Stuart Henderson <st...@openbsd.org> writes: > Awesome! We probably need to delete more lines. Not sure a good way > to feed this sort of change back to upstreams though, as they *do* need > this with OpenSSL.
[...] I agree that more lines should be "deleted". Is this clear enough? Index: Makefile =================================================================== RCS file: /cvs/ports/www/elinks/Makefile,v retrieving revision 1.32 diff -u -p -r1.32 Makefile --- Makefile 10 Oct 2013 20:10:51 -0000 1.32 +++ Makefile 31 May 2014 11:43:36 -0000 @@ -2,7 +2,7 @@ COMMENT= full-featured text WWW browser DISTNAME= elinks-0.11.7 -REVISION= 7 +REVISION= 8 CATEGORIES= www MASTER_SITES= http://elinks.cz/download/ Index: patches/patch-src_network_ssl_ssl_c =================================================================== RCS file: /cvs/ports/www/elinks/patches/patch-src_network_ssl_ssl_c,v retrieving revision 1.1 diff -u -p -r1.1 patch-src_network_ssl_ssl_c --- patches/patch-src_network_ssl_ssl_c 19 Apr 2014 17:59:38 -0000 1.1 +++ patches/patch-src_network_ssl_ssl_c 31 May 2014 11:42:22 -0000 @@ -1,17 +1,22 @@ $OpenBSD: patch-src_network_ssl_ssl_c,v 1.1 2014/04/19 17:59:38 sthen Exp $ ---- src/network/ssl/ssl.c.orig Sat Apr 19 18:44:13 2014 -+++ src/network/ssl/ssl.c Sat Apr 19 18:45:12 2014 -@@ -49,11 +49,8 @@ init_openssl(struct module *module) - * cannot initialize the PRNG and so every attempt to use SSL fails. - * It's actually an OpenSSL FAQ, and according to them, it's up to the - * application coders to seed the RNG. -- William Yodlowsky */ -- if (RAND_egd(RAND_file_name(f_randfile, sizeof(f_randfile))) < 0) { -- /* Not an EGD, so read and write to it */ -- if (RAND_load_file(f_randfile, -1)) -- RAND_write_file(f_randfile); -- } -+ if (RAND_load_file(f_randfile, -1)) -+ RAND_write_file(f_randfile); + +libressl doesn't need RAND_(egd|load_file|etc) hacks to be usable + +--- src/network/ssl/ssl.c.orig Sat Aug 22 13:15:08 2009 ++++ src/network/ssl/ssl.c Sat May 31 13:42:17 2014 +@@ -43,6 +43,7 @@ SSL_CTX *context = NULL; + static void + init_openssl(struct module *module) + { ++#ifdef OPENSSL_RAND_HACKS + unsigned char f_randfile[PATH_MAX]; + + /* In a nutshell, on OS's without a /dev/urandom, the OpenSSL library +@@ -54,6 +55,7 @@ init_openssl(struct module *module) + if (RAND_load_file(f_randfile, -1)) + RAND_write_file(f_randfile); + } ++#endif SSLeay_add_ssl_algorithms(); context = SSL_CTX_new(SSLv23_client_method()); -- jca | PGP : 0x1524E7EE / 5135 92C1 AD36 5293 2BDF DDCC 0DFA 74AE 1524 E7EE