module) + * cannot initialize the PRNG and so every attempt to use SSL fails. + * It's actually an OpenSSL FAQ, and according to them, it's up to the + * application coders to seed the RNG. -- William Yodlowsky */ +- if (RAND_egd(RAND_file_name(f_randfile, sizeof(f_randfile))) < 0) { ++ RAND_file_name(f_randfile, sizeof(f_randfile)); ++#ifndef OPENSSL_NO_EGD ++ if (RAND_egd(f_randfile) < 0) { ++#endif + /* Not an EGD, so read and write to it */ + if (RAND_load_file(f_randfile, -1)) + RAND_write_file(f_randfile); ++#ifndef OPENSSL_NO_EGD + } ++#endif + + SSLeay_add_ssl_algorithms(); + context = SSL_CTX_new(SSLv23_client_method()); |