aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorNatanael Copa <ncopa@alpinelinux.org>2018-10-30 13:00:55 +0000
committerNatanael Copa <ncopa@alpinelinux.org>2018-11-07 16:46:11 +0000
commit4fe5858e462d0e75a58249973a80ee849b59847a (patch)
tree46ac29f57b375cd4d207cef6439b2207bc0fc139
parent74d1420c96c2f836fb075848b471c040227349ae (diff)
downloadaports-4fe5858e462d0e75a58249973a80ee849b59847a.tar.gz
aports-4fe5858e462d0e75a58249973a80ee849b59847a.tar.bz2
aports-4fe5858e462d0e75a58249973a80ee849b59847a.tar.xz
main/elinks: rebuild against openssl 1.1
-rw-r--r--main/elinks/APKBUILD24
-rw-r--r--main/elinks/elinks-0.12pre6-openssl11.patch73
-rw-r--r--main/elinks/libressl-2.5.patch11
3 files changed, 82 insertions, 26 deletions
diff --git a/main/elinks/APKBUILD b/main/elinks/APKBUILD
index a76eeb5f78..76cb1f1ce2 100644
--- a/main/elinks/APKBUILD
+++ b/main/elinks/APKBUILD
@@ -3,31 +3,26 @@
pkgname=elinks
pkgver=0.13
_ver=${pkgver/_/}
-pkgrel=5
+pkgrel=6
pkgdesc="a text mode web browser"
url="http://elinks.or.cz/"
arch="all"
license="GPL"
depends=
-makedepends="bzip2-dev zlib-dev libressl-dev expat-dev gettext-dev"
+makedepends="bzip2-dev zlib-dev openssl-dev expat-dev gettext-dev"
install=
subpackages="$pkgname-doc $pkgname-lang"
source="https://dev.alpinelinux.org/archive/elinks/elinks-$pkgver.tar.bz2
musl-va_copy.patch
ssl-Make-RAND_egd-optional.patch
- libressl-2.5.patch
+ elinks-0.12pre6-openssl11.patch
"
builddir="$srcdir"/elinks-0.13-20150624
prepare() {
- cd "$builddir"
- for i in $source; do
- case $i in
- *.patch) msg $i; patch -p1 -i "$srcdir"/$i || return 1;;
- esac
- done
- update_config_sub || return 1
+ default_prepare
+ update_config_sub
}
build() {
@@ -39,14 +34,13 @@ build() {
--sysconfdir=/etc \
--mandir=/usr/share/man \
--infodir=/usr/share/info \
- --without-included-gettext \
- || return 1
- make || return 1
+ --without-included-gettext
+ make
}
package() {
cd "$builddir"
- make DESTDIR="$pkgdir" install || return 1
+ make DESTDIR="$pkgdir" install
rm -rf "$pkgdir"/usr/lib/charset.alias
rmdir -p "$pkgdir"/usr/lib 2>/dev/null || true
#fix conflict with gettext
@@ -56,4 +50,4 @@ package() {
sha512sums="9dd7fb674ab914fccaf64b889f6fe3431f95abe1ae76f1df6155fbc89623ec921a4de5f30e896e94c77161c4b4638a29ec19b8e1fe4cbdebdc4666be024f8ed9 elinks-0.13.tar.bz2
56378b4744783e8a07c5e92f3f75cdb7edf7b26881eb033789d71612c3971b3a3c5ada5f02ec422391242cbceb64ff31a2be68298608ed6448c37056d6dedf40 musl-va_copy.patch
df3254ff429540cca66849e03cd6245bd3e82897225ba3bfea9a41ab222c0041e60c61784a9fd6f819b360b6168b6375a5455a97786ab656b24a8e1b4b96bda3 ssl-Make-RAND_egd-optional.patch
-6aa70bb8ddf1fb57b2e52ccc9b75d08731e8423f60f60aba31fcba879fbf3758208b0079b9204e2351380483c991ea39bddcc7f426d89fe18971390a01cae79d libressl-2.5.patch"
+85e7a4e560a87ba641a04e3fce918cd0a2b52bd13b162f15950e4bb7d19a511f984d0891e3df1784cc8bb77a53f6c7ed6ffe56d7707d6b32a6676e21725893b9 elinks-0.12pre6-openssl11.patch"
diff --git a/main/elinks/elinks-0.12pre6-openssl11.patch b/main/elinks/elinks-0.12pre6-openssl11.patch
new file mode 100644
index 0000000000..29c4ef6bcb
--- /dev/null
+++ b/main/elinks/elinks-0.12pre6-openssl11.patch
@@ -0,0 +1,73 @@
+From d83c0edf4c6ae42359ff856d7a879ecba5769595 Mon Sep 17 00:00:00 2001
+From: Kamil Dudka <kdudka@redhat.com>
+Date: Fri, 17 Feb 2017 16:51:41 +0100
+Subject: [PATCH 1/2] fix compatibility with OpenSSL 1.1
+
+---
+ src/network/ssl/socket.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/src/network/ssl/socket.c b/src/network/ssl/socket.c
+index c9e2be4..467fc48 100644
+--- a/src/network/ssl/socket.c
++++ b/src/network/ssl/socket.c
+@@ -83,7 +83,7 @@ static void
+ ssl_set_no_tls(struct socket *socket)
+ {
+ #ifdef CONFIG_OPENSSL
+- ((ssl_t *) socket->ssl)->options |= SSL_OP_NO_TLSv1;
++ SSL_set_options((ssl_t *) socket->ssl, SSL_OP_NO_TLSv1);
+ #elif defined(CONFIG_GNUTLS)
+ {
+ /* GnuTLS does not support SSLv2 because it is "insecure".
+@@ -419,7 +419,7 @@ ssl_connect(struct socket *socket)
+ (SSL *) socket->ssl,
+ client_cert);
+ #else
+- SSL_CTX *ctx = ((SSL *) socket->ssl)->ctx;
++ SSL_CTX *ctx = SSL_get_SSL_CTX((SSL *) socket->ssl);
+
+ SSL_CTX_use_certificate_chain_file(ctx, client_cert);
+ SSL_CTX_use_PrivateKey_file(ctx, client_cert,
+--
+2.7.4
+
+
+From ec952cc5b79973bee73fcfc813159d40c22b7228 Mon Sep 17 00:00:00 2001
+From: Tomas Mraz <tmraz@fedoraproject.org>
+Date: Fri, 17 Feb 2017 16:44:11 +0100
+Subject: [PATCH 2/2] drop disablement of TLS1.0 on second attempt to connect
+
+It would not work correctly anyway and the code does not build
+with OpenSSL-1.1.0.
+---
+ src/network/ssl/socket.c | 6 ++++++
+ 1 file changed, 6 insertions(+)
+
+diff --git a/src/network/ssl/socket.c b/src/network/ssl/socket.c
+index 467fc48..b981c1e 100644
+--- a/src/network/ssl/socket.c
++++ b/src/network/ssl/socket.c
+@@ -82,6 +82,11 @@
+ static void
+ ssl_set_no_tls(struct socket *socket)
+ {
++#if 0
++/* This implements the insecure renegotiation, which should not be used.
++ * The code also would not work on current Fedora (>= Fedora 23) anyway,
++ * because it would just switch off TLS 1.0 keeping TLS 1.1 and 1.2 enabled.
++ */
+ #ifdef CONFIG_OPENSSL
+ SSL_set_options((ssl_t *) socket->ssl, SSL_OP_NO_TLSv1);
+ #elif defined(CONFIG_GNUTLS)
+@@ -96,6 +101,7 @@ ssl_set_no_tls(struct socket *socket)
+ gnutls_protocol_set_priority(*(ssl_t *) socket->ssl, protocol_priority);
+ }
+ #endif
++#endif
+ }
+
+ #ifdef USE_OPENSSL
+--
+2.7.4
+
diff --git a/main/elinks/libressl-2.5.patch b/main/elinks/libressl-2.5.patch
deleted file mode 100644
index 6b8c73032b..0000000000
--- a/main/elinks/libressl-2.5.patch
+++ /dev/null
@@ -1,11 +0,0 @@
---- a/src/network/ssl/socket.c.orig 2017-02-08 12:49:43 UTC
-+++ b/src/network/ssl/socket.c
-@@ -67,7 +67,7 @@ static void
- ssl_set_no_tls(struct socket *socket)
- {
- #ifdef CONFIG_OPENSSL
-- ((ssl_t *) socket->ssl)->options |= SSL_OP_NO_TLSv1;
-+ SSL_set_options((ssl_t *) socket->ssl, SSL_OP_NO_TLSv1);
- #elif defined(CONFIG_GNUTLS)
- {
- /* GnuTLS does not support SSLv2 because it is "insecure".