Attachment #197860 for bug #228943

View | Details | Raw Unified | Return to bug 228943
Collapse All | Expand All

Lines 20-30 Link Here

(-)www/libwww/Makefile (-2 / +2 lines)
20		20
21	LIB_DEPENDS= libexpat.so:textproc/expat2	21	LIB_DEPENDS= libexpat.so:textproc/expat2
22		22
23	USES= gmake libtool localbase perl5 ssl tar:tgz	23	USES= autoreconf gmake libtool localbase perl5 pkgconfig ssl tar:tgz
24	USE_PERL5= build	24	USE_PERL5= build
25	USE_LDCONFIG= yes	25	USE_LDCONFIG= yes
26	GNU_CONFIGURE= yes	26	GNU_CONFIGURE= yes
27	CONFIGURE_ARGS= --enable-shared --with-zlib --with-ssl=${OPENSSLBASE}	27	CONFIGURE_ARGS= --enable-shared --with-zlib
28		28
29	post-install:	29	post-install:
30	${STRIP_CMD} ${STAGEDIR}${PREFIX}/lib/*.so	30	${STRIP_CMD} ${STAGEDIR}${PREFIX}/lib/*.so




--- Library/src/SSL/HTSSL.c.orig	2018-10-07 06:52:26 UTC
+++ Library/src/SSL/HTSSL.c
@@ -98,6 +98,7 @@ PRIVATE void apps_ssl_info_callback (SSL * s, int wher
 PRIVATE int verify_callback (int ok, X509_STORE_CTX * ctx)
 {
     char buf[256];
+    int ctx_error;
     X509 * err_cert = X509_STORE_CTX_get_current_cert(ctx);
     int err = X509_STORE_CTX_get_error(ctx);
     int depth = X509_STORE_CTX_get_error_depth(ctx);
@@ -115,24 +116,28 @@ PRIVATE int verify_callback (int ok, X509_STORE_CTX * 
 	    verify_error=X509_V_ERR_CERT_CHAIN_TOO_LONG;
 	}
     }
-    switch (ctx->error) {
+    switch (ctx_error = X509_STORE_CTX_get_error(ctx)) {
 
     case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT:
+#if OPENSSL_VERSION_NUMBER >= 0x10100000
+	X509_NAME_oneline(X509_get_issuer_name(X509_STORE_CTX_get0_cert(ctx)), buf, 256);
+#else
 	X509_NAME_oneline(X509_get_issuer_name(ctx->current_cert), buf, 256);
+#endif
 	HTTRACE(PROT_TRACE, "issuer= %s\n" _ buf);
 	break;
 
     case X509_V_ERR_CERT_NOT_YET_VALID:
     case X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD:
 	HTTRACE(PROT_TRACE, "notBefore=");
-//	ASN1_TIME_print(bio_err,X509_get_notBefore(ctx->current_cert));
+//	ASN1_TIME_print(bio_err,X509_get_notBefore(X509_STORE_CTX_get0_cert(ctx)));
 	HTTRACE(PROT_TRACE, "\n");
 	break;
 
     case X509_V_ERR_CERT_HAS_EXPIRED:
     case X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD:
 	HTTRACE(PROT_TRACE, "notAfter=");
-//	ASN1_TIME_print(bio_err,X509_get_notAfter(ctx->current_cert));
+//	ASN1_TIME_print(bio_err,X509_get_notAfter(X509_STORE_CTX_get0_cert(ctx)));
 	HTTRACE(PROT_TRACE, "\n");
 	break;
     }
@@ -214,12 +219,6 @@ PUBLIC BOOL HTSSL_init (void)
 
 	/* select the protocol method */
 	switch (ssl_prot_method) {
-	case HTSSL_V2:
-	  meth = SSLv2_client_method();
-	  break;
-	case HTSSL_V3:
-	  meth = SSLv3_client_method();
-	  break;
 	case HTSSL_V3:
 	  meth = SSLv3_client_method();
 	  break;
+#endif
 	case HTSSL_V23:
 	  meth = SSLv23_client_method();
 	  break;




--- configure.orig	2018-07-04 23:24:12 UTC
+++ configure
@@ -16416,8 +16416,11 @@ $as_echo "no" >&6; }
     if test "x$withval" = "xyes"; then
       withval=$ssllib
       SSLINC=$sslinc
+      LIBS="$LIBS $withval"
+    else
+      SSLINC="-I$withval/include/openssl"
+      LIBS="$LIBS -L$withval/lib -lssl -lcrypto"
     fi
-    LIBS="$LIBS $withval"
     cat confdefs.h - <<_ACEOF >conftest.$ac_ext
 /* end confdefs.h.  */
 




--- configure.ac.orig	2018-10-07 03:44:56 UTC
+++ configure.ac
@@ -710,63 +710,33 @@ AC_ARG_WITH(extension,
 )
 AC_SUBST(MYEXT)
 
+PKG_CHECK_MODULES([OPENSSL], [openssl], [
+   CFLAGS="$CFLAGS $OPENSSL_CFLAGS"
+   LIBS="$LIBS $OPENSSL_LIBS"
+], [AC_CHECK_LIB([ssl], [SSL_library_init], [
+    	LIBS="$LIBS -lssl -lcrypto"
+   	CFLAGS="$CFLAGS $OPENSSL_CFLAGS"
+	], [
+		AC_CHECK_LIB([ssl], [SSL_library_init_ssl], [
+	    		LIBS="$LIBS -lssl -lcrypto"
+   			CFLAGS="$CFLAGS $OPENSSL_CFLAGS"
 
+		   	], [
+		   	AC_MSG_ERROR([The OpenSSL library was not found])
+			])
+		])
+])
 
-dnl Checks for libwww and OpenSSL:
-AC_MSG_CHECKING(whether we can find OpenSSL)
-dnl find the ssl library dir (empirical)
-if test -d '/usr/local/ssl/lib'; then
-  ssllib="-L/usr/local/ssl/lib -lssl -lcrypto"
-else
-  ssllib="-L/usr/lib -lssl -lcrypto"
-fi
-dnl find the ssl include dir (empirical)
-if test -d '/usr/local/ssl/include'; then
-  sslinc="-I/usr/local/ssl/include"
-elif test -d '/usr/local/openssl/include'; then
-  sslinc="-I/usr/local/openssl/include"
-elif test -d '/usr/local/include/openssl'; then
-  sslinc="-I/usr/local/include/openssl"
-elif test -d '/usr/include/ssl'; then
-  sslinc="-I/usr/include/ssl"
-elif test -d '/usr/include/openssl'; then
-  sslinc="-I/usr/include/openssl"
-else
-  sslinc=""
-fi
-WWWSSL=""
-SSLINC=""
-LIBSSL=""
-LWWWSSL=""
-LIBWWWSSL=""
-WWWSSLEX=""
-AC_ARG_WITH(ssl,
-[  --with-ssl[=PATH]       Link with OpenSSL.],
-[ case "$withval" in
-  no)
-    AC_MSG_RESULT(no)
-    ;;
-  *)
-    if test "x$withval" = "xyes"; then
-      withval=$ssllib
-      SSLINC=$sslinc
-    fi
-    LIBS="$LIBS $withval"
-    AC_LINK_IFELSE([AC_LANG_PROGRAM([[]], [[ SSL_library_init(); ]])],[],[ AC_MSG_ERROR(Could not find the $withval libraries.  You must first install openSSL.) ])
-    AC_MSG_RESULT(yes)
-    WWWSSL="libwwwssl.la"
-    LWWWSSL="-lwwwssl" 
-    LIBWWWSSL='${top_builddir}/Library/src/SSL/libwwwssl.la'
-    WWWSSLEX='wwwssl$(EXEEXT)'
-    AC_DEFINE(HT_SSL, 1, [Define to enable ssl transport.])
-    ;;
-  esac ],
-[ AC_MSG_RESULT(no) ])
-AC_SUBST(WWWSSL)
-AC_SUBST(SSLINC)
-AC_SUBST(LWWWSSL)
-AC_SUBST(LIBWWWSSL)
-AC_SUBST(WWWSSLEX)
+  WWWSSL="libwwwssl.la"
+  LWWWSSL="-lwwwssl" 
+  LIBWWWSSL='${top_builddir}/Library/src/SSL/libwwwssl.la'
+  WWWSSLEX='wwwssl$(EXEEXT)'
+  AC_DEFINE(HT_SSL, 1, [Define to enable ssl transport.])
+  AC_SUBST(WWWSSL)
+  AC_SUBST(SSLINC)
+  AC_SUBST(LWWWSSL)
+  AC_SUBST(LIBWWWSSL)
+  AC_SUBST(WWWSSLEX)
 
 AC_MSG_CHECKING(whether to use internal signal handlers)
 AC_ARG_ENABLE(signals, [  --enable-signals        use internal libwww signal handler.],

Return to bug 228943

Lines 1-19 Link Here

(-)www/libwww/files/patch-Library_src_SSL_HTSSL.c (-12 / +48 lines)
1	--- Library/src/SSL/HTSSL.c.orig 2018-07-04 23:30:19 UTC	1	--- Library/src/SSL/HTSSL.c.orig 2018-10-07 06:52:26 UTC
2	+++ Library/src/SSL/HTSSL.c	2	+++ Library/src/SSL/HTSSL.c
3	@@ -214,12 +214,16 @@ PUBLIC BOOL HTSSL_init (void)	3	@@ -98,6 +98,7 @@ PRIVATE void apps_ssl_info_callback (SSL * s, int wher
		4	PRIVATE int verify_callback (int ok, X509_STORE_CTX * ctx)
		5	{
		6	char buf[256];
		7	+ int ctx_error;
		8	X509 * err_cert = X509_STORE_CTX_get_current_cert(ctx);
		9	int err = X509_STORE_CTX_get_error(ctx);
		10	int depth = X509_STORE_CTX_get_error_depth(ctx);
		11	@@ -115,24 +116,28 @@ PRIVATE int verify_callback (int ok, X509_STORE_CTX *
		12	verify_error=X509_V_ERR_CERT_CHAIN_TOO_LONG;
		13	}
		14	}
		15	- switch (ctx->error) {
		16	+ switch (ctx_error = X509_STORE_CTX_get_error(ctx)) {
4		17
		18	case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT:
		19	+#if OPENSSL_VERSION_NUMBER >= 0x10100000
		20	+ X509_NAME_oneline(X509_get_issuer_name(X509_STORE_CTX_get0_cert(ctx)), buf, 256);
		21	+#else
		22	X509_NAME_oneline(X509_get_issuer_name(ctx->current_cert), buf, 256);
		23	+#endif
		24	HTTRACE(PROT_TRACE, "issuer= %s\n" _ buf);
		25	break;
		26
		27	case X509_V_ERR_CERT_NOT_YET_VALID:
		28	case X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD:
		29	HTTRACE(PROT_TRACE, "notBefore=");
		30	-// ASN1_TIME_print(bio_err,X509_get_notBefore(ctx->current_cert));
		31	+// ASN1_TIME_print(bio_err,X509_get_notBefore(X509_STORE_CTX_get0_cert(ctx)));
		32	HTTRACE(PROT_TRACE, "\n");
		33	break;
		34
		35	case X509_V_ERR_CERT_HAS_EXPIRED:
		36	case X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD:
		37	HTTRACE(PROT_TRACE, "notAfter=");
		38	-// ASN1_TIME_print(bio_err,X509_get_notAfter(ctx->current_cert));
		39	+// ASN1_TIME_print(bio_err,X509_get_notAfter(X509_STORE_CTX_get0_cert(ctx)));
		40	HTTRACE(PROT_TRACE, "\n");
		41	break;
		42	}
		43	@@ -214,12 +219,6 @@ PUBLIC BOOL HTSSL_init (void)
		44
5	/* select the protocol method */	45	/* select the protocol method */
6	switch (ssl_prot_method) {	46	switch (ssl_prot_method) {
7	+#ifndef OPENSSL_NO_SSL2	47	- case HTSSL_V2:
8	case HTSSL_V2:	48	- meth = SSLv2_client_method();
9	meth = SSLv2_client_method();	49	- break;
10	break;	50	- case HTSSL_V3:
11	+#endif	51	- meth = SSLv3_client_method();
12	+#ifndef OPENSSL_NO_SSL3_METHOD	52	- break;
13	case HTSSL_V3:
14	meth = SSLv3_client_method();
15	break;
16	+#endif
17	case HTSSL_V23:	53	case HTSSL_V23:
18	meth = SSLv23_client_method();	54	meth = SSLv23_client_method();
19	break;	55	break;

Lines 1-15 Link Here

(-)www/libwww/files/patch-configure (-15 lines)
1	--- configure.orig 2018-07-04 23:24:12 UTC
2	+++ configure
3	@@ -16416,8 +16416,11 @@ $as_echo "no" >&6; }
4	if test "x$withval" = "xyes"; then
5	withval=$ssllib
6	SSLINC=$sslinc
7	+ LIBS="$LIBS $withval"
8	+ else
9	+ SSLINC="-I$withval/include/openssl"
10	+ LIBS="$LIBS -L$withval/lib -lssl -lcrypto"
11	fi
12	- LIBS="$LIBS $withval"
13	cat confdefs.h - <<_ACEOF >conftest.$ac_ext
14	/* end confdefs.h. */
15

Line 0 Link Here

(-)www/libwww/files/patch-configure.ac (+91 lines)
		1	--- configure.ac.orig 2018-10-07 03:44:56 UTC
		2	+++ configure.ac
		3	@@ -710,63 +710,33 @@ AC_ARG_WITH(extension,
		4	)
		5	AC_SUBST(MYEXT)
		6
		7	+PKG_CHECK_MODULES([OPENSSL], [openssl], [
		8	+ CFLAGS="$CFLAGS $OPENSSL_CFLAGS"
		9	+ LIBS="$LIBS $OPENSSL_LIBS"
		10	+], [AC_CHECK_LIB([ssl], [SSL_library_init], [
		11	+ LIBS="$LIBS -lssl -lcrypto"
		12	+ CFLAGS="$CFLAGS $OPENSSL_CFLAGS"
		13	+ ], [
		14	+ AC_CHECK_LIB([ssl], [SSL_library_init_ssl], [
		15	+ LIBS="$LIBS -lssl -lcrypto"
		16	+ CFLAGS="$CFLAGS $OPENSSL_CFLAGS"
		17
		18	+ ], [
		19	+ AC_MSG_ERROR([The OpenSSL library was not found])
		20	+ ])
		21	+ ])
		22	+])
		23
		24	-dnl Checks for libwww and OpenSSL:
		25	-AC_MSG_CHECKING(whether we can find OpenSSL)
		26	-dnl find the ssl library dir (empirical)
		27	-if test -d '/usr/local/ssl/lib'; then
		28	- ssllib="-L/usr/local/ssl/lib -lssl -lcrypto"
		29	-else
		30	- ssllib="-L/usr/lib -lssl -lcrypto"
		31	-fi
		32	-dnl find the ssl include dir (empirical)
		33	-if test -d '/usr/local/ssl/include'; then
		34	- sslinc="-I/usr/local/ssl/include"
		35	-elif test -d '/usr/local/openssl/include'; then
		36	- sslinc="-I/usr/local/openssl/include"
		37	-elif test -d '/usr/local/include/openssl'; then
		38	- sslinc="-I/usr/local/include/openssl"
		39	-elif test -d '/usr/include/ssl'; then
		40	- sslinc="-I/usr/include/ssl"
		41	-elif test -d '/usr/include/openssl'; then
		42	- sslinc="-I/usr/include/openssl"
		43	-else
		44	- sslinc=""
		45	-fi
		46	-WWWSSL=""
		47	-SSLINC=""
		48	-LIBSSL=""
		49	-LWWWSSL=""
		50	-LIBWWWSSL=""
		51	-WWWSSLEX=""
		52	-AC_ARG_WITH(ssl,
		53	-[ --with-ssl[=PATH] Link with OpenSSL.],
		54	-[ case "$withval" in
		55	- no)
		56	- AC_MSG_RESULT(no)
		57	- ;;
		58	- *)
		59	- if test "x$withval" = "xyes"; then
		60	- withval=$ssllib
		61	- SSLINC=$sslinc
		62	- fi
		63	- LIBS="$LIBS $withval"
		64	- AC_LINK_IFELSE([AC_LANG_PROGRAM([[]], [[ SSL_library_init(); ]])],[],[ AC_MSG_ERROR(Could not find the $withval libraries. You must first install openSSL.) ])
65	- AC_MSG_RESULT(yes)
66	- WWWSSL="libwwwssl.la"
67	- LWWWSSL="-lwwwssl"
68	- LIBWWWSSL='${top_builddir}/Library/src/SSL/libwwwssl.la'
69	- WWWSSLEX='wwwssl$(EXEEXT)'
70	- AC_DEFINE(HT_SSL, 1, [Define to enable ssl transport.])
71	- ;;
72	- esac ],
73	-[ AC_MSG_RESULT(no) ])
74	-AC_SUBST(WWWSSL)
75	-AC_SUBST(SSLINC)
76	-AC_SUBST(LWWWSSL)
77	-AC_SUBST(LIBWWWSSL)
78	-AC_SUBST(WWWSSLEX)
79	+ WWWSSL="libwwwssl.la"
80	+ LWWWSSL="-lwwwssl"
81	+ LIBWWWSSL='${top_builddir}/Library/src/SSL/libwwwssl.la'
82	+ WWWSSLEX='wwwssl$(EXEEXT)'
83	+ AC_DEFINE(HT_SSL, 1, [Define to enable ssl transport.])
84	+ AC_SUBST(WWWSSL)
85	+ AC_SUBST(SSLINC)
86	+ AC_SUBST(LWWWSSL)
87	+ AC_SUBST(LIBWWWSSL)
88	+ AC_SUBST(WWWSSLEX)
89
90	AC_MSG_CHECKING(whether to use internal signal handlers)
91	AC_ARG_ENABLE(signals, [ --enable-signals use internal libwww signal handler.],