[mutt] 02/02: upstream/openssl-1.1-build.patch: to build against openssl 1.1

Antonio Radici antonio at moszumanska.debian.org
Thu Sep 8 19:54:04 UTC 2016 

This is an automated email from the git hooks/post-receive script.

antonio pushed a commit to branch master
in repository mutt.

commit c8e960e923f8f23c33f8ee995054ab67ac9aa960
Author: Antonio Radici <antonio at debian.org>
Date:   Thu Sep 8 13:50:13 2016 +0100

    upstream/openssl-1.1-build.patch: to build against openssl 1.1
---
 debian/changelog                                |   1 +
 debian/patches/series                           |   1 +
 debian/patches/upstream/openssl-1.1-build.patch | 101 ++++++++++++++++++++++++
 3 files changed, 103 insertions(+)

diff --git a/debian/changelog b/debian/changelog
index 9a8052b..9a957a9 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -16,6 +16,7 @@ mutt (1.7.0-2) UNRELEASED; urgency=medium
     + upstream/569038-interrupt-socket-read-write.patch: allow the interruption
       of operations which can be long-running
       (Closes: 569038, 774746, 423931, 599136, 618425).
+    + upstream/openssl-1.1-build.patch: to build against openssl 1.1
     + neomutt-devel/832971-reset-xlabel.patch to reset X-Label properly for
       newer versions of mutt (Closes: 832971).
     + neomutt-devel/836812-user-agent-temp-fix.patch: hardcode the NeoMutt
diff --git a/debian/patches/series b/debian/patches/series
index c884095..2f7e3aa 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -29,3 +29,4 @@ upstream/757141-date-format-length.patch
 upstream/644992-ipv6-literal.patch
 upstream/741213-dsa-elgamal-keys-length.patch
 upstream/549204-clear-N-on-readonly-imap-folders.patch
+upstream/openssl-1.1-build.patch
diff --git a/debian/patches/upstream/openssl-1.1-build.patch b/debian/patches/upstream/openssl-1.1-build.patch
new file mode 100644
index 0000000..04c62cb
--- /dev/null
+++ b/debian/patches/upstream/openssl-1.1-build.patch
@@ -0,0 +1,101 @@
+Package to build mutt against openssl >= 1.1, provided by Takahashi Tamotsu in
+http://bugs.mutt.org/3870
+
+To be dropped when merging mutt upstream > 1.7.0
+
+--- a/configure.ac
++++ b/configure.ac
+@@ -720,13 +720,16 @@
+ 
+             crypto_libs=""
+             AC_CHECK_LIB(z, deflate, [crypto_libs=-lz])
+-            AC_CHECK_LIB(crypto, X509_new,
+-              [crypto_libs="-lcrypto $crypto_libs"],, [$crypto_libs])
++            AC_CHECK_LIB(crypto, X509_STORE_CTX_new,
++              [crypto_libs="-lcrypto $crypto_libs"],
++              AC_MSG_ERROR([Unable to find SSL library]), [$crypto_libs])
+             AC_CHECK_LIB(ssl, SSL_new,,
+               AC_MSG_ERROR([Unable to find SSL library]), [$crypto_libs])
+ 
+             LIBS="$LIBS $crypto_libs"
+             AC_CHECK_FUNCS(RAND_status RAND_egd)
++            AC_CHECK_DECLS([SSL_set_mode, SSL_MODE_AUTO_RETRY],,
++              AC_MSG_ERROR([Unable to find decent SSL header]), [[#include <openssl/ssl.h>]])
+ 
+             AC_DEFINE(USE_SSL,1,[ Define if you want support for SSL. ])
+             AC_DEFINE(USE_SSL_OPENSSL,1,[ Define if you want support for SSL via OpenSSL. ])
+--- a/mutt_ssl.c
++++ b/mutt_ssl.c
+@@ -37,12 +37,6 @@
+ #include "mutt_ssl.h"
+ #include "mutt_idna.h"
+ 
+-#if OPENSSL_VERSION_NUMBER >= 0x00904000L
+-#define READ_X509_KEY(fp, key)	PEM_read_X509(fp, key, NULL, NULL)
+-#else
+-#define READ_X509_KEY(fp, key)	PEM_read_X509(fp, key, NULL)
+-#endif
+-
+ /* Just in case OpenSSL doesn't define DEVRANDOM */
+ #ifndef DEVRANDOM
+ #define DEVRANDOM "/dev/urandom"
+@@ -415,11 +409,7 @@
+   int err;
+   const char* errmsg;
+ 
+-#if OPENSSL_VERSION_NUMBER >= 0x00906000L
+-  /* This only exists in 0.9.6 and above. Without it we may get interrupted
+-   *   reads or writes. Bummer. */
+   SSL_set_mode (ssldata->ssl, SSL_MODE_AUTO_RETRY);
+-#endif
+ 
+ #if (OPENSSL_VERSION_NUMBER >= 0x0090806fL) && !defined(OPENSSL_NO_TLSEXT)
+   /* TLS Virtual-hosting requires that the server present the correct
+@@ -644,7 +634,7 @@
+ 
+ static int check_certificate_by_signer (X509 *peercert)
+ {
+-  X509_STORE_CTX xsc;
++  X509_STORE_CTX *xsc;
+   X509_STORE *ctx;
+   int pass = 0, i;
+ 
+@@ -674,23 +664,25 @@
+     return 0;
+   }
+ 
+-  X509_STORE_CTX_init (&xsc, ctx, peercert, SslSessionCerts);
++  xsc = X509_STORE_CTX_new();
++  if (xsc == NULL) return 0;
++  X509_STORE_CTX_init (xsc, ctx, peercert, SslSessionCerts);
+ 
+-  pass = (X509_verify_cert (&xsc) > 0);
++  pass = (X509_verify_cert (xsc) > 0);
+ #ifdef DEBUG
+   if (! pass)
+   {
+     char buf[SHORT_STRING];
+     int err;
+ 
+-    err = X509_STORE_CTX_get_error (&xsc);
++    err = X509_STORE_CTX_get_error (xsc);
+     snprintf (buf, sizeof (buf), "%s (%d)",
+ 	X509_verify_cert_error_string(err), err);
+     dprint (2, (debugfile, "X509_verify_cert: %s\n", buf));
+     dprint (2, (debugfile, " [%s]\n", peercert->name));
+   }
+ #endif
+-  X509_STORE_CTX_cleanup (&xsc);
++  X509_STORE_CTX_free (xsc);
+   X509_STORE_free (ctx);
+ 
+   return pass;
+@@ -779,7 +771,7 @@
+     return 0;
+   }
+ 
+-  while ((cert = READ_X509_KEY (fp, &cert)) != NULL)
++  while ((cert = PEM_read_X509 (fp, &cert, NULL, NULL)) != NULL)
+   {
+     pass = compare_certificates (cert, peercert, peermd, peermdlen) ? 0 : 1;
+ 

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-mutt/mutt.git

More information about the pkg-mutt-commits mailing list