community/dillo web browser v3.0.5 fails to open some websites - source patch included

summary

The alpine dillo web browser package https://git.alpinelinux.org/aports/tree/community/dillo/openssl-1.1.patch is a bad patch for the https/openssl code. Some websites fail to load. Note: This is not a problem of not having HTTPS enabled. HTTPS is enabled.

I include a replacement patch file for openssl-1.1.patch, the new openssl-1.1.patch

details

I expect these sites to render, but they do not (there are many others, this is just a sample for testing)

• https://www.bellingcat.com
• https://planet-if.com

The current package fails to render them. My patched version renders them correctly.

bad string accessor

The current package openssl patch https://git.alpinelinux.org/aports/tree/community/dillo/openssl-1.1.patch contains a bug and is missing some code.

The function X509_get_subject_name() does not return a string but it is used with strstr(). Compiler issues a warning but it is ignored. My patch fixes this.

strstr(X509_get_subject_name(remote_cert), "/CN="))

missing TLS hostname setting

However, the major fix is calling

SSL_set_tlsext_host_name(ssl_connection, root_url)

which is missing in the current patch and is the cause of the failure to render the sites above (and others).

I have built dillo locally and tested it using this patch (platform: alpine 3.16.2). It works for a selection of websites on which the current alpine package fails.