From a833e3f4a431b8eea751b7420e127787f9c92117 Mon Sep 17 00:00:00 2001
From: V3n3RiX <venerix@redcorelinux.org>
Date: Mon, 4 Dec 2017 12:06:33 +0000
Subject: gentoo resync : 04.12.2017

---
 .../wget/files/wget-1.92.2-openssl-1.1.0-r1.patch  | 80 ++++++++++++++++++++++
 1 file changed, 80 insertions(+)
 create mode 100644 net-misc/wget/files/wget-1.92.2-openssl-1.1.0-r1.patch

(limited to 'net-misc/wget/files')

diff --git a/net-misc/wget/files/wget-1.92.2-openssl-1.1.0-r1.patch b/net-misc/wget/files/wget-1.92.2-openssl-1.1.0-r1.patch
new file mode 100644
index 000000000000..79f33b157599
--- /dev/null
+++ b/net-misc/wget/files/wget-1.92.2-openssl-1.1.0-r1.patch
@@ -0,0 +1,80 @@
+--- a/src/openssl.c
++++ b/src/openssl.c
+@@ -174,11 +174,16 @@ ssl_init (void)
+ {
+   SSL_METHOD const *meth;
+   long ssl_options = 0;
++#if !defined(LIBRESSL_VERSION_NUMBER) && (OPENSSL_VERSION_NUMBER >= 0x10100000L)
++  int ssl_proto_version = 0;
++#endif
+ 
+ #if OPENSSL_VERSION_NUMBER >= 0x00907000
+   if (ssl_true_initialized == 0)
+     {
++#if OPENSSL_API_COMPAT < 0x10100000L
+       OPENSSL_config (NULL);
++#endif
+       ssl_true_initialized = 1;
+     }
+ #endif
+@@ -202,8 +207,12 @@ ssl_init (void)
+   CONF_modules_load_file(NULL, NULL,
+       CONF_MFLAGS_DEFAULT_SECTION|CONF_MFLAGS_IGNORE_MISSING_FILE);
+ #endif
++#if OPENSSL_API_COMPAT >= 0x10100000L
++  OPENSSL_init_ssl(0, NULL);
++#else
+   SSL_library_init ();
+   SSL_load_error_strings ();
++#endif
+ #if OPENSSL_VERSION_NUMBER < 0x10100000L
+   SSLeay_add_all_algorithms ();
+   SSLeay_add_ssl_algorithms ();
+@@ -229,16 +238,31 @@ ssl_init (void)
+       ssl_options |= SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3;
+       break;
+     case secure_protocol_tlsv1:
++#if !defined(LIBRESSL_VERSION_NUMBER) && (OPENSSL_VERSION_NUMBER >= 0x10100000L)
++      meth = TLS_client_method();
++      ssl_proto_version = TLS1_VERSION;
++#else
+       meth = TLSv1_client_method ();
++#endif
+       break;
+ 
+ #if OPENSSL_VERSION_NUMBER >= 0x10001000
+     case secure_protocol_tlsv1_1:
++#if !defined(LIBRESSL_VERSION_NUMBER) && (OPENSSL_VERSION_NUMBER >= 0x10100000L)
++      meth = TLS_client_method();
++      ssl_proto_version = TLS1_1_VERSION;
++#else
+       meth = TLSv1_1_client_method ();
++#endif
+       break;
+ 
+     case secure_protocol_tlsv1_2:
++#if !defined(LIBRESSL_VERSION_NUMBER) && (OPENSSL_VERSION_NUMBER >= 0x10100000L)
++      meth = TLS_client_method();
++      ssl_proto_version = TLS1_2_VERSION;
++#else
+       meth = TLSv1_2_client_method ();
++#endif
+       break;
+ #else
+     case secure_protocol_tlsv1_1:
+@@ -262,8 +286,15 @@ ssl_init (void)
+   if (!ssl_ctx)
+     goto error;
+ 
++#if !defined(LIBRESSL_VERSION_NUMBER) && (OPENSSL_VERSION_NUMBER >= 0x10100000L)
+   if (ssl_options)
+     SSL_CTX_set_options (ssl_ctx, ssl_options);
++#endif
++
++#if !defined(LIBRESSL_VERSION_NUMBER) && (OPENSSL_VERSION_NUMBER >=0x10100000L)
++  if (ssl_proto_version)
++    SSL_CTX_set_min_proto_version(ssl_ctx, ssl_proto_version);
++#endif
+ 
+   /* OpenSSL ciphers: https://www.openssl.org/docs/apps/ciphers.html
+    * Since we want a good protection, we also use HIGH (that excludes MD4 ciphers and some more)
-- 
cgit v1.2.3