Try creating a temp file manually.

1 files changed, 20 insertions, 13 deletions

diff --git a/libressl.patch b/libressl.patch
index d86d449..037d989 100644
--- a/libressl.patch
+++ b/libressl.patch
@@ -102,7 +102,7 @@ index 9f1dd67ec..60e1afe99 100644
  static void tls_xwrite(tls_state_t *tls, int len)
  {
 diff --git a/networking/wget.c b/networking/wget.c
-index 6a64836fb..7c68435c0 100644
+index 6a64836fb..21b8ce649 100644
 --- a/networking/wget.c
 +++ b/networking/wget.c
 @@ -1,4 +1,3 @@
@@ -120,7 +120,7 @@ index 6a64836fb..7c68435c0 100644
  #if ENABLE_FEATURE_WGET_TIMEOUT
         unsigned timeout_seconds;
         smallint die_if_timed_out;
-@@ -460,6 +462,59 @@ static FILE *open_socket(len_and_sockaddr *lsa)
+@@ -460,6 +462,66 @@ static FILE *open_socket(len_and_sockaddr *lsa)
         return fp;
  }
  
@@ -135,7 +135,13 @@ index 6a64836fb..7c68435c0 100644
 +char* gather_certificates(struct tls_config *cfg)
 +{
 +       FILE *pemfile;
++       /*
 +       pemfile = tmpfile();
++       */
++       char *tmpfilename = tmpnam(NULL);
++       if(tmpfilename == NULL)
++               bb_error_msg_and_die("Failed to get a temp file name.");
++       pemfile = fopen(tmpfilename, "w+");
 +       if(pemfile == NULL)
 +               bb_error_msg_and_die("Failed to open pem tempfile: %s", strerror(errno));
 +       HCERTSTORE dstore;
@@ -174,13 +180,14 @@ index 6a64836fb..7c68435c0 100644
 +               bb_error_msg_and_die("Failed to read temp ca pem file");
 +       tls_config_set_ca_mem(cfg, pemmem, pemsize);
 +       fclose(pemfile);
++       DeleteFile(tmpfilename);
 +}
 +#endif
 +
  /* We balk at any control chars in other side's messages.
   * This prevents nasty surprises (e.g. ESC sequences) in "Location:" URLs
   * and error messages.
-@@ -689,6 +744,7 @@ static void reset_beg_range_to_zero(void)
+@@ -689,6 +751,7 @@ static void reset_beg_range_to_zero(void)
  }
  
  #if ENABLE_FEATURE_WGET_OPENSSL
@@ -188,7 +195,7 @@ index 6a64836fb..7c68435c0 100644
  static int spawn_https_helper_openssl(const char *host, unsigned port)
  {
         char *allocated = NULL;
-@@ -698,7 +754,7 @@ static int spawn_https_helper_openssl(const char *host, unsigned port)
+@@ -698,7 +761,7 @@ static int spawn_https_helper_openssl(const char *host, unsigned port)
         IF_FEATURE_WGET_HTTPS(volatile int child_failed = 0;)
  
         if (socketpair(AF_UNIX, SOCK_STREAM, 0, sp) != 0)
@@ -197,7 +204,7 @@ index 6a64836fb..7c68435c0 100644
                 bb_simple_perror_msg_and_die("socketpair");
  
         if (!strchr(host, ':'))
-@@ -709,18 +765,18 @@ static int spawn_https_helper_openssl(const char *host, unsigned port)
+@@ -709,18 +772,18 @@ static int spawn_https_helper_openssl(const char *host, unsigned port)
         fflush_all();
         pid = xvfork();
         if (pid == 0) {
@@ -222,7 +229,7 @@ index 6a64836fb..7c68435c0 100644
                 xmove_fd(2, 3);
                 xopen("/dev/null", O_RDWR);
                 memset(&argv, 0, sizeof(argv));
-@@ -729,18 +785,18 @@ static int spawn_https_helper_openssl(const char *host, unsigned port)
+@@ -729,18 +792,18 @@ static int spawn_https_helper_openssl(const char *host, unsigned port)
                 argv[2] = (char*)"-quiet";
                 argv[3] = (char*)"-connect";
                 argv[4] = (char*)host;
@@ -247,7 +254,7 @@ index 6a64836fb..7c68435c0 100644
                         *argp++ = (char*)"-verify";              //[7]
                         *argp++ = (char*)"100";                  //[8]
                         *argp++ = (char*)"-verify_return_error"; //[9]
-@@ -762,10 +818,10 @@ static int spawn_https_helper_openssl(const char *host, unsigned port)
+@@ -762,10 +825,10 @@ static int spawn_https_helper_openssl(const char *host, unsigned port)
  # else
                 bb_perror_msg_and_die("can't execute '%s'", argv[0]);
  # endif
@@ -260,7 +267,7 @@ index 6a64836fb..7c68435c0 100644
         free(servername);
         free(allocated);
         close(sp[1]);
-@@ -777,6 +833,7 @@ static int spawn_https_helper_openssl(const char *host, unsigned port)
+@@ -777,6 +840,7 @@ static int spawn_https_helper_openssl(const char *host, unsigned port)
  # endif
         return sp[0];
  }
@@ -268,7 +275,7 @@ index 6a64836fb..7c68435c0 100644
  #endif
  
  #if ENABLE_FEATURE_WGET_HTTPS
-@@ -1151,6 +1208,9 @@ static void download_one_url(const char *url)
+@@ -1151,6 +1215,9 @@ static void download_one_url(const char *url)
         server.user = NULL;
         target.user = NULL;
  
@@ -278,7 +285,7 @@ index 6a64836fb..7c68435c0 100644
         parse_url(url, &target);
  
         /* Use the proxy if necessary */
-@@ -1234,22 +1294,39 @@ static void download_one_url(const char *url)
+@@ -1234,22 +1301,39 @@ static void download_one_url(const char *url)
                         /* openssl-based helper
                          * Inconvenient API since we can't give it an open fd
                          */
@@ -328,7 +335,7 @@ index 6a64836fb..7c68435c0 100644
   socket_opened:
  #elif ENABLE_FEATURE_WGET_HTTPS
                 /* Only internal TLS support is configured */
-@@ -1353,7 +1430,39 @@ static void download_one_url(const char *url)
+@@ -1353,7 +1437,39 @@ static void download_one_url(const char *url)
                         shutdown(fileno(sfp), SHUT_WR);
                 }
  #endif
@@ -369,7 +376,7 @@ index 6a64836fb..7c68435c0 100644
                 /*
                  * Retrieve HTTP response line and check for "200" status code.
                  */
-@@ -1536,6 +1645,8 @@ However, in real world it was observed that some web servers
+@@ -1536,6 +1652,8 @@ However, in real world it was observed that some web servers
                 /* ftpcmd("QUIT", NULL, sfp); - why bother? */
         }
  #endif
@@ -378,7 +385,7 @@ index 6a64836fb..7c68435c0 100644
         fclose(sfp);
  
         free(server.allocated);
-@@ -1691,9 +1802,17 @@ IF_DESKTOP(      "no-parent\0"        No_argument       "\xf0")
+@@ -1691,9 +1809,17 @@ IF_DESKTOP(      "no-parent\0"        No_argument       "\xf0")
                 }
         }