Support SSL/TLS by the means of NSS.
Lubomir Rintel <lkundrak@v3.sk>
diff -up links-2.2/configure.in.nss links-2.2/configure.in
--- links-2.2/configure.in.nss 2008-08-01 00:03:04.000000000 +0200
+++ links-2.2/configure.in 2009-04-03 08:18:16.847916975 +0200
@@ -355,8 +355,34 @@ AC_CHECK_LIB(dl, dlopen)
AC_ARG_WITH(ssl, [ --with-ssl(=directory) enable SSL support], [if test "$withval" = no; then disable_ssl=yes; else ssld="$withval"; fi])
CPPFLAGS_X="$CPPFLAGS"
LIBS_X="$LIBS"
-cf_result=no
if test -z "$disable_ssl"; then
+
+ AC_PROG_CXX
+ PKG_CHECK_MODULES(NSS,nss,
+ CPPFLAGS="$CPPFLAGS $NSS_CFLAGS $NSS_CFLAGS"
+
+ if test -f "${ssld}"; then
+ CPPFLAGS="$CPPFLAGS -I${ssld}"
+ fi
+
+ AC_CHECK_LIB(nss_compat_ossl, SSL_CTX_new, [
+ LIBS="$LIBS -lnss_compat_ossl"
+ cf_result="yes"
+ ], cf_result="no")
+ ,cf_result="no")
+
+ if test "$cf_result" != yes; then
+ if test "$withval" = yes; then
+ AC_MSG_ERROR("NSS Compat not found")
+ fi
+ CPPFLAGS="$CPPFLAGS_X"
+ LIBS="$LIBS_X"
+ else
+ AC_DEFINE([HAVE_NSS_COMPAT], 1, [Include NSS support])
+ AC_DEFINE(HAVE_SSL)
+ fi
+
+ if test "$cf_result" != yes; then
PKG_CHECK_MODULES(OPENSSL,openssl,pkgconfig_openssl=yes,pkgconfig_openssl=no)
if test "$pkgconfig_openssl" = "yes"; then
AC_MSG_CHECKING([for OpenSSL])
@@ -395,6 +421,7 @@ if test -z "$disable_ssl"; then
else
AC_DEFINE(HAVE_SSL)
fi
+ fi # No NSS Compat
fi
cf_have_ssl=$cf_result;
#endif
diff -up links-2.2/connect.c.nss links-2.2/connect.c
--- links-2.2/connect.c.nss 2008-08-01 00:02:23.000000000 +0200
+++ links-2.2/connect.c 2009-04-03 08:15:17.812914880 +0200
@@ -151,7 +151,9 @@ void ssl_want_read(struct connection *c)
set_timeout(c);
+#ifndef HAVE_NSS_COMPAT
if (c->no_tsl) c->ssl->options |= SSL_OP_NO_TLSv1;
+#endif
switch (SSL_get_error(c->ssl, SSL_connect(c->ssl))) {
case SSL_ERROR_NONE:
c->newconn = NULL;
@@ -318,7 +320,9 @@ void connected(struct connection *c)
if (c->ssl) {
c->ssl = getSSL();
SSL_set_fd(c->ssl, *b->sock);
+#ifndef HAVE_NSS_COMPAT
if (c->no_tsl) c->ssl->options |= SSL_OP_NO_TLSv1;
+#endif
switch (SSL_get_error(c->ssl, SSL_connect(c->ssl))) {
case SSL_ERROR_WANT_READ:
setcstate(c, S_SSL_NEG);
diff -up links-2.2/links.h.nss links-2.2/links.h
--- links-2.2/links.h.nss 2008-08-01 00:02:29.000000000 +0200
+++ links-2.2/links.h 2009-04-03 08:15:17.818912636 +0200
@@ -144,9 +144,13 @@ x #endif*/
#include <utime.h>
#ifdef HAVE_SSL
+#ifdef HAVE_NSS_COMPAT
+#include <nss_compat_ossl/nss_compat_ossl.h>
+#else
#include <openssl/ssl.h>
#include <openssl/rand.h>
#endif
+#endif
#if defined(G)
#if defined(HAVE_PNG_H)