rpms/links/F-10 links-2.2-nss.patch, NONE, 1.1 links-2.2-ssl-verify.patch, NONE, 1.1 links.desktop, NONE, 1.1 links.spec, NONE, 1.1 .cvsignore, 1.1, 1.2 sources, 1.1, 1.2
Lubomir Rintel
lkundrak at fedoraproject.org
Mon Apr 13 17:45:09 UTC 2009
- Previous message (by thread): rpms/seahorse-plugins/devel .cvsignore, 1.11, 1.12 seahorse-plugins.spec, 1.22, 1.23 sources, 1.11, 1.12
- Next message (by thread): rpms/gallery2/F-10 gallery2.spec,1.19,1.20 sources,1.9,1.10
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: lkundrak
Update of /cvs/pkgs/rpms/links/F-10
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv17215
Modified Files:
.cvsignore sources
Added Files:
links-2.2-nss.patch links-2.2-ssl-verify.patch links.desktop
links.spec
Log Message:
Import into stable branch
links-2.2-nss.patch:
--- NEW FILE links-2.2-nss.patch ---
Support SSL/TLS by the means of NSS.
Lubomir Rintel <lkundrak at v3.sk>
diff -up links-2.2/configure.in.nss links-2.2/configure.in
--- links-2.2/configure.in.nss 2008-08-01 00:03:04.000000000 +0200
+++ links-2.2/configure.in 2009-04-03 08:18:16.847916975 +0200
@@ -355,8 +355,34 @@ AC_CHECK_LIB(dl, dlopen)
AC_ARG_WITH(ssl, [ --with-ssl(=directory) enable SSL support], [if test "$withval" = no; then disable_ssl=yes; else ssld="$withval"; fi])
CPPFLAGS_X="$CPPFLAGS"
LIBS_X="$LIBS"
-cf_result=no
if test -z "$disable_ssl"; then
+
+ AC_PROG_CXX
+ PKG_CHECK_MODULES(NSS,nss,
+ CPPFLAGS="$CPPFLAGS $NSS_CFLAGS $NSS_CFLAGS"
+
+ if test -f "${ssld}"; then
+ CPPFLAGS="$CPPFLAGS -I${ssld}"
+ fi
+
+ AC_CHECK_LIB(nss_compat_ossl, SSL_CTX_new, [
+ LIBS="$LIBS -lnss_compat_ossl"
+ cf_result="yes"
+ ], cf_result="no")
+ ,cf_result="no")
+
+ if test "$cf_result" != yes; then
+ if test "$withval" = yes; then
+ AC_MSG_ERROR("NSS Compat not found")
+ fi
+ CPPFLAGS="$CPPFLAGS_X"
+ LIBS="$LIBS_X"
+ else
+ AC_DEFINE([HAVE_NSS_COMPAT], 1, [Include NSS support])
+ AC_DEFINE(HAVE_SSL)
+ fi
+
+ if test "$cf_result" != yes; then
PKG_CHECK_MODULES(OPENSSL,openssl,pkgconfig_openssl=yes,pkgconfig_openssl=no)
if test "$pkgconfig_openssl" = "yes"; then
AC_MSG_CHECKING([for OpenSSL])
@@ -395,6 +421,7 @@ if test -z "$disable_ssl"; then
else
AC_DEFINE(HAVE_SSL)
fi
+ fi # No NSS Compat
fi
cf_have_ssl=$cf_result;
#endif
diff -up links-2.2/connect.c.nss links-2.2/connect.c
--- links-2.2/connect.c.nss 2008-08-01 00:02:23.000000000 +0200
+++ links-2.2/connect.c 2009-04-03 08:15:17.812914880 +0200
@@ -151,7 +151,9 @@ void ssl_want_read(struct connection *c)
set_timeout(c);
+#ifndef HAVE_NSS_COMPAT
if (c->no_tsl) c->ssl->options |= SSL_OP_NO_TLSv1;
+#endif
switch (SSL_get_error(c->ssl, SSL_connect(c->ssl))) {
case SSL_ERROR_NONE:
c->newconn = NULL;
@@ -318,7 +320,9 @@ void connected(struct connection *c)
if (c->ssl) {
c->ssl = getSSL();
SSL_set_fd(c->ssl, *b->sock);
+#ifndef HAVE_NSS_COMPAT
if (c->no_tsl) c->ssl->options |= SSL_OP_NO_TLSv1;
+#endif
switch (SSL_get_error(c->ssl, SSL_connect(c->ssl))) {
case SSL_ERROR_WANT_READ:
setcstate(c, S_SSL_NEG);
diff -up links-2.2/links.h.nss links-2.2/links.h
--- links-2.2/links.h.nss 2008-08-01 00:02:29.000000000 +0200
+++ links-2.2/links.h 2009-04-03 08:15:17.818912636 +0200
@@ -144,9 +144,13 @@ x #endif*/
#include <utime.h>
#ifdef HAVE_SSL
+#ifdef HAVE_NSS_COMPAT
+#include <nss_compat_ossl/nss_compat_ossl.h>
+#else
#include <openssl/ssl.h>
#include <openssl/rand.h>
#endif
+#endif
#if defined(G)
#if defined(HAVE_PNG_H)
links-2.2-ssl-verify.patch:
--- NEW FILE links-2.2-ssl-verify.patch ---
Fix a security issue -- links would not verify SSL and TLS
certificates, rendering SSL support practically useless.
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=510417
Lubomir Rintel <lkundrak at v3.sk>
diff -up links-2.2/connect.c.ssl-verify links-2.2/connect.c
--- links-2.2/connect.c.ssl-verify 2009-04-13 19:28:13.076133802 +0200
+++ links-2.2/connect.c 2009-04-13 19:27:34.467258505 +0200
@@ -319,6 +319,8 @@ void connected(struct connection *c)
#ifdef HAVE_SSL
if (c->ssl) {
c->ssl = getSSL();
+ if (!getenv("UNSAFE_SSL"))
+ SSL_set_verify(c->ssl, SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT, NULL);
SSL_set_fd(c->ssl, *b->sock);
#ifndef HAVE_NSS_COMPAT
if (c->no_tsl) c->ssl->options |= SSL_OP_NO_TLSv1;
--- NEW FILE links.desktop ---
[Desktop Entry]
Version=1.0
Encoding=UTF-8
Name=Links
Comment=Simple Web Browser
Exec=links2 -g
Icon=links
Categories=Network;WebBrowser;
Type=Application
--- NEW FILE links.spec ---
Name: links
Version: 2.2
Release: 8%{?dist}
Summary: Web browser running in both graphics and text mode
Group: Applications/Internet
License: GPLv2+
URL: http://links.twibright.com/
Source0: http://links.twibright.com/download/%{name}-%{version}.tar.bz2
Source1: links.desktop
Patch0: links-2.2-nss.patch
Patch1: links-2.2-ssl-verify.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
BuildRequires: libpng-devel
BuildRequires: libjpeg-devel
BuildRequires: libtiff-devel
BuildRequires: bzip2-devel
BuildRequires: zlib-devel
BuildRequires: desktop-file-utils
BuildRequires: gpm-devel
BuildRequires: libX11-devel
BuildRequires: autoconf automake
BuildRequires: nss-devel
BuildRequires: nss_compat_ossl-devel
Requires(preun): %{_sbindir}/alternatives
Requires(post): %{_sbindir}/alternatives
Requires(postun): %{_sbindir}/alternatives
Provides: webclient
Provides: text-www-browser
%description
Links is a web browser capable of running in either graphics or text mode.
It provides a pull-down menu system, renders complex pages, has partial HTML
4.0 support (including tables, frames and support for multiple character sets
and UTF-8), supports color and monochrome terminals and allows horizontal
scrolling.
%prep
%setup -q
%patch0 -p1 -b .nss
%patch1 -p1 -b .verify-ssl
%build
iconv -f ISO-8859-1 -t UTF-8 AUTHORS >converted.AUTHORS
touch -r AUTHORS converted.AUTHORS
mv converted.AUTHORS AUTHORS
autoreconf -i
%configure --enable-graphics
make %{?_smp_mflags}
%install
rm -rf $RPM_BUILD_ROOT
make install DESTDIR=${RPM_BUILD_ROOT}
mv $RPM_BUILD_ROOT/%{_bindir}/links $RPM_BUILD_ROOT/%{_bindir}/links2
mv $RPM_BUILD_ROOT/%{_mandir}/man1/links.1 $RPM_BUILD_ROOT/%{_mandir}/man1/links2.1
desktop-file-install --dir=${RPM_BUILD_ROOT}%{_datadir}/applications %{SOURCE1}
install -D -p Links_logo.png $RPM_BUILD_ROOT/%{_datadir}/pixmaps/links.png
# Alternatives cruft
touch $RPM_BUILD_ROOT%{_bindir}/links
touch $RPM_BUILD_ROOT%{_mandir}/man1/links.1.gz
%clean
rm -rf $RPM_BUILD_ROOT
%postun
[ $1 = 0 ] && exit 0
[ $(readlink %{_sysconfdir}/alternatives/links) = %{_bindir}/links2 ] &&
%{_sbindir}/alternatives --set links %{_bindir}/links2
exit 0
%preun
[ $1 = 0 ] || exit 0
%{_sbindir}/alternatives --remove links %{_bindir}/links2
%post
%{_sbindir}/alternatives \
--install %{_bindir}/links links %{_bindir}/links2 80 \
--slave %{_mandir}/man1/links.1.gz links-man %{_mandir}/man1/links2.1.gz
[ $(readlink %{_sysconfdir}/alternatives/links) = %{_bindir}/links2 ] &&
%{_sbindir}/alternatives --set links %{_bindir}/links2
exit 0
%files
%defattr(-,root,root,-)
%doc doc/* AUTHORS BUGS KEYS TODO README COPYING
%{_bindir}/links2
%{_mandir}/man1/links2.1*
%{_datadir}/pixmaps/links.png
%{_datadir}/applications/links.desktop
%ghost %verify(not md5 size mtime) %{_bindir}/links
%ghost %verify(not md5 size mtime) %{_mandir}/man1/links.1.gz
%changelog
* Mon Apr 13 2009 Lubomir Rintel <lkundrak at v3.sk> - 2.2-8
- Enable SSL certificates verification
* Sun Apr 12 2009 Lubomir Rintel <lkundrak at v3.sk> - 2.2-7
- removing unnecessary BuildConflicts
* Fri Apr 10 2009 Lubomir Rintel <lkundrak at v3.sk> - 2.2-6
- Cosmetic fixes
- Ship license
* Fri Apr 03 2009 Lubomir Rintel <lkundrak at v3.sk> - 2.2-5
- Add SSL/TLS support by the means of NSS
- Add web browser provides
* Thu Apr 02 2009 Lubomir Rintel <lkundrak at v3.sk> - 2.2-4
- Do not silence make
- Use bundled icon, place it in pixmaps directory
- Adjust summary, description and style
- Remove useless configure parameters
- Include X11 support
- Adjust menu entry text
- Add alternatives support
* Mon Nov 10 2008 johnhford at gmail.com - 2.2-3
- Do not mutilate timestamps on AUTHORS
- Removed vendor from desktop-file-install
- No longer gzipping manpage
* Mon Nov 10 2008 John Ford <johnhford.gmail at com> 2.2-2
- Modified %%build to ensure shared libraries are used
- Added missing requirements (desktop-file-utils)
* Sat Nov 08 2008 John Ford <johnhford.gmail at com> 2.2-1
- Initial Submission
Index: .cvsignore
===================================================================
RCS file: /cvs/pkgs/rpms/links/F-10/.cvsignore,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- .cvsignore 13 Apr 2009 15:45:29 -0000 1.1
+++ .cvsignore 13 Apr 2009 17:44:38 -0000 1.2
@@ -0,0 +1 @@
+links-2.2.tar.bz2
Index: sources
===================================================================
RCS file: /cvs/pkgs/rpms/links/F-10/sources,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- sources 13 Apr 2009 15:45:29 -0000 1.1
+++ sources 13 Apr 2009 17:44:38 -0000 1.2
@@ -0,0 +1 @@
+bf5b20529a2a811701c5af52b28ebdd4 links-2.2.tar.bz2
- Previous message (by thread): rpms/seahorse-plugins/devel .cvsignore, 1.11, 1.12 seahorse-plugins.spec, 1.22, 1.23 sources, 1.11, 1.12
- Next message (by thread): rpms/gallery2/F-10 gallery2.spec,1.19,1.20 sources,1.9,1.10
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the fedora-extras-commits
mailing list