[Lynx-dev] [PATCH] More compatibility changes for OpenSSL 1.1.0

[Quentin Minster]

Hi,

I'm seeing build failures with Lynx 2.8.9.dev16 and OpenSSL 1.1.0g. I've
seen some changes pertaining to OpenSSL 1.1.0 in Lynx's source code
already, but these seem to have been missed.
I'm guessing this is because OpenSSL 1.1.0 can be compiled in a variety
of compatibility modes, and mine must not be compiled the same way as
yours.

Attached is a patch to fix these, hopefully without breaking older
versions. The fixes applied are:
* in WWW/Library/Implementation/HTNews.c: don't call
  `SSL_load_error_strings()`
* in WWW/Library/Implementation/HTTP.c:
** #define the non-existent SSLEAY_VERSION_NUMBER into
   OPENSSL_VERSION_NUMBER
** #define the removed `ASN1_STRING_data()` into
   `ASN1_STRING_get0_data()`
** replace the deprecated `SSLv23_client_method()` with
   `TLS_client_method()`, without calling
   `SSL_CTX_set_min_proto_version()` (thus letting OpenSSL decide on the
   minimum protocol version)
** again, don't call `SSL_load_error_strings()`

All these fixes are conditionally applied based on the value of
OPENSSL_VERSION_NUMBER.

Feel free to review and adjust the patch as you see fit. Specifically,
the top of HTTP.c might not be the best place to `#define
SSLEAY_VERSION_NUMBER OPENSSL_VERSION_NUMBER`, and this fix also feels a
little hackish (OPENSSL_VERSION_NUMBER has been around for a while now
and could be used everywhere SSLEAY_VERSION_NUMBER is used I guess), but
since this define is only ever used in this file, I've landed it there
anyway.

Do note I've only tested that Lynx builds fine and
https://www.google.com loads fine after patching. I have *not* tested
against previous versions of OpenSSL to check if everything still
worked.

Cheers,


-- 
Quentin Minster


PS: I'm not subscribed to this list.

lynx-2.8.9.dev16-openssl-1.1-compat.patch
Description: Text Data