8 files changed, 560 insertions, 0 deletions
diff --git a/network/elinks/patches/0001-gopher_html_links.patch b/network/elinks/patches/0001-gopher_html_links.patch
new file mode 100644
index 000000000000..c9ab73856da7
--- /dev/null
+++ b/network/elinks/patches/0001-gopher_html_links.patch
@@ -0,0 +1,40 @@
+################################################################
+# There is a problem that html links that contain URL:htpp://...
+# aren't being followed. This fixes that issue and also chtml.
+# Normally those kind of links go to a redirect page that the
+# server generates, which then sends you on your way.
+# dave@dawoodfall.net
+###############################################################
+diff -Naur a/src/protocol/gopher/gopher.c b/src/protocol/gopher/gopher.c
+--- a/src/protocol/gopher/gopher.c	2013-12-18 15:38:57.000000000 +0000
++++ b/src/protocol/gopher/gopher.c	2017-11-15 23:10:19.758394411 +0000
+@@ -277,6 +277,10 @@
+ 	struct string command;
+ 	enum gopher_entity entity = DEFAULT_GOPHER_ENTITY;
+ 	unsigned char *selector = conn->uri->data;
++	unsigned char *URI = "hURI%3";
++	unsigned char *URL = "hURL%3";
++	unsigned char *CURI = "HURI%3";
++	unsigned char *CURL = "HURL%3";
+ 	int selectorlen = conn->uri->datalen;
+ 	struct gopher_entity_info *entity_info;
+ 	size_t size;
+@@ -288,6 +292,18 @@
+ 		selectorlen--;
+ 	}
+ 
++	if(strstr(selector, URL) != NULL || strstr(selector, URI) != NULL) {
++		entity = GOPHER_HTML;
++		*selector++;
++		selectorlen--;
++	}
++
++	if(strstr(selector, CURL) != NULL || strstr(selector, CURI) != NULL) {
++		entity = GOPHER_CHTML;
++		*selector++;
++		selectorlen--;
++	}
++
+ 	/* This is probably a hack. It serves as a work around when no entity is
+ 	 * available in the Gopher URI. Instead of segfaulting later the content
+ 	 * will be served as application/octet-stream. However, it could
diff --git a/network/elinks/patches/0002-gopher_index_queries.patch b/network/elinks/patches/0002-gopher_index_queries.patch
new file mode 100644
index 000000000000..ab970f60f7f6
--- /dev/null
+++ b/network/elinks/patches/0002-gopher_index_queries.patch
@@ -0,0 +1,120 @@
+#######################################################################
+# elinks by default generates its own search query form when it sees
+# a type 7 index entity. The problem is that it didn't read the
+# served results page and instead generated another search page after
+# you had entered the first. This patch fixes that and in my tests it
+# seems to work so far.
+# dave@dawoodfall.net
+#######################################################################
+diff -Naur a/src/protocol/gopher/gopher.c b/src/protocol/gopher/gopher.c
+--- a/src/protocol/gopher/gopher.c	2017-11-24 19:12:52.495714437 +0000
++++ b/src/protocol/gopher/gopher.c	2017-11-30 12:56:38.872336516 +0000
+@@ -43,6 +43,34 @@
+ #include "util/memory.h"
+ #include "util/string.h"
+ 
++#ifdef HAVE_FCNTL_H
++#include <fcntl.h> /* OS/2 needs this after sys/types.h */
++#endif
++
++/* To enable logging for debugging purposes. */
++#if 0
++
++#define LOGFILE "/tmp/log"
++
++static void
++debug_log(unsigned char *data,  int NL)
++{
++	int fd = open(LOGFILE, O_WRONLY | O_APPEND | O_CREAT, 0622);
++
++	if (fd == -1) return;
++
++	set_bin(fd);
++	write(fd, data, strlen(data));
++    if (NL)
++        write(fd, "\n", 1);
++	close(fd);
++}
++#undef LOGFILE
++
++#else
++#define debug_log(data, len)
++#endif
++
+ struct module gopher_protocol_module = struct_module(
+ 	/* name: */		N_("Gopher"),
+ 	/* options: */		NULL,
+@@ -219,23 +247,31 @@
+ 		if (query) selectorlen -= 1;
+ 		query = NULL;
+ 		querylen = 0;
+-	} else {
+-		query += 1;
++	} else if (entity == GOPHER_INDEX) {
++        /* fix query size to not include the seach= part */
++		query += 8;
+ 		querylen = selector + selectorlen - query;
+ 		/* Exclude '?' */
+-		selectorlen -= querylen + 1;
++        /* fix selector length to fit with query */
++		selectorlen -= querylen + 8;
+ 		if (querylen >= 7 && !c_strncasecmp(query, "search=", 7)) {
+ 			query	 += 7;
+ 			querylen -= 7;
+ 		}
++		debug_log("selector:", 1);
++		debug_log(selector, 1);
++		debug_log("query:", 1);
++		debug_log(query, 1);
+ 	}
+ 
+ 	switch (entity) {
+ 	case GOPHER_INDEX:
+ 		/* No search required? */
++        /* Don't display the form page */
+ 		if (!query) {
+ 			done_string(command);
+-			return init_gopher_index_cache_entry(conn);
++			add_uri_decoded(command, selector, selectorlen, 0);
++			break;
+ 		}
+ 
+ 		add_uri_decoded(command, selector, selectorlen, 0);
+@@ -343,6 +379,10 @@
+ 	gopher->entity = entity_info;
+ 	gopher->commandlen = command.length;
+ 
++debug_log("439 gopher->entity:", 1);
++debug_log(gopher->entity, 1);
++debug_log("437 command.source:", 1);
++debug_log(command.source, 1);
+ 	memcpy(gopher->command, command.source, command.length);
+ 	done_string(&command);
+ 
+@@ -377,7 +417,7 @@
+ 		"<td>            </td>"
+ 		"<td>%s:</td>"
+ 		"<td><input maxlength=\"256\" name=\"search\" value=\"\"></td>"
+-		"<td><input type=submit value=\"Search\"></td>"
++		"<td><input type=submit value=\"Submit\"></td>"
+ 		"</table>"
+ 		"</form>",
+ 		addr, text);
+@@ -726,7 +766,8 @@
+ 	/* Now read the data from the socket */
+ 	switch (gopher->entity->type) {
+ 	case GOPHER_DIRECTORY:
+-	case GOPHER_INDEX:
++/* Don't do directory list for cgi output (7)
++	case GOPHER_INDEX: */
+ 		state = read_gopher_directory_data(conn, rb);
+ 		break;
+ 
+@@ -738,6 +779,7 @@
+ 		state = connection_state(S_GOPHER_CSO_ERROR);
+ 		break;
+ 
++	case GOPHER_INDEX:
+ 	case GOPHER_SOUND:
+ 	case GOPHER_PLUS_SOUND:
+ 	case GOPHER_PLUS_MOVIE:
diff --git a/network/elinks/patches/0003-gopher_directory_links.patch b/network/elinks/patches/0003-gopher_directory_links.patch
new file mode 100644
index 000000000000..dc80ef372854
--- /dev/null
+++ b/network/elinks/patches/0003-gopher_directory_links.patch
@@ -0,0 +1,61 @@
+#######################################################################
+# elinks does not follow links to directories on other servers
+# properly. This adds a '/' before the '1' at the start of a link and 
+# removes any trailing 1.
+# dave@dawoodfall.net
+#######################################################################
+diff -Naur a/src/protocol/gopher/gopher.c b/src/protocol/gopher/gopher.c
+--- a/src/protocol/gopher/gopher.c	2017-12-17 01:54:27.941645180 +0000
++++ b/src/protocol/gopher/gopher.c	2017-12-17 21:52:05.072454433 +0000
+@@ -317,6 +317,9 @@
+ 	unsigned char *URL = "hURL%3";
+ 	unsigned char *CURI = "HURI%3";
+ 	unsigned char *CURL = "HURL%3";
++	unsigned char *DIR = "1";
++	unsigned char *SLASHDIR = "/1";
++	unsigned char *SLASHPOS;
+ 	int selectorlen = conn->uri->datalen;
+ 	struct gopher_entity_info *entity_info;
+ 	size_t size;
+@@ -354,6 +357,26 @@
+ 		selectorlen++;
+ 	}
+ 
++	if (entity_info->type == '1')
++	{
++		if (strstr(selector, DIR) == selector)
++		{
++			*selector++;
++			selectorlen--;
++		}
++		else
++		{
++			SLASHPOS = strstr(selector, SLASHDIR);
++			if (SLASHPOS != NULL)
++			{
++				if (strlen(SLASHPOS) == 2)
++				{
++					selectorlen--;
++				}
++			}
++		}
++	}
++
+ 	state = add_gopher_command(conn, &command, entity, selector, selectorlen);
+ 	if (!is_in_state(state, S_CONN))
+ 		return state;
+@@ -379,10 +402,10 @@
+ 	gopher->entity = entity_info;
+ 	gopher->commandlen = command.length;
+ 
+-debug_log("439 gopher->entity:", 1);
+-debug_log(gopher->entity, 1);
+-debug_log("437 command.source:", 1);
+-debug_log(command.source, 1);
++	debug_log("439 gopher->entity: ", 0);
++	debug_log(gopher->entity, 1);
++	debug_log("437 command.source: ", 0);
++	debug_log(command.source, 1);
+ 	memcpy(gopher->command, command.source, command.length);
+ 	done_string(&command);
+ 
diff --git a/network/elinks/patches/0004-ssl_cert_verify.patch b/network/elinks/patches/0004-ssl_cert_verify.patch
new file mode 100644
index 000000000000..4629da564a6e
--- /dev/null
+++ b/network/elinks/patches/0004-ssl_cert_verify.patch
@@ -0,0 +1,161 @@
+##############################################################################
+# elinks does not verify ssl host names with openssl
+# This is a modifed version of the patch here that fixes that issue:
+# http://lists.linuxfromscratch.org/pipermail/elinks-dev/2015-June/002099.html
+# This patch turns on verification by default, and differentiates
+# between host verification fail and normal SSL errors.
+# dave@dawoodfall.net
+##############################################################################
+--- a/configure.in	2017-12-21 15:58:12.470247050 +0000
++++ b/configure.in	2017-12-21 16:10:27.406938487 +0000
+@@ -1132,6 +1132,9 @@
+ fi
+ 
+ AC_MSG_RESULT($cf_result)
++if test "$cf_result" = yes; then
++	AC_CHECK_FUNCS(X509_VERIFY_PARAM_set1_host)
++fi
+ 
+ # ---- GNU TLS
+ 
+diff -Naur a/src/network/ssl/socket.c b/src/network/ssl/socket.c
+--- a/src/network/ssl/socket.c	2017-12-21 15:58:12.553249389 +0000
++++ b/src/network/ssl/socket.c	2017-12-21 16:11:47.532190591 +0000
+@@ -7,6 +7,9 @@
+ #ifdef CONFIG_OPENSSL
+ #include <openssl/ssl.h>
+ #include <openssl/x509v3.h>
++#ifdef HAVE_X509_VERIFY_PARAM_SET1_HOST
++#include <openssl/x509_vfy.h>
++#endif
+ #define USE_OPENSSL
+ #elif defined(CONFIG_NSS_COMPAT_OSSL)
+ #include <nss_compat_ossl/nss_compat_ossl.h>
+@@ -168,6 +171,30 @@
+ 
+ #ifdef USE_OPENSSL
+ 
++#ifdef HAVE_X509_VERIFY_PARAM_SET1_HOST
++/* activate the OpenSSL-provided host name check */
++static int
++ossl_set_hostname(void *ssl, unsigned char *server_name)
++{
++	int ret = -1;
++
++	X509_VERIFY_PARAM *vpm = X509_VERIFY_PARAM_new();
++	if (vpm) {
++		if (X509_VERIFY_PARAM_set1_host(vpm, (char *) server_name, 0)
++				&& SSL_set1_param(ssl, vpm))
++		{
++			/* successfully activated the OpenSSL host name check */
++			ret = 0;
++		}
++
++		X509_VERIFY_PARAM_free(vpm);
++	}
++
++	return ret;
++}
++
++#else /* HAVE_X509_VERIFY_PARAM_SET1_HOST */
++
+ /** Checks whether the host component of a URI matches a host name in
+  * the server certificate.
+  *
+@@ -360,6 +387,7 @@
+ 	mem_free(host_in_uri);
+ 	return matched;
+ }
++#endif	/* HAVE_X509_VERIFY_PARAM_SET1_HOST */
+ 
+ #endif	/* USE_OPENSSL */
+ 
+@@ -389,7 +417,10 @@
+ 
+ 		default:
+ 			socket->no_tls = !socket->no_tls;
+-			socket->ops->retry(socket, connection_state(S_SSL_ERROR));
++			if (SSL_VERIFY_FAIL_IF_NO_PEER_CERT != NULL)
++				socket->ops->retry(socket, connection_state(S_SSL_CERTFAIL));
++			else
++				socket->ops->retry(socket, connection_state(S_SSL_ERROR));
+ 	}
+ }
+ 
+@@ -400,6 +431,9 @@
+ 	int ret;
+ 	unsigned char *server_name;
+ 	struct connection *conn = socket->conn;
++#ifdef USE_OPENSSL
++	int (*verify_callback_ptr)(int, X509_STORE_CTX *);
++#endif	/* USE_OPENSSL */
+ 
+ 	/* TODO: Recode server_name to UTF-8.  */
+ 	server_name = get_uri_string(conn->proxied_uri, URI_HOST);
+@@ -418,6 +452,23 @@
+ 		return -1;
+ 	}
+ 
++#ifdef USE_OPENSSL
++#ifdef HAVE_X509_VERIFY_PARAM_SET1_HOST
++	/* activate the OpenSSL-provided host name check */
++	if (ossl_set_hostname(socket->ssl, server_name)) {
++		mem_free_if(server_name);
++		socket->ops->done(socket, connection_state(S_SSL_ERROR));
++		return -1;
++	}
++
++	/* verify_callback() is not needed with X509_VERIFY_PARAM_set1_host() */
++	verify_callback_ptr = NULL;
++#else
++	/* use our own callback implementing the host name check */
++	verify_callback_ptr = verify_callback;
++#endif
++#endif	/* USE_OPENSSL */
++
+ 	mem_free_if(server_name);
+ 
+ 	if (socket->no_tls)
+@@ -429,7 +480,7 @@
+ 	if (get_opt_bool("connection.ssl.cert_verify", NULL))
+ 		SSL_set_verify(socket->ssl, SSL_VERIFY_PEER
+ 					  | SSL_VERIFY_FAIL_IF_NO_PEER_CERT,
+-			       verify_callback);
++			       verify_callback_ptr);
+ 
+ 	if (get_opt_bool("connection.ssl.client_cert.enable", NULL)) {
+ 		unsigned char *client_cert;
+diff -Naur a/src/network/ssl/ssl.c b/src/network/ssl/ssl.c
+--- a/src/network/ssl/ssl.c	2017-12-21 15:58:12.553249389 +0000
++++ b/src/network/ssl/ssl.c	2017-12-21 16:11:03.378949490 +0000
+@@ -109,7 +109,7 @@
+ 
+ static union option_info openssl_options[] = {
+ 	INIT_OPT_BOOL("connection.ssl", N_("Verify certificates"),
+-		"cert_verify", 0, 0,
++		"cert_verify", 0, 1,
+ 		N_("Verify the peer's SSL certificate. Note that this "
+ 		"needs extensive configuration of OpenSSL by the user.")),
+ 
+diff -Naur a/src/network/state.c b/src/network/state.c
+--- a/src/network/state.c	2017-12-21 15:58:12.553249389 +0000
++++ b/src/network/state.c	2017-12-21 16:10:20.579746621 +0000
+@@ -88,6 +88,7 @@
+ 
+ #ifdef CONFIG_SSL
+ 	{S_SSL_ERROR,		N_("SSL error")},
++	{S_SSL_CERTFAIL,		N_("SSL Host Verification Failed.")},
+ #else
+ 	{S_SSL_ERROR,		N_("This version of ELinks does not contain SSL/TLS support")},
+ #endif
+diff -Naur a/src/network/state.h b/src/network/state.h
+--- a/src/network/state.h	2017-12-21 15:58:12.553249389 +0000
++++ b/src/network/state.h	2017-12-21 16:10:03.057254202 +0000
+@@ -67,6 +67,7 @@
+ 	S_ENCODE_ERROR		= -100017,
+ 	S_SSL_ERROR		= -100018,
+ 	S_NO_FORCED_DNS		= -100019,
++	S_SSL_CERTFAIL		= -100020,
+ 
+ 	S_HTTP_ERROR		= -100100,
+ 	S_HTTP_204		= -100101,
diff --git a/network/elinks/patches/0005-gopher_newlines_tabs_entity.patch b/network/elinks/patches/0005-gopher_newlines_tabs_entity.patch
new file mode 100644
index 000000000000..f93b0d543140
--- /dev/null
+++ b/network/elinks/patches/0005-gopher_newlines_tabs_entity.patch
@@ -0,0 +1,87 @@
+#####################################################################
+# Some fixes for having line feeds in text without a carriage return.
+# Make sure that only lines with tabs are treated as links.
+# Support links that don't begin with a '/'.
+#####################################################################
+diff -Naur a/src/protocol/gopher/gopher.c b/src/protocol/gopher/gopher.c
+--- a/src/protocol/gopher/gopher.c	2017-12-28 15:08:54.310546900 +0000
++++ b/src/protocol/gopher/gopher.c	2017-12-28 20:26:00.635193897 +0000
+@@ -326,7 +326,7 @@
+ 
+ 	/* Get entity type, and selector string. */
+ 	/* Pick up gopher_entity */
+-	if (selectorlen > 1 && selector[1] == '/') {
++	if (selectorlen > 1) {
+ 		entity = *selector++;
+ 		selectorlen--;
+ 	}
+@@ -357,8 +357,7 @@
+ 		selectorlen++;
+ 	}
+ 
+-	if (entity_info->type == '1')
+-	{
++	if (entity_info->type == '1') {
+ 		if (strstr(selector, DIR) == selector)
+ 		{
+ 			*selector++;
+@@ -402,9 +401,9 @@
+ 	gopher->entity = entity_info;
+ 	gopher->commandlen = command.length;
+ 
+-	debug_log("439 gopher->entity: ", 0);
++	debug_log("404 gopher->entity: ", 0);
+ 	debug_log(gopher->entity, 1);
+-	debug_log("437 command.source: ", 0);
++	debug_log("406 command.source: ", 0);
+ 	debug_log(command.source, 1);
+ 	memcpy(gopher->command, command.source, command.length);
+ 	done_string(&command);
+@@ -486,6 +485,7 @@
+ 	unsigned char *host = NULL;
+ 	unsigned char *port = NULL;
+ 	enum gopher_entity entity = *name++;
++	int link = 0;
+ 
+ 	if (!entity) {
+ 		add_char_to_string(buffer, '\n');
+@@ -495,6 +495,7 @@
+ 	if (*name) {
+ 		selector = strchr(name, ASCII_TAB);
+ 		if (selector) {
++			link = 1;
+ 			/* Terminate name */
+ 			*selector++ = '\0';
+ 
+@@ -565,7 +566,7 @@
+ 	switch (entity) {
+ 	case GOPHER_WWW:
+ 		/* Gopher pointer to W3 */
+-		if (selector) {
++		if (selector && link == 1) {
+ 			add_gopher_link(buffer, name, selector);
+ 			break;
+ 		}
+@@ -617,7 +618,8 @@
+ 
+ 		} else if (address.length > 0
+ 			   && strlcmp(address.source, address.length - 1,
+-				      "gopher://error.host:1/", -1)) {
++				      "gopher://error.host:1/", -1)
++				 && link == 1) {
+ 			add_gopher_link(buffer, name, address.source);
+ 
+ 		} else {
+@@ -639,6 +641,12 @@
+ 	for (; datalen > 1; data++, datalen--)
+ 		if (data[0] == ASCII_CR && data[1] == ASCII_LF)
+ 			return data + 2;
++		else
++			if(data[0] == ASCII_CR)
++				return data + 2;
++		else
++			if(data[0] == ASCII_LF)
++				return data + 2;
+ 
+ 	return NULL;
+ }
diff --git a/network/elinks/patches/0006-indexes_nocr.patch b/network/elinks/patches/0006-indexes_nocr.patch
new file mode 100644
index 000000000000..5c68cee8caa9
--- /dev/null
+++ b/network/elinks/patches/0006-indexes_nocr.patch
@@ -0,0 +1,62 @@
+#######################################################################
+# Fixes index listings with only LF and no CRs.
+# dave@dawoodfall.net
+#######################################################################
+diff -Naur a/src/protocol/gopher/gopher.c b/src/protocol/gopher/gopher.c
+--- a/src/protocol/gopher/gopher.c	2017-12-29 17:14:24.247093626 +0000
++++ b/src/protocol/gopher/gopher.c	2017-12-29 17:12:08.496272595 +0000
+@@ -638,15 +638,16 @@
+ static unsigned char *
+ get_gopher_line_end(unsigned char *data, int datalen)
+ {
+-	for (; datalen > 1; data++, datalen--)
+-		if (data[0] == ASCII_CR && data[1] == ASCII_LF)
++	for (; datalen > 1; data++, datalen--) {
++		if (data[0] == ASCII_CR && data[1] == ASCII_LF)
+ 			return data + 2;
+ 		else
+ 			if(data[0] == ASCII_CR)
+-				return data + 2;
+-		else
+-			if(data[0] == ASCII_LF)
+-				return data + 2;
++				return data + 1;
++			else
++				if(data[0] == ASCII_LF)
++					return data + 1;
++	}
+ 
+ 	return NULL;
+ }
+@@ -796,9 +797,21 @@
+ 
+ 	/* Now read the data from the socket */
+ 	switch (gopher->entity->type) {
++	case GOPHER_INDEX:
++		/* Lines with no carriage returns */
++		if (strchr(rb->data, ASCII_CR) == NULL) {
++			unsigned char *tmp;
++			tmp = malloc(rb->length + 3);
++			memcpy(tmp, "i", 1);
++			memcpy(tmp+1, rb->data, rb->length);
++			tmp[rb->length]= '\r';
++			tmp[rb->length+1]= '\n';
++			rb->length+=3;
++			memcpy(rb->data, tmp, rb->length);
++			free(tmp);
++		}
++
+ 	case GOPHER_DIRECTORY:
+-/* Don't do directory list for cgi output (7)
+-	case GOPHER_INDEX: */
+ 		state = read_gopher_directory_data(conn, rb);
+ 		break;
+ 
+@@ -810,7 +823,6 @@
+ 		state = connection_state(S_GOPHER_CSO_ERROR);
+ 		break;
+ 
+-	case GOPHER_INDEX:
+ 	case GOPHER_SOUND:
+ 	case GOPHER_PLUS_SOUND:
+ 	case GOPHER_PLUS_MOVIE:
diff --git a/network/elinks/patches/0007-move_null.patch b/network/elinks/patches/0007-move_null.patch
new file mode 100644
index 000000000000..9d8037cc378c
--- /dev/null
+++ b/network/elinks/patches/0007-move_null.patch
@@ -0,0 +1,16 @@
+###################################################################
+# Move the added null terminator one char forwards
+# dave@dawoodfall.net
+###################################################################
+diff --exclude .git -Naur a/src/protocol/gopher/gopher.c b/src/protocol/gopher/gopher.c
+--- a/src/protocol/gopher/gopher.c	2017-12-29 17:15:39.521209968 +0000
++++ b/src/protocol/gopher/gopher.c	2018-01-17 05:46:45.660258482 +0000
+@@ -658,7 +658,7 @@
+ 	assert(line < end);
+ 
+ 	/* Just to be safe NUL terminate the line */
+-	end[-2] = 0;
++	end[-1] = 0;
+ 
+ 	return line[0] == '.' && !line[1] ? NULL : line;
+ }
diff --git a/network/elinks/patches/0010-fix-lib-path.patch b/network/elinks/patches/0010-fix-lib-path.patch
new file mode 100644
index 000000000000..2cdee67fbdc1
--- /dev/null
+++ b/network/elinks/patches/0010-fix-lib-path.patch
@@ -0,0 +1,13 @@
+diff -Naur a/configure.in b/configure.in
+--- a/configure.in	2013-12-18 15:38:57.000000000 +0000
++++ b/configure.in	2018-09-18 02:42:58.996249845 +0100
+@@ -427,9 +427,6 @@
+ 				CFLAGS="$CFLAGS -I$withval"
+ 				CPPFLAGS="$CPPFLAGS -I$withval"
+ 			fi
+-			if test -d "$withval/lib"; then
+-				LDFLAGS="$LDFLAGS -L$withval/lib"
+-			fi
+ 		fi
+ 
+ 		AC_CHECK_HEADERS([$3], [$1=yes], [$1=no; break;])