From 4237c9d899a7e5dfb9d62644601bcbfa1574ab82 Mon Sep 17 00:00:00 2001
From: Waldemar Brodkorb <wbx@uclibc-ng.org>
Date: Wed, 28 Sep 2016 19:04:37 +0200
Subject: remove OpenSSL support

I thought some time about this, we have it in parallel some time and
it have issues for allmodconfig builds.
Anyway I have no fun doing openssl updates twice a week.
We just can not support stunnel/ssltunnel anymore.
For nodejs we use bundled openssl.

I am an old OpenBSD geek anyway, so get rid of OpenSSL.
---
 package/elinks/Makefile                            | 11 +++--------
 package/elinks/patches/patch-src_network_ssl_ssl_c | 16 ++++++++++++++++
 2 files changed, 19 insertions(+), 8 deletions(-)
 create mode 100644 package/elinks/patches/patch-src_network_ssl_ssl_c

(limited to 'package/elinks')

diff --git a/package/elinks/Makefile b/package/elinks/Makefile
index 5e7f0b719..23d5c25fd 100644
--- a/package/elinks/Makefile
+++ b/package/elinks/Makefile
@@ -11,6 +11,7 @@ PKG_DESCR:=		advanced text web browser
 PKG_SECTION:=		app/browser
 PKG_URL:=		http://elinks.or.cz/
 PKG_SITES:=		http://elinks.or.cz/download/
+
 PKG_NOPARALLEL:=	1
 
 DISTFILES:=		${PKG_NAME}-${PKG_VERSION}.tar.gz
@@ -18,14 +19,11 @@ DISTFILES:=		${PKG_NAME}-${PKG_VERSION}.tar.gz
 PKG_FLAVOURS_ELINKS:=	WITH_IPV6
 PKGFD_WITH_IPV6:=	enable IPv6 support
 
-PKG_CHOICES_ELINKS:=	WITHOUT_SSL WITH_LIBRESSL WITH_OPENSSL
-PKGCD_WITHOUT_SSL:=	use no ssl
+PKG_CHOICES_ELINKS:=	WITH_LIBRESSL WITHOUT_SSL
 PKGCD_WITH_LIBRESSL:=	use libressl for crypto
 PKGCB_WITH_LIBRESSL:=	libressl
 PKGCS_WITH_LIBRESSL:=	libressl ca-certificates
-PKGCD_WITH_OPENSSL:=	use openssl for crypto
-PKGCB_WITH_OPENSSL:=	openssl
-PKGCS_WITH_OPENSSL:=	libopenssl ca-certificates
+PKGCD_WITHOUT_SSL:=	use no ssl
 
 include ${ADK_TOPDIR}/mk/package.mk
 
@@ -63,9 +61,6 @@ else
 CONFIGURE_ARGS+=	--disable-ipv6
 endif
 
-ifeq ($(ADK_PACKAGE_ELINKS_WITH_OPENSSL),y)
-CONFIGURE_ARGS+=	--with-openssl='${STAGING_TARGET_DIR}/usr'
-endif
 ifeq ($(ADK_PACKAGE_ELINKS_WITH_LIBRESSL),y)
 CONFIGURE_ARGS+=	--with-openssl='${STAGING_TARGET_DIR}/usr'
 endif
diff --git a/package/elinks/patches/patch-src_network_ssl_ssl_c b/package/elinks/patches/patch-src_network_ssl_ssl_c
new file mode 100644
index 000000000..f55f43ba4
--- /dev/null
+++ b/package/elinks/patches/patch-src_network_ssl_ssl_c
@@ -0,0 +1,16 @@
+--- elinks-0.11.7.orig/src/network/ssl/ssl.c	2009-08-22 13:15:08.000000000 +0200
++++ elinks-0.11.7/src/network/ssl/ssl.c	2016-09-30 18:47:20.022831750 +0200
+@@ -49,11 +49,8 @@ init_openssl(struct module *module)
+ 	 * cannot initialize the PRNG and so every attempt to use SSL fails.
+ 	 * It's actually an OpenSSL FAQ, and according to them, it's up to the
+ 	 * application coders to seed the RNG. -- William Yodlowsky */
+-	if (RAND_egd(RAND_file_name(f_randfile, sizeof(f_randfile))) < 0) {
+-		/* Not an EGD, so read and write to it */
+-		if (RAND_load_file(f_randfile, -1))
+-			RAND_write_file(f_randfile);
+-	}
++	if (RAND_load_file(f_randfile, -1))
++		RAND_write_file(f_randfile);
+ 
+ 	SSLeay_add_ssl_algorithms();
+ 	context = SSL_CTX_new(SSLv23_client_method());
-- 
cgit v1.2.3