diff options
| author | Jakub Jirutka <jakub@jirutka.cz> | 2018-05-25 20:12:35 +0200 |
|---|---|---|
| committer | Jakub Jirutka <jakub@jirutka.cz> | 2018-05-25 20:44:41 +0200 |
| commit | 8d596d657b2f79582ae566d4663ed84eb73b722c (patch) | |
| tree | 6ff277e35ef9356a0101b97eae077c65b124857f | |
| parent | 942d54f276770d9b694bd1d2720587b4fd09b789 (diff) | |
| download | aports-8d596d657b2f79582ae566d4663ed84eb73b722c.tar.bz2 aports-8d596d657b2f79582ae566d4663ed84eb73b722c.tar.xz | |
main/curl: fix crashes due to LibreSSL/OpenSSL engines conflicts
| -rw-r--r-- | main/curl/APKBUILD | 8 | ||||
| -rw-r--r-- | main/curl/use-OPENSSL_config.patch | 41 |
2 files changed, 46 insertions, 3 deletions
diff --git a/main/curl/APKBUILD b/main/curl/APKBUILD index c5f1ff1e3a..334a2bfdc0 100644 --- a/main/curl/APKBUILD +++ b/main/curl/APKBUILD @@ -4,7 +4,7 @@ # Maintainer: Natanael Copa <ncopa@alpinelinux.org> pkgname=curl pkgver=7.60.0 -pkgrel=0 +pkgrel=1 pkgdesc="An URL retrival utility and library" url="http://curl.haxx.se" arch="all" @@ -12,7 +12,8 @@ license="MIT" depends="ca-certificates" depends_dev="zlib-dev openssl-dev libssh2-dev" makedepends="$depends_dev groff perl" -source="http://curl.haxx.se/download/$pkgname-$pkgver.tar.xz" +source="http://curl.haxx.se/download/$pkgname-$pkgver.tar.xz + use-OPENSSL_config.patch" subpackages="$pkgname-doc $pkgname-dev libcurl" # secfixes: @@ -112,4 +113,5 @@ libcurl() { mv "$pkgdir"/usr/lib "$subpkgdir"/usr } -sha512sums="96a0c32ca846a76bba75e9e560ad4c15df79540992ed1a83713095be94ddba039f289bda9678762fd79fb9691fe810735178fb9dc970c37012dff96b8ce08abf curl-7.60.0.tar.xz" +sha512sums="96a0c32ca846a76bba75e9e560ad4c15df79540992ed1a83713095be94ddba039f289bda9678762fd79fb9691fe810735178fb9dc970c37012dff96b8ce08abf curl-7.60.0.tar.xz +708527e73f9512c50e2250ca26786ba8994dc05fd2e362c1feb274e251219fb4bfc97e7e7722aa12424ccaf4c511d90d8820561c82a24f103b9ee2b743f4be28 use-OPENSSL_config.patch" diff --git a/main/curl/use-OPENSSL_config.patch b/main/curl/use-OPENSSL_config.patch new file mode 100644 index 0000000000..925a90349f --- /dev/null +++ b/main/curl/use-OPENSSL_config.patch @@ -0,0 +1,41 @@ +Fix symbol conflict with OpenSSL 1.0 / LibreSSL. + +This basically reverts https://github.com/curl/curl/commit/7d2f61f66ab4e047fc9aefc2effc1ac6d340a66a + +Issue: https://bugs.alpinelinux.org/issues/8923 +Patch-Source: https://build.opensuse.org/package/view_file/devel:libraries:c_c++/curl/curl-use_OPENSSL_config.patch + +diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c +index 80e9bf940..ba227891f 100644 +--- a/lib/vtls/openssl.c ++++ b/lib/vtls/openssl.c +@@ -935,26 +935,12 @@ + ENGINE_load_builtin_engines(); + #endif + +- /* OPENSSL_config(NULL); is "strongly recommended" to use but unfortunately +- that function makes an exit() call on wrongly formatted config files +- which makes it hard to use in some situations. OPENSSL_config() itself +- calls CONF_modules_load_file() and we use that instead and we ignore +- its return code! */ +- +- /* CONF_MFLAGS_DEFAULT_SECTION introduced some time between 0.9.8b and +- 0.9.8e */ +-#ifndef CONF_MFLAGS_DEFAULT_SECTION +-#define CONF_MFLAGS_DEFAULT_SECTION 0x0 +-#endif +- +- CONF_modules_load_file(NULL, NULL, +- CONF_MFLAGS_DEFAULT_SECTION| +- CONF_MFLAGS_IGNORE_MISSING_FILE); +- + #if (OPENSSL_VERSION_NUMBER >= 0x10100000L) && \ + !defined(LIBRESSL_VERSION_NUMBER) +- /* OpenSSL 1.1.0+ takes care of initialization itself */ ++ OPENSSL_init_crypto(OPENSSL_INIT_LOAD_CONFIG, NULL); + #else ++ OPENSSL_config(NULL); ++ + /* Lets get nice error messages */ + SSL_load_error_strings(); + |