Merge pull request #81303 from arcnmx/elinks-openssl

elinks: build with openssl 1.1
This commit is contained in:
worldofpeace 2020-02-29 00:05:38 +00:00 committed by GitHub
commit e809f3d67e
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 56 additions and 4 deletions

@ -18,7 +18,10 @@ stdenv.mkDerivation {
sha256 = "1nnakbi01g7yd3zqwprchh5yp45br8086b0kbbpmnclabcvlcdiq";
};
patches = [ ./gc-init.patch ];
patches = [
./gc-init.patch
./openssl-1.1.patch
];
buildInputs = [ ncurses xlibsWrapper bzip2 zlib openssl spidermonkey gpm ]
++ stdenv.lib.optional enableGuile guile

@ -0,0 +1,51 @@
diff --git a/src/network/ssl/socket.c b/src/network/ssl/socket.c
index 45b4b4a8..0385a431 100644
--- a/src/network/ssl/socket.c
+++ b/src/network/ssl/socket.c
@@ -67,7 +67,9 @@ static void
ssl_set_no_tls(struct socket *socket)
{
#ifdef CONFIG_OPENSSL
- ((ssl_t *) socket->ssl)->options |= SSL_OP_NO_TLSv1;
+#ifdef SSL_OP_NO_TLSv1
+ SSL_set_options((ssl_t *)socket->ssl, SSL_OP_NO_TLSv1);
+#endif
#elif defined(CONFIG_GNUTLS)
{
/* GnuTLS does not support SSLv2 because it is "insecure".
@@ -145,9 +147,11 @@ ssl_connect(struct socket *socket)
}
if (client_cert) {
- SSL_CTX *ctx = ((SSL *) socket->ssl)->ctx;
+ SSL_CTX *ctx = SSL_get_SSL_CTX((SSL *) socket->ssl);
- SSL_CTX_use_certificate_chain_file(ctx, client_cert);
+ SSL_CTX_use_certificate_chain_file(
+ (SSL *) socket->ssl,
+ client_cert);
SSL_CTX_use_PrivateKey_file(ctx, client_cert,
SSL_FILETYPE_PEM);
}
diff --git a/src/network/ssl/ssl.c b/src/network/ssl/ssl.c
index c008121d..c06a80a7 100644
--- a/src/network/ssl/ssl.c
+++ b/src/network/ssl/ssl.c
@@ -50,11 +50,16 @@ init_openssl(struct module *module)
* cannot initialize the PRNG and so every attempt to use SSL fails.
* It's actually an OpenSSL FAQ, and according to them, it's up to the
* application coders to seed the RNG. -- William Yodlowsky */
- if (RAND_egd(RAND_file_name(f_randfile, sizeof(f_randfile))) < 0) {
+ RAND_file_name(f_randfile, sizeof(f_randfile));
+#ifdef HAVE_RAND_EGD
+ if (RAND_egd(f_randfile) < 0) {
/* Not an EGD, so read and write to it */
+#endif
if (RAND_load_file(f_randfile, -1))
RAND_write_file(f_randfile);
+#ifdef HAVE_RAND_EGD
}
+#endif
SSLeay_add_ssl_algorithms();
context = SSL_CTX_new(SSLv23_client_method());

@ -18861,9 +18861,7 @@ in
elementary-planner = callPackage ../applications/office/elementary-planner { };
elinks = callPackage ../applications/networking/browsers/elinks {
openssl = openssl_1_0_2;
};
elinks = callPackage ../applications/networking/browsers/elinks { };
elvis = callPackage ../applications/editors/elvis { };