From a9463d1b7df6264b901cd57515835087bc793d7e Mon Sep 17 00:00:00 2001 From: Omar Vega Ramos Date: Tue, 2 May 2017 11:58:23 -0500 Subject: netsurf-3.6-3.parabola1: openssl 1.1 rebuild --- libre/netsurf/openssl.patch | 72 +++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 72 insertions(+) create mode 100644 libre/netsurf/openssl.patch (limited to 'libre/netsurf/openssl.patch') diff --git a/libre/netsurf/openssl.patch b/libre/netsurf/openssl.patch new file mode 100644 index 000000000..2d914dd36 --- /dev/null +++ b/libre/netsurf/openssl.patch @@ -0,0 +1,72 @@ +From e8a9e3744523671228fef385ce7e1e11f93283b0 Mon Sep 17 00:00:00 2001 +From: Vincent Sanders +Date: Sun, 20 Nov 2016 12:14:36 +0000 +Subject: fix openSSL 1.1.0 X509 certificate handling + +--- +diff --git a/content/fetchers/curl.c b/content/fetchers/curl.c +index 66970ef..7ddf512 100644 +--- a/content/fetchers/curl.c ++++ b/content/fetchers/curl.c +@@ -128,6 +128,26 @@ static char fetch_error_buffer[CURL_ERROR_SIZE]; + static char fetch_proxy_userpwd[100]; + + ++/* OpenSSL 1.0.x to 1.1.0 certificate reference counting changed */ ++#if (OPENSSL_VERSION_NUMBER < 0x1010000fL) ++static int ns_X509_up_ref(X509 *cert) ++{ ++ cert->references++; ++ return 1; ++} ++ ++static void ns_X509_free(X509 *cert) ++{ ++ cert->references--; ++ if (cert->references == 0) { ++ X509_free(cert); ++ } ++} ++#else ++#define ns_X509_up_ref X509_up_ref ++#define ns_X509_free X509_free ++#endif ++ + /** + * Initialise a cURL fetcher. + */ +@@ -438,7 +458,7 @@ fetch_curl_verify_callback(int verify_ok, X509_STORE_CTX *x509_ctx) + */ + if (!fetch->cert_data[depth].cert) { + fetch->cert_data[depth].cert = X509_STORE_CTX_get_current_cert(x509_ctx); +- fetch->cert_data[depth].cert->references++; ++ ns_X509_up_ref(fetch->cert_data[depth].cert); + fetch->cert_data[depth].err = X509_STORE_CTX_get_error(x509_ctx); + } + +@@ -815,10 +835,7 @@ static void fetch_curl_free(void *vf) + } + + for (i = 0; i < MAX_CERTS && f->cert_data[i].cert; i++) { +- f->cert_data[i].cert->references--; +- if (f->cert_data[i].cert->references == 0) { +- X509_free(f->cert_data[i].cert); +- } ++ ns_X509_free(f->cert_data[i].cert); + } + + free(f); +@@ -986,10 +1003,7 @@ curl_start_cert_validate(struct curl_fetch_info *f, + X509_get_pubkey(certs[depth].cert)); + + /* and clean up */ +- certs[depth].cert->references--; +- if (certs[depth].cert->references == 0) { +- X509_free(certs[depth].cert); +- } ++ ns_X509_free(certs[depth].cert); + } + + msg.type = FETCH_CERT_ERR; +-- +cgit v0.9.0.3-65-g4555 -- cgit v1.2.3