diff options
| author | Omar Vega Ramos <ovruni@gnu.org.pe> | 2017-05-02 11:58:23 -0500 |
|---|---|---|
| committer | Omar Vega Ramos <ovruni@gnu.org.pe> | 2017-05-02 11:58:23 -0500 |
| commit | a9463d1b7df6264b901cd57515835087bc793d7e (patch) | |
| tree | 99ed6dbca121c75329f41e9be2450ca5a39f5d1b /libre/netsurf | |
| parent | 98c3c33b74991e34b74787c79f1f6b33b851c98c (diff) | |
netsurf-3.6-3.parabola1: openssl 1.1 rebuild
Diffstat (limited to 'libre/netsurf')
| -rw-r--r-- | libre/netsurf/PKGBUILD | 23 | ||||
| -rw-r--r-- | libre/netsurf/openssl.patch | 72 |
2 files changed, 84 insertions, 11 deletions
diff --git a/libre/netsurf/PKGBUILD b/libre/netsurf/PKGBUILD index b96cfc417..ead80412d 100644 --- a/libre/netsurf/PKGBUILD +++ b/libre/netsurf/PKGBUILD @@ -7,7 +7,7 @@ pkgname=netsurf pkgver=3.6 -pkgrel=1.parabola1 +pkgrel=3.parabola1 pkgdesc='Lightweight and fast web browser, without non-privacy search engines' arch=('x86_64' 'i686' 'armv7h') url='http://www.netsurf-browser.org/' @@ -21,23 +21,28 @@ depends=('libmng' 'librsvg' 'curl' 'lcms' 'desktop-file-utils' makedepends=('re2c' 'netsurf-buildsystem' 'perl-html-parser' 'nsgenbind>=0.3' 'inetutils' 'libutf8proc>1.3.1' 'git' 'setconf' 'check' 'gtk3' 'duktape') -source=("git://git.netsurf-browser.org/netsurf.git#tag=release/$pkgver" - netsurf.sh - remove_nonprivacy_options.patch) +# git.netsurf-browser.org has an invalid https certificate +source=("git://git.netsurf-browser.org/netsurf.git#commit=c56ecfd924b16d15bf74385c4d556a6b7002e8a6" + 'openssl.patch' + 'netsurf.sh' + 'remove_nonprivacy_options.patch') sha256sums=('SKIP' + '0601ca86e59a40aa6feaaab9db0e79c4952b018c724f7255279d902a79d090d9' 'f2e2f61f1864da57cafa74ffdbefac2f9e1d55d9627e82ef923d4931684c5c49' '61bec340c47a089b1b5c33d3ae330a340999a1e40be7fc8768fa572c6ca3b617') prepare() { cd "$pkgname" + patch -p1 -i "$srcdir/openssl.patch" sed 's:netsurf-gtk:netsurf:' -i frontends/gtk/res/netsurf-gtk.desktop sed 's:libutf8proc/::' -i utils/idna.c sed 's:UTF8PROC_CCC_VIRAMA:UTF8PROC_BIDI_CLASS_EN:' -i utils/idna.c sed 's:utf8proc_normalise:utf8proc_reencode:' -i utils/idna.c - setconf Makefile.defaults NETSURF_UA_FORMAT_STRING '"NetSurf/%d.%d (%s; Parabola GNU/Linux-libre)"' setconf Makefile.defaults NETSURF_USE_DUKTAPE YES + setconf Makefile.defaults NETSURF_UA_FORMAT_STRING \ + '"NetSurf/%d.%d (%s; Parabola GNU/Linux-libre)"' # remove non-privacy search engines sed -i '\|Google|d @@ -119,10 +124,10 @@ package() { make install LIBDIR=lib INCLUDEDIR=include PREFIX=/usr TARGET=gtk \ NETSURF_GTK_MAJOR=3 DESTDIR="$pkgdir" - # Script + # Launcher script install -Dm755 "../$pkgname.sh" "$pkgdir/usr/bin/$pkgname" - # Desktop shortcut + # Desktop icon and shortcut install -Dm644 "frontends/gtk/res/$pkgname.xpm" \ "$pkgdir/usr/share/pixmaps/$pkgname.xpm" install -Dm644 "frontends/gtk/res/$pkgname-gtk.desktop" \ @@ -131,10 +136,6 @@ package() { # License install -Dm644 COPYING \ "$pkgdir/usr/share/licenses/$pkgname/COPYING" - - # Fix path - #mv "$pkgdir/usr/share/netsurf/:./gtk/res/"* "$pkgdir/usr/share/netsurf/" - #rmdir "$pkgdir/usr/share/netsurf/"{:./gtk/res,:./gtk,:.} } # vim:set ts=2 sw=2 et: diff --git a/libre/netsurf/openssl.patch b/libre/netsurf/openssl.patch new file mode 100644 index 000000000..2d914dd36 --- /dev/null +++ b/libre/netsurf/openssl.patch @@ -0,0 +1,72 @@ +From e8a9e3744523671228fef385ce7e1e11f93283b0 Mon Sep 17 00:00:00 2001 +From: Vincent Sanders <vince@kyllikki.org> +Date: Sun, 20 Nov 2016 12:14:36 +0000 +Subject: fix openSSL 1.1.0 X509 certificate handling + +--- +diff --git a/content/fetchers/curl.c b/content/fetchers/curl.c +index 66970ef..7ddf512 100644 +--- a/content/fetchers/curl.c ++++ b/content/fetchers/curl.c +@@ -128,6 +128,26 @@ static char fetch_error_buffer[CURL_ERROR_SIZE]; + static char fetch_proxy_userpwd[100]; + + ++/* OpenSSL 1.0.x to 1.1.0 certificate reference counting changed */ ++#if (OPENSSL_VERSION_NUMBER < 0x1010000fL) ++static int ns_X509_up_ref(X509 *cert) ++{ ++ cert->references++; ++ return 1; ++} ++ ++static void ns_X509_free(X509 *cert) ++{ ++ cert->references--; ++ if (cert->references == 0) { ++ X509_free(cert); ++ } ++} ++#else ++#define ns_X509_up_ref X509_up_ref ++#define ns_X509_free X509_free ++#endif ++ + /** + * Initialise a cURL fetcher. + */ +@@ -438,7 +458,7 @@ fetch_curl_verify_callback(int verify_ok, X509_STORE_CTX *x509_ctx) + */ + if (!fetch->cert_data[depth].cert) { + fetch->cert_data[depth].cert = X509_STORE_CTX_get_current_cert(x509_ctx); +- fetch->cert_data[depth].cert->references++; ++ ns_X509_up_ref(fetch->cert_data[depth].cert); + fetch->cert_data[depth].err = X509_STORE_CTX_get_error(x509_ctx); + } + +@@ -815,10 +835,7 @@ static void fetch_curl_free(void *vf) + } + + for (i = 0; i < MAX_CERTS && f->cert_data[i].cert; i++) { +- f->cert_data[i].cert->references--; +- if (f->cert_data[i].cert->references == 0) { +- X509_free(f->cert_data[i].cert); +- } ++ ns_X509_free(f->cert_data[i].cert); + } + + free(f); +@@ -986,10 +1003,7 @@ curl_start_cert_validate(struct curl_fetch_info *f, + X509_get_pubkey(certs[depth].cert)); + + /* and clean up */ +- certs[depth].cert->references--; +- if (certs[depth].cert->references == 0) { +- X509_free(certs[depth].cert); +- } ++ ns_X509_free(certs[depth].cert); + } + + msg.type = FETCH_CERT_ERR; +-- +cgit v0.9.0.3-65-g4555 |