Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
aports
Project
Project
Details
Activity
Releases
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
815
Issues
815
List
Boards
Labels
Milestones
Merge Requests
45
Merge Requests
45
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
alpine
aports
Commits
4fe5858e
Commit
4fe5858e
authored
Oct 30, 2018
by
Natanael Copa
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
main/elinks: rebuild against openssl 1.1
parent
74d1420c
Changes
3
Hide whitespace changes
Inline
Side-by-side
Showing
3 changed files
with
82 additions
and
26 deletions
+82
-26
APKBUILD
main/elinks/APKBUILD
+9
-15
elinks-0.12pre6-openssl11.patch
main/elinks/elinks-0.12pre6-openssl11.patch
+73
-0
libressl-2.5.patch
main/elinks/libressl-2.5.patch
+0
-11
No files found.
main/elinks/APKBUILD
View file @
4fe5858e
...
...
@@ -3,31 +3,26 @@
pkgname
=
elinks
pkgver
=
0.13
_ver
=
${
pkgver
/_/
}
pkgrel
=
5
pkgrel
=
6
pkgdesc
=
"a text mode web browser"
url
=
"http://elinks.or.cz/"
arch
=
"all"
license
=
"GPL"
depends
=
makedepends
=
"bzip2-dev zlib-dev
libre
ssl-dev expat-dev gettext-dev"
makedepends
=
"bzip2-dev zlib-dev
open
ssl-dev expat-dev gettext-dev"
install
=
subpackages
=
"
$pkgname
-doc
$pkgname
-lang"
source
=
"https://dev.alpinelinux.org/archive/elinks/elinks-
$pkgver
.tar.bz2
musl-va_copy.patch
ssl-Make-RAND_egd-optional.patch
libressl-2.5
.patch
elinks-0.12pre6-openssl11
.patch
"
builddir
=
"
$srcdir
"
/elinks-0.13-20150624
prepare
()
{
cd
"
$builddir
"
for
i
in
$source
;
do
case
$i
in
*
.patch
)
msg
$i
;
patch
-p1
-i
"
$srcdir
"
/
$i
||
return
1
;;
esac
done
update_config_sub
||
return
1
default_prepare
update_config_sub
}
build
()
{
...
...
@@ -39,14 +34,13 @@ build() {
--sysconfdir
=
/etc
\
--mandir
=
/usr/share/man
\
--infodir
=
/usr/share/info
\
--without-included-gettext
\
||
return
1
make
||
return
1
--without-included-gettext
make
}
package
()
{
cd
"
$builddir
"
make
DESTDIR
=
"
$pkgdir
"
install
||
return
1
make
DESTDIR
=
"
$pkgdir
"
install
rm
-rf
"
$pkgdir
"
/usr/lib/charset.alias
rmdir
-p
"
$pkgdir
"
/usr/lib 2>/dev/null
||
true
#fix conflict with gettext
...
...
@@ -56,4 +50,4 @@ package() {
sha512sums
=
"9dd7fb674ab914fccaf64b889f6fe3431f95abe1ae76f1df6155fbc89623ec921a4de5f30e896e94c77161c4b4638a29ec19b8e1fe4cbdebdc4666be024f8ed9 elinks-0.13.tar.bz2
56378b4744783e8a07c5e92f3f75cdb7edf7b26881eb033789d71612c3971b3a3c5ada5f02ec422391242cbceb64ff31a2be68298608ed6448c37056d6dedf40 musl-va_copy.patch
df3254ff429540cca66849e03cd6245bd3e82897225ba3bfea9a41ab222c0041e60c61784a9fd6f819b360b6168b6375a5455a97786ab656b24a8e1b4b96bda3 ssl-Make-RAND_egd-optional.patch
6aa70bb8ddf1fb57b2e52ccc9b75d08731e8423f60f60aba31fcba879fbf3758208b0079b9204e2351380483c991ea39bddcc7f426d89fe18971390a01cae79d libressl-2.5
.patch"
85e7a4e560a87ba641a04e3fce918cd0a2b52bd13b162f15950e4bb7d19a511f984d0891e3df1784cc8bb77a53f6c7ed6ffe56d7707d6b32a6676e21725893b9 elinks-0.12pre6-openssl11
.patch"
main/elinks/elinks-0.12pre6-openssl11.patch
0 → 100644
View file @
4fe5858e
From d83c0edf4c6ae42359ff856d7a879ecba5769595 Mon Sep 17 00:00:00 2001
From: Kamil Dudka <kdudka@redhat.com>
Date: Fri, 17 Feb 2017 16:51:41 +0100
Subject: [PATCH 1/2] fix compatibility with OpenSSL 1.1
---
src/network/ssl/socket.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/network/ssl/socket.c b/src/network/ssl/socket.c
index c9e2be4..467fc48 100644
--- a/src/network/ssl/socket.c
+++ b/src/network/ssl/socket.c
@@ -83,7 +83,7 @@
static void
ssl_set_no_tls(struct socket *socket)
{
#ifdef CONFIG_OPENSSL
- ((ssl_t *) socket->ssl)->options |= SSL_OP_NO_TLSv1;
+ SSL_set_options((ssl_t *) socket->ssl, SSL_OP_NO_TLSv1);
#elif defined(CONFIG_GNUTLS)
{
/* GnuTLS does not support SSLv2 because it is "insecure".
@@ -419,7 +419,7 @@
ssl_connect(struct socket *socket)
(SSL *) socket->ssl,
client_cert);
#else
- SSL_CTX *ctx = ((SSL *) socket->ssl)->ctx;
+ SSL_CTX *ctx = SSL_get_SSL_CTX((SSL *) socket->ssl);
SSL_CTX_use_certificate_chain_file(ctx, client_cert);
SSL_CTX_use_PrivateKey_file(ctx, client_cert,
--
2.7.4
From ec952cc5b79973bee73fcfc813159d40c22b7228 Mon Sep 17 00:00:00 2001
From: Tomas Mraz <tmraz@fedoraproject.org>
Date: Fri, 17 Feb 2017 16:44:11 +0100
Subject: [PATCH 2/2] drop disablement of TLS1.0 on second attempt to connect
It would not work correctly anyway and the code does not build
with OpenSSL-1.1.0.
---
src/network/ssl/socket.c | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/src/network/ssl/socket.c b/src/network/ssl/socket.c
index 467fc48..b981c1e 100644
--- a/src/network/ssl/socket.c
+++ b/src/network/ssl/socket.c
@@ -82,6 +82,11 @@
static void
ssl_set_no_tls(struct socket *socket)
{
+#if 0
+/* This implements the insecure renegotiation, which should not be used.
+ * The code also would not work on current Fedora (>= Fedora 23) anyway,
+ * because it would just switch off TLS 1.0 keeping TLS 1.1 and 1.2 enabled.
+ */
#ifdef CONFIG_OPENSSL
SSL_set_options((ssl_t *) socket->ssl, SSL_OP_NO_TLSv1);
#elif defined(CONFIG_GNUTLS)
@@ -96,6 +101,7 @@
ssl_set_no_tls(struct socket *socket)
gnutls_protocol_set_priority(*(ssl_t *) socket->ssl, protocol_priority);
}
#endif
+#endif
}
#ifdef USE_OPENSSL
--
2.7.4
main/elinks/libressl-2.5.patch
deleted
100644 → 0
View file @
74d1420c
--- a/src/network/ssl/socket.c.orig 2017-02-08 12:49:43 UTC
+++ b/src/network/ssl/socket.c
@@ -67,7 +67,7 @@
static void
ssl_set_no_tls(struct socket *socket)
{
#ifdef CONFIG_OPENSSL
- ((ssl_t *) socket->ssl)->options |= SSL_OP_NO_TLSv1;
+ SSL_set_options((ssl_t *) socket->ssl, SSL_OP_NO_TLSv1);
#elif defined(CONFIG_GNUTLS)
{
/* GnuTLS does not support SSLv2 because it is "insecure".
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment