[arch-commits] Commit in netsurf/trunk (PKGBUILD openssl.patch)
Alexander Rødseth
arodseth at archlinux.org
Tue Mar 14 10:43:44 UTC 2017
Date: Tuesday, March 14, 2017 @ 10:43:44
Author: arodseth
Revision: 216216
upgpkg: netsurf 3.6-2
Added:
netsurf/trunk/openssl.patch
Modified:
netsurf/trunk/PKGBUILD
---------------+
PKGBUILD | 20 +++++++--------
openssl.patch | 72 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++
2 files changed, 82 insertions(+), 10 deletions(-)
Modified: PKGBUILD
===================================================================
--- PKGBUILD 2017-03-14 10:27:51 UTC (rev 216215)
+++ PKGBUILD 2017-03-14 10:43:44 UTC (rev 216216)
@@ -6,7 +6,7 @@
pkgname=netsurf
pkgver=3.6
-pkgrel=1
+pkgrel=2
pkgdesc='Lightweight and fast web browser'
arch=('x86_64' 'i686')
url='http://www.netsurf-browser.org/'
@@ -18,21 +18,25 @@
makedepends=('re2c' 'netsurf-buildsystem' 'perl-html-parser' 'nsgenbind>=0.3'
'inetutils' 'libutf8proc>1.3.1' 'git' 'setconf' 'check' 'gtk3'
'duktape')
+# git.netsurf-browser.org has an invalid https sertificate
source=("git://git.netsurf-browser.org/netsurf.git#tag=release/$pkgver"
- netsurf.sh)
+ 'openssl.patch'
+ 'netsurf.sh')
sha256sums=('SKIP'
+ '0601ca86e59a40aa6feaaab9db0e79c4952b018c724f7255279d902a79d090d9'
'f2e2f61f1864da57cafa74ffdbefac2f9e1d55d9627e82ef923d4931684c5c49')
prepare() {
cd "$pkgname"
+ patch -p1 -i "$srcdir/openssl.patch"
sed 's:netsurf-gtk:netsurf:' -i frontends/gtk/res/netsurf-gtk.desktop
sed 's:libutf8proc/::' -i utils/idna.c
sed 's:UTF8PROC_CCC_VIRAMA:UTF8PROC_BIDI_CLASS_EN:' -i utils/idna.c
sed 's:utf8proc_normalise:utf8proc_reencode:' -i utils/idna.c
-
- setconf Makefile.defaults NETSURF_UA_FORMAT_STRING '"NetSurf/%d.%d (%s; Arch Linux)"'
setconf Makefile.defaults NETSURF_USE_DUKTAPE YES
+ setconf Makefile.defaults NETSURF_UA_FORMAT_STRING \
+ '"NetSurf/%d.%d (%s; Arch Linux)"'
}
build() {
@@ -50,10 +54,10 @@
make install LIBDIR=lib INCLUDEDIR=include PREFIX=/usr TARGET=gtk \
NETSURF_GTK_MAJOR=3 DESTDIR="$pkgdir"
- # Script
+ # Launcher script
install -Dm755 "../$pkgname.sh" "$pkgdir/usr/bin/$pkgname"
- # Desktop shortcut
+ # Desktop icon and shortcut
install -Dm644 "frontends/gtk/res/$pkgname.xpm" \
"$pkgdir/usr/share/pixmaps/$pkgname.xpm"
install -Dm644 "frontends/gtk/res/$pkgname-gtk.desktop" \
@@ -62,10 +66,6 @@
# License
install -Dm644 COPYING \
"$pkgdir/usr/share/licenses/$pkgname/COPYING"
-
- # Fix path
- #mv "$pkgdir/usr/share/netsurf/:./gtk/res/"* "$pkgdir/usr/share/netsurf/"
- #rmdir "$pkgdir/usr/share/netsurf/"{:./gtk/res,:./gtk,:.}
}
# vim:set ts=2 sw=2 et:
Added: openssl.patch
===================================================================
--- openssl.patch (rev 0)
+++ openssl.patch 2017-03-14 10:43:44 UTC (rev 216216)
@@ -0,0 +1,72 @@
+From e8a9e3744523671228fef385ce7e1e11f93283b0 Mon Sep 17 00:00:00 2001
+From: Vincent Sanders <vince at kyllikki.org>
+Date: Sun, 20 Nov 2016 12:14:36 +0000
+Subject: fix openSSL 1.1.0 X509 certificate handling
+
+---
+diff --git a/content/fetchers/curl.c b/content/fetchers/curl.c
+index 66970ef..7ddf512 100644
+--- a/content/fetchers/curl.c
++++ b/content/fetchers/curl.c
+@@ -128,6 +128,26 @@ static char fetch_error_buffer[CURL_ERROR_SIZE];
+ static char fetch_proxy_userpwd[100];
+
+
++/* OpenSSL 1.0.x to 1.1.0 certificate reference counting changed */
++#if (OPENSSL_VERSION_NUMBER < 0x1010000fL)
++static int ns_X509_up_ref(X509 *cert)
++{
++ cert->references++;
++ return 1;
++}
++
++static void ns_X509_free(X509 *cert)
++{
++ cert->references--;
++ if (cert->references == 0) {
++ X509_free(cert);
++ }
++}
++#else
++#define ns_X509_up_ref X509_up_ref
++#define ns_X509_free X509_free
++#endif
++
+ /**
+ * Initialise a cURL fetcher.
+ */
+@@ -438,7 +458,7 @@ fetch_curl_verify_callback(int verify_ok, X509_STORE_CTX *x509_ctx)
+ */
+ if (!fetch->cert_data[depth].cert) {
+ fetch->cert_data[depth].cert = X509_STORE_CTX_get_current_cert(x509_ctx);
+- fetch->cert_data[depth].cert->references++;
++ ns_X509_up_ref(fetch->cert_data[depth].cert);
+ fetch->cert_data[depth].err = X509_STORE_CTX_get_error(x509_ctx);
+ }
+
+@@ -815,10 +835,7 @@ static void fetch_curl_free(void *vf)
+ }
+
+ for (i = 0; i < MAX_CERTS && f->cert_data[i].cert; i++) {
+- f->cert_data[i].cert->references--;
+- if (f->cert_data[i].cert->references == 0) {
+- X509_free(f->cert_data[i].cert);
+- }
++ ns_X509_free(f->cert_data[i].cert);
+ }
+
+ free(f);
+@@ -986,10 +1003,7 @@ curl_start_cert_validate(struct curl_fetch_info *f,
+ X509_get_pubkey(certs[depth].cert));
+
+ /* and clean up */
+- certs[depth].cert->references--;
+- if (certs[depth].cert->references == 0) {
+- X509_free(certs[depth].cert);
+- }
++ ns_X509_free(certs[depth].cert);
+ }
+
+ msg.type = FETCH_CERT_ERR;
+--
+cgit v0.9.0.3-65-g4555
More information about the arch-commits
mailing list