[mutt] 02/02: upstream/openssl-1.1-build.patch: to build against openssl 1.1
Antonio Radici
antonio at moszumanska.debian.org
Thu Sep 8 19:54:04 UTC 2016
This is an automated email from the git hooks/post-receive script.
antonio pushed a commit to branch master
in repository mutt.
commit c8e960e923f8f23c33f8ee995054ab67ac9aa960
Author: Antonio Radici <antonio at debian.org>
Date: Thu Sep 8 13:50:13 2016 +0100
upstream/openssl-1.1-build.patch: to build against openssl 1.1
---
debian/changelog | 1 +
debian/patches/series | 1 +
debian/patches/upstream/openssl-1.1-build.patch | 101 ++++++++++++++++++++++++
3 files changed, 103 insertions(+)
diff --git a/debian/changelog b/debian/changelog
index 9a8052b..9a957a9 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -16,6 +16,7 @@ mutt (1.7.0-2) UNRELEASED; urgency=medium
+ upstream/569038-interrupt-socket-read-write.patch: allow the interruption
of operations which can be long-running
(Closes: 569038, 774746, 423931, 599136, 618425).
+ + upstream/openssl-1.1-build.patch: to build against openssl 1.1
+ neomutt-devel/832971-reset-xlabel.patch to reset X-Label properly for
newer versions of mutt (Closes: 832971).
+ neomutt-devel/836812-user-agent-temp-fix.patch: hardcode the NeoMutt
diff --git a/debian/patches/series b/debian/patches/series
index c884095..2f7e3aa 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -29,3 +29,4 @@ upstream/757141-date-format-length.patch
upstream/644992-ipv6-literal.patch
upstream/741213-dsa-elgamal-keys-length.patch
upstream/549204-clear-N-on-readonly-imap-folders.patch
+upstream/openssl-1.1-build.patch
diff --git a/debian/patches/upstream/openssl-1.1-build.patch b/debian/patches/upstream/openssl-1.1-build.patch
new file mode 100644
index 0000000..04c62cb
--- /dev/null
+++ b/debian/patches/upstream/openssl-1.1-build.patch
@@ -0,0 +1,101 @@
+Package to build mutt against openssl >= 1.1, provided by Takahashi Tamotsu in
+http://bugs.mutt.org/3870
+
+To be dropped when merging mutt upstream > 1.7.0
+
+--- a/configure.ac
++++ b/configure.ac
+@@ -720,13 +720,16 @@
+
+ crypto_libs=""
+ AC_CHECK_LIB(z, deflate, [crypto_libs=-lz])
+- AC_CHECK_LIB(crypto, X509_new,
+- [crypto_libs="-lcrypto $crypto_libs"],, [$crypto_libs])
++ AC_CHECK_LIB(crypto, X509_STORE_CTX_new,
++ [crypto_libs="-lcrypto $crypto_libs"],
++ AC_MSG_ERROR([Unable to find SSL library]), [$crypto_libs])
+ AC_CHECK_LIB(ssl, SSL_new,,
+ AC_MSG_ERROR([Unable to find SSL library]), [$crypto_libs])
+
+ LIBS="$LIBS $crypto_libs"
+ AC_CHECK_FUNCS(RAND_status RAND_egd)
++ AC_CHECK_DECLS([SSL_set_mode, SSL_MODE_AUTO_RETRY],,
++ AC_MSG_ERROR([Unable to find decent SSL header]), [[#include <openssl/ssl.h>]])
+
+ AC_DEFINE(USE_SSL,1,[ Define if you want support for SSL. ])
+ AC_DEFINE(USE_SSL_OPENSSL,1,[ Define if you want support for SSL via OpenSSL. ])
+--- a/mutt_ssl.c
++++ b/mutt_ssl.c
+@@ -37,12 +37,6 @@
+ #include "mutt_ssl.h"
+ #include "mutt_idna.h"
+
+-#if OPENSSL_VERSION_NUMBER >= 0x00904000L
+-#define READ_X509_KEY(fp, key) PEM_read_X509(fp, key, NULL, NULL)
+-#else
+-#define READ_X509_KEY(fp, key) PEM_read_X509(fp, key, NULL)
+-#endif
+-
+ /* Just in case OpenSSL doesn't define DEVRANDOM */
+ #ifndef DEVRANDOM
+ #define DEVRANDOM "/dev/urandom"
+@@ -415,11 +409,7 @@
+ int err;
+ const char* errmsg;
+
+-#if OPENSSL_VERSION_NUMBER >= 0x00906000L
+- /* This only exists in 0.9.6 and above. Without it we may get interrupted
+- * reads or writes. Bummer. */
+ SSL_set_mode (ssldata->ssl, SSL_MODE_AUTO_RETRY);
+-#endif
+
+ #if (OPENSSL_VERSION_NUMBER >= 0x0090806fL) && !defined(OPENSSL_NO_TLSEXT)
+ /* TLS Virtual-hosting requires that the server present the correct
+@@ -644,7 +634,7 @@
+
+ static int check_certificate_by_signer (X509 *peercert)
+ {
+- X509_STORE_CTX xsc;
++ X509_STORE_CTX *xsc;
+ X509_STORE *ctx;
+ int pass = 0, i;
+
+@@ -674,23 +664,25 @@
+ return 0;
+ }
+
+- X509_STORE_CTX_init (&xsc, ctx, peercert, SslSessionCerts);
++ xsc = X509_STORE_CTX_new();
++ if (xsc == NULL) return 0;
++ X509_STORE_CTX_init (xsc, ctx, peercert, SslSessionCerts);
+
+- pass = (X509_verify_cert (&xsc) > 0);
++ pass = (X509_verify_cert (xsc) > 0);
+ #ifdef DEBUG
+ if (! pass)
+ {
+ char buf[SHORT_STRING];
+ int err;
+
+- err = X509_STORE_CTX_get_error (&xsc);
++ err = X509_STORE_CTX_get_error (xsc);
+ snprintf (buf, sizeof (buf), "%s (%d)",
+ X509_verify_cert_error_string(err), err);
+ dprint (2, (debugfile, "X509_verify_cert: %s\n", buf));
+ dprint (2, (debugfile, " [%s]\n", peercert->name));
+ }
+ #endif
+- X509_STORE_CTX_cleanup (&xsc);
++ X509_STORE_CTX_free (xsc);
+ X509_STORE_free (ctx);
+
+ return pass;
+@@ -779,7 +771,7 @@
+ return 0;
+ }
+
+- while ((cert = READ_X509_KEY (fp, &cert)) != NULL)
++ while ((cert = PEM_read_X509 (fp, &cert, NULL, NULL)) != NULL)
+ {
+ pass = compare_certificates (cert, peercert, peermd, peermdlen) ? 0 : 1;
+
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-mutt/mutt.git
More information about the pkg-mutt-commits
mailing list