From 03794dc2087785e630e5e8c9b226312631ff812a Mon Sep 17 00:00:00 2001
From: DeckerSU <support@decker.su>
Date: Fri, 19 Apr 2019 21:57:10 +0300
Subject: [PATCH 1/5] first approach to get HTTPS in libcurl work

1. libcurl.mk now changed to build against static openssl from deps.
2. but, it won't work with openssl 1.1.1a, bcz of SSL: couldn't create a context: error:00000000:lib(0):func(0):reason(0)	,
so, in test i decided to upgrade openssl to 1.1.1b.
3. original openssl.mk was with many disabled features, i enable all of them,
of course it's don't needed and we need to leave only SSL/TLS things enabled
in OpenSSL build.
4. probably i broke something in Windows and MacOS build.

This commit is only first approach to continue work.
---
 depends/packages/libcurl.mk  | 23 +++++++++---
 depends/packages/openssl.mk  | 72 +-----------------------------------
 depends/packages/packages.mk |  2 +-
 3 files changed, 21 insertions(+), 76 deletions(-)

diff --git a/depends/packages/libcurl.mk b/depends/packages/libcurl.mk
index 642fc066d..1ce0a9161 100644
--- a/depends/packages/libcurl.mk
+++ b/depends/packages/libcurl.mk
@@ -1,9 +1,10 @@
 package=libcurl
-$(package)_version=7.54.0
+$(package)_version=7.64.1
+$(package)_dependencies=openssl
 $(package)_download_path=https://curl.haxx.se/download
 $(package)_file_name=curl-$($(package)_version).tar.gz
-$(package)_sha256_hash=a84b635941c74e26cce69dd817489bec687eb1f230e7d1897fc5b5f108b59adf
-$(package)_config_opts_linux=--disable-shared --enable-static --prefix=$(host_prefix)
+$(package)_sha256_hash=432d3f466644b9416bc5b649d344116a753aeaa520c8beaf024a90cba9d3d35d
+$(package)_config_opts_linux=--disable-shared --enable-static --prefix=$(host_prefix) --host=x86_64-unknown-linux-gnu
 $(package)_config_opts_mingw32=--enable-mingw --disable-shared --enable-static --prefix=$(host_prefix) --host=x86_64-w64-mingw32
 $(package)_config_opts_darwin=--disable-shared --enable-static --prefix=$(host_prefix)
 $(package)_cflags_darwin=-mmacosx-version-min=10.9
@@ -15,11 +16,21 @@ define $(package)_set_vars
 endef
 endif
 
-define $(package)_config_cmds
-  $($(package)_conf_tool) $($(package)_config_opts)
+ifeq ($(build_os),linux)
+define $(package)_set_vars
+  $(package)_config_env=LD_LIBRARY_PATH="$(host_prefix)/lib" PKG_CONFIG_LIBDIR="$(host_prefix)/lib/pkgconfig" CPPFLAGS="-I$(host_prefix)/include" LDFLAGS="-L$(host_prefix)/lib"
 endef
+endif
 
 
+define $(package)_config_cmds
+  echo '=== config for $(package):' && \
+  echo '$($(package)_config_env) $($(package)_conf_tool) $($(package)_config_opts)' && \
+  sleep 10 && \
+  echo '=== ' && \
+  $($(package)_config_env) $($(package)_conf_tool) $($(package)_config_opts) 
+endef
+
 ifeq ($(build_os),darwin)
 define $(package)_build_cmds
   $(MAKE) CPPFLAGS='-fPIC' CFLAGS='-mmacosx-version-min=10.9'
@@ -31,5 +42,7 @@ endef
 endif
 
 define $(package)_stage_cmds
+  echo 'Staging dir: $($(package)_staging_dir)$(host_prefix)/' && \
+  sleep 10 && \
   $(MAKE) DESTDIR=$($(package)_staging_dir) install
 endef
diff --git a/depends/packages/openssl.mk b/depends/packages/openssl.mk
index e378088e6..96908e151 100644
--- a/depends/packages/openssl.mk
+++ b/depends/packages/openssl.mk
@@ -1,81 +1,13 @@
 package=openssl
-$(package)_version=1.1.1a
+$(package)_version=1.1.1b
 $(package)_download_path=https://www.openssl.org/source
 $(package)_file_name=$(package)-$($(package)_version).tar.gz
-$(package)_sha256_hash=fc20130f8b7cbd2fb918b2f14e2f429e109c31ddd0fb38fc5d71d9ffed3f9f41
+$(package)_sha256_hash=5c557b023230413dfb0756f3137a13e6d726838ccd1430888ad15bfb2b43ea4b
 
 define $(package)_set_vars
 $(package)_config_env=AR="$($(package)_ar)" RANLIB="$($(package)_ranlib)" CC="$($(package)_cc)"
 $(package)_config_opts=--prefix=$(host_prefix) --openssldir=$(host_prefix)/etc/openssl
-$(package)_config_opts+=no-afalgeng
-$(package)_config_opts+=no-asm
-$(package)_config_opts+=no-async
-$(package)_config_opts+=no-bf
-$(package)_config_opts+=no-blake2
-$(package)_config_opts+=no-camellia
-$(package)_config_opts+=no-capieng
-$(package)_config_opts+=no-cast
-$(package)_config_opts+=no-chacha
-$(package)_config_opts+=no-cmac
-$(package)_config_opts+=no-cms
-$(package)_config_opts+=no-comp
-$(package)_config_opts+=no-crypto-mdebug
-$(package)_config_opts+=no-crypto-mdebug-backtrace
-$(package)_config_opts+=no-ct
-$(package)_config_opts+=no-des
-$(package)_config_opts+=no-dgram
-$(package)_config_opts+=no-dsa
-$(package)_config_opts+=no-dso
-$(package)_config_opts+=no-dtls
-$(package)_config_opts+=no-dtls1
-$(package)_config_opts+=no-dtls1-method
-$(package)_config_opts+=no-dynamic-engine
-$(package)_config_opts+=no-ec2m
-$(package)_config_opts+=no-ec_nistp_64_gcc_128
-$(package)_config_opts+=no-egd
-$(package)_config_opts+=no-engine
-$(package)_config_opts+=no-err
-$(package)_config_opts+=no-gost
-$(package)_config_opts+=no-heartbeats
-$(package)_config_opts+=no-idea
-$(package)_config_opts+=no-md2
-$(package)_config_opts+=no-md4
-$(package)_config_opts+=no-mdc2
-$(package)_config_opts+=no-multiblock
-$(package)_config_opts+=no-nextprotoneg
-$(package)_config_opts+=no-ocb
-$(package)_config_opts+=no-ocsp
-$(package)_config_opts+=no-poly1305
-$(package)_config_opts+=no-posix-io
-$(package)_config_opts+=no-psk
-$(package)_config_opts+=no-rc2
-$(package)_config_opts+=no-rc4
-$(package)_config_opts+=no-rc5
-$(package)_config_opts+=no-rdrand
-$(package)_config_opts+=no-rfc3779
-$(package)_config_opts+=no-rmd160
-$(package)_config_opts+=no-scrypt
-$(package)_config_opts+=no-sctp
-$(package)_config_opts+=no-seed
 $(package)_config_opts+=no-shared
-$(package)_config_opts+=no-sock
-$(package)_config_opts+=no-srp
-$(package)_config_opts+=no-srtp
-$(package)_config_opts+=no-ssl
-$(package)_config_opts+=no-ssl3
-$(package)_config_opts+=no-ssl3-method
-$(package)_config_opts+=no-ssl-trace
-$(package)_config_opts+=no-stdio
-$(package)_config_opts+=no-tls
-$(package)_config_opts+=no-tls1
-$(package)_config_opts+=no-tls1-method
-$(package)_config_opts+=no-ts
-$(package)_config_opts+=no-ui
-$(package)_config_opts+=no-unit-test
-$(package)_config_opts+=no-weak-ssl-ciphers
-$(package)_config_opts+=no-whirlpool
-$(package)_config_opts+=no-zlib
-$(package)_config_opts+=no-zlib-dynamic
 $(package)_config_opts+=$($(package)_cflags) $($(package)_cppflags)
 $(package)_config_opts+=-DPURIFY
 $(package)_config_opts_linux=-fPIC -Wa,--noexecstack
diff --git a/depends/packages/packages.mk b/depends/packages/packages.mk
index 5bc8fcda6..e29c62580 100644
--- a/depends/packages/packages.mk
+++ b/depends/packages/packages.mk
@@ -47,7 +47,7 @@ native_packages := native_ccache
 wallet_packages=bdb
 
 ifeq ($(host_os),linux)
-	packages := boost openssl libevent zeromq $(zcash_packages) googletest #googlemock
+	packages := boost openssl libevent zeromq $(zcash_packages) googletest libcurl #googlemock
 else
 	packages := boost openssl libevent zeromq $(zcash_packages) libcurl googletest #googlemock
 endif

From 2f19aeaa4adab8c5462b76ef65f93e0fd1c0e204 Mon Sep 17 00:00:00 2001
From: DeckerSU <support@decker.su>
Date: Fri, 19 Apr 2019 22:01:54 +0300
Subject: [PATCH 2/5] + debug (ssl and curl version printout)

---
 src/komodo_bitcoind.h | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/src/komodo_bitcoind.h b/src/komodo_bitcoind.h
index bb5a093d3..92943089a 100644
--- a/src/komodo_bitcoind.h
+++ b/src/komodo_bitcoind.h
@@ -206,8 +206,11 @@ try_again:
 
     if ( strncmp(url,"https",5) == 0 )
     {
-        curl_easy_setopt(curl_handle,CURLOPT_SSL_VERIFYPEER,0);
-        curl_easy_setopt(curl_handle,CURLOPT_SSL_VERIFYHOST,0);
+        
+        /* printf("[ Decker ] SSL: %s\n", curl_version()); */
+        curl_easy_setopt(curl_handle, CURLOPT_SSL_VERIFYPEER, 0L);
+        curl_easy_setopt(curl_handle, CURLOPT_SSL_VERIFYHOST, 0L);
+        //curl_easy_setopt(curl_handle, CURLOPT_VERBOSE, 1L); // this is useful for debug, but seems crash on libcurl/7.64.1 OpenSSL/1.1.1b zlib/1.2.8 librtmp/2.3
     }
     if ( userpass != 0 )
         curl_easy_setopt(curl_handle,CURLOPT_USERPWD,	userpass);

From 1a9f6cb60796f5ee49520c22b2ea332403505ced Mon Sep 17 00:00:00 2001
From: DeckerSU <support@decker.su>
Date: Mon, 22 Apr 2019 20:27:28 +0300
Subject: [PATCH 3/5] return OpenSSL 1.1.1a and applied patch

More info:

- https://github.com/openssl/openssl/issues/7350
- https://github.com/openssl/openssl/commit/f725fe5b4b6504df08e30f5194d321c3025e2336

Without this patch we will get following error:

```
SSL: couldn't create a context: error:00000000:lib(0):func(0):reason(0)
```

during trying to connect HTTPS.
---
 depends/packages/openssl.mk           |   8 +-
 depends/patches/openssl/ssl_fix.patch | 273 ++++++++++++++++++++++++++
 2 files changed, 278 insertions(+), 3 deletions(-)
 create mode 100644 depends/patches/openssl/ssl_fix.patch

diff --git a/depends/packages/openssl.mk b/depends/packages/openssl.mk
index 96908e151..5c689fe0b 100644
--- a/depends/packages/openssl.mk
+++ b/depends/packages/openssl.mk
@@ -1,8 +1,9 @@
 package=openssl
-$(package)_version=1.1.1b
+$(package)_version=1.1.1a
 $(package)_download_path=https://www.openssl.org/source
 $(package)_file_name=$(package)-$($(package)_version).tar.gz
-$(package)_sha256_hash=5c557b023230413dfb0756f3137a13e6d726838ccd1430888ad15bfb2b43ea4b
+$(package)_sha256_hash=fc20130f8b7cbd2fb918b2f14e2f429e109c31ddd0fb38fc5d71d9ffed3f9f41
+$(package)_patches=ssl_fix.patch
 
 define $(package)_set_vars
 $(package)_config_env=AR="$($(package)_ar)" RANLIB="$($(package)_ranlib)" CC="$($(package)_cc)"
@@ -25,7 +26,8 @@ endef
 
 define $(package)_preprocess_cmds
   sed -i.old 's/built on: $date/built on: not available/' util/mkbuildinf.pl && \
-  sed -i.old "s|\"engines\", \"apps\", \"test\"|\"engines\"|" Configure
+  sed -i.old "s|\"engines\", \"apps\", \"test\"|\"engines\"|" Configure && \
+  patch -p1 < $($(package)_patch_dir)/ssl_fix.patch
 endef
 
 define $(package)_config_cmds
diff --git a/depends/patches/openssl/ssl_fix.patch b/depends/patches/openssl/ssl_fix.patch
new file mode 100644
index 000000000..d7f79fed5
--- /dev/null
+++ b/depends/patches/openssl/ssl_fix.patch
@@ -0,0 +1,273 @@
+From f725fe5b4b6504df08e30f5194d321c3025e2336 Mon Sep 17 00:00:00 2001
+From: Matt Caswell <matt@openssl.org>
+Date: Tue, 20 Nov 2018 15:32:55 +0000
+Subject: [PATCH] Fix a RUN_ONCE bug
+
+We have a number of instances where there are multiple "init" functions for
+a single CRYPTO_ONCE variable, e.g. to load config automatically or to not
+load config automatically. Unfortunately the RUN_ONCE mechanism was not
+correctly giving the right return value where an alternative init function
+was being used.
+
+Reviewed-by: Tim Hudson <tjh@openssl.org>
+(Merged from https://github.com/openssl/openssl/pull/7983)
+---
+ crypto/init.c                  | 38 +++++++++-----
+ include/internal/thread_once.h | 92 ++++++++++++++++++++++++++++++++++
+ ssl/ssl_init.c                 |  6 ++-
+ 3 files changed, 121 insertions(+), 15 deletions(-)
+
+diff --git a/crypto/init.c b/crypto/init.c
+index 209d1a483da..f20a12f069a 100644
+--- a/crypto/init.c
++++ b/crypto/init.c
+@@ -177,12 +177,6 @@ DEFINE_RUN_ONCE_STATIC(ossl_init_load_crypto_nodelete)
+ 
+ static CRYPTO_ONCE load_crypto_strings = CRYPTO_ONCE_STATIC_INIT;
+ static int load_crypto_strings_inited = 0;
+-DEFINE_RUN_ONCE_STATIC(ossl_init_no_load_crypto_strings)
+-{
+-    /* Do nothing in this case */
+-    return 1;
+-}
+-
+ DEFINE_RUN_ONCE_STATIC(ossl_init_load_crypto_strings)
+ {
+     int ret = 1;
+@@ -201,6 +195,13 @@ DEFINE_RUN_ONCE_STATIC(ossl_init_load_crypto_strings)
+     return ret;
+ }
+ 
++DEFINE_RUN_ONCE_STATIC_ALT(ossl_init_no_load_crypto_strings,
++                           ossl_init_load_crypto_strings)
++{
++    /* Do nothing in this case */
++    return 1;
++}
++
+ static CRYPTO_ONCE add_all_ciphers = CRYPTO_ONCE_STATIC_INIT;
+ DEFINE_RUN_ONCE_STATIC(ossl_init_add_all_ciphers)
+ {
+@@ -218,6 +219,13 @@ DEFINE_RUN_ONCE_STATIC(ossl_init_add_all_ciphers)
+     return 1;
+ }
+ 
++DEFINE_RUN_ONCE_STATIC_ALT(ossl_init_no_add_all_ciphers,
++                           ossl_init_add_all_ciphers)
++{
++    /* Do nothing */
++    return 1;
++}
++
+ static CRYPTO_ONCE add_all_digests = CRYPTO_ONCE_STATIC_INIT;
+ DEFINE_RUN_ONCE_STATIC(ossl_init_add_all_digests)
+ {
+@@ -235,7 +243,8 @@ DEFINE_RUN_ONCE_STATIC(ossl_init_add_all_digests)
+     return 1;
+ }
+ 
+-DEFINE_RUN_ONCE_STATIC(ossl_init_no_add_algs)
++DEFINE_RUN_ONCE_STATIC_ALT(ossl_init_no_add_all_digests,
++                           ossl_init_add_all_digests)
+ {
+     /* Do nothing */
+     return 1;
+@@ -255,7 +264,7 @@ DEFINE_RUN_ONCE_STATIC(ossl_init_config)
+     config_inited = 1;
+     return 1;
+ }
+-DEFINE_RUN_ONCE_STATIC(ossl_init_no_config)
++DEFINE_RUN_ONCE_STATIC_ALT(ossl_init_no_config, ossl_init_config)
+ {
+ #ifdef OPENSSL_INIT_DEBUG
+     fprintf(stderr,
+@@ -595,8 +604,9 @@ int OPENSSL_init_crypto(uint64_t opts, const OPENSSL_INIT_SETTINGS *settings)
+         return 0;
+ 
+     if ((opts & OPENSSL_INIT_NO_LOAD_CRYPTO_STRINGS)
+-            && !RUN_ONCE(&load_crypto_strings,
+-                         ossl_init_no_load_crypto_strings))
++            && !RUN_ONCE_ALT(&load_crypto_strings,
++                             ossl_init_no_load_crypto_strings,
++                             ossl_init_load_crypto_strings))
+         return 0;
+ 
+     if ((opts & OPENSSL_INIT_LOAD_CRYPTO_STRINGS)
+@@ -604,7 +614,8 @@ int OPENSSL_init_crypto(uint64_t opts, const OPENSSL_INIT_SETTINGS *settings)
+         return 0;
+ 
+     if ((opts & OPENSSL_INIT_NO_ADD_ALL_CIPHERS)
+-            && !RUN_ONCE(&add_all_ciphers, ossl_init_no_add_algs))
++            && !RUN_ONCE_ALT(&add_all_ciphers, ossl_init_no_add_all_ciphers,
++                             ossl_init_add_all_ciphers))
+         return 0;
+ 
+     if ((opts & OPENSSL_INIT_ADD_ALL_CIPHERS)
+@@ -612,7 +623,8 @@ int OPENSSL_init_crypto(uint64_t opts, const OPENSSL_INIT_SETTINGS *settings)
+         return 0;
+ 
+     if ((opts & OPENSSL_INIT_NO_ADD_ALL_DIGESTS)
+-            && !RUN_ONCE(&add_all_digests, ossl_init_no_add_algs))
++            && !RUN_ONCE_ALT(&add_all_digests, ossl_init_no_add_all_digests,
++                             ossl_init_add_all_digests))
+         return 0;
+ 
+     if ((opts & OPENSSL_INIT_ADD_ALL_DIGESTS)
+@@ -624,7 +636,7 @@ int OPENSSL_init_crypto(uint64_t opts, const OPENSSL_INIT_SETTINGS *settings)
+         return 0;
+ 
+     if ((opts & OPENSSL_INIT_NO_LOAD_CONFIG)
+-            && !RUN_ONCE(&config, ossl_init_no_config))
++            && !RUN_ONCE_ALT(&config, ossl_init_no_config, ossl_init_config))
+         return 0;
+ 
+     if (opts & OPENSSL_INIT_LOAD_CONFIG) {
+diff --git a/include/internal/thread_once.h b/include/internal/thread_once.h
+index 224244353ab..e268a959ef3 100644
+--- a/include/internal/thread_once.h
++++ b/include/internal/thread_once.h
+@@ -9,6 +9,20 @@
+ 
+ #include <openssl/crypto.h>
+ 
++/*
++ * DEFINE_RUN_ONCE: Define an initialiser function that should be run exactly
++ * once. It takes no arguments and returns and int result (1 for success or
++ * 0 for failure). Typical usage might be:
++ *
++ * DEFINE_RUN_ONCE(myinitfunc)
++ * {
++ *     do_some_initialisation();
++ *     if (init_is_successful())
++ *         return 1;
++ *
++ *     return 0;
++ * }
++ */
+ #define DEFINE_RUN_ONCE(init)                   \
+     static int init(void);                     \
+     int init##_ossl_ret_ = 0;                   \
+@@ -17,10 +31,30 @@
+         init##_ossl_ret_ = init();              \
+     }                                           \
+     static int init(void)
++
++/*
++ * DECLARE_RUN_ONCE: Declare an initialiser function that should be run exactly
++ * once that has been defined in another file via DEFINE_RUN_ONCE().
++ */
+ #define DECLARE_RUN_ONCE(init)                  \
+     extern int init##_ossl_ret_;                \
+     void init##_ossl_(void);
+ 
++/*
++ * DEFINE_RUN_ONCE_STATIC: Define an initialiser function that should be run
++ * exactly once. This function will be declared as static within the file. It
++ * takes no arguments and returns and int result (1 for success or 0 for
++ * failure). Typical usage might be:
++ *
++ * DEFINE_RUN_ONCE_STATIC(myinitfunc)
++ * {
++ *     do_some_initialisation();
++ *     if (init_is_successful())
++ *         return 1;
++ *
++ *     return 0;
++ * }
++ */
+ #define DEFINE_RUN_ONCE_STATIC(init)            \
+     static int init(void);                     \
+     static int init##_ossl_ret_ = 0;            \
+@@ -30,6 +64,46 @@
+     }                                           \
+     static int init(void)
+ 
++/*
++ * DEFINE_RUN_ONCE_STATIC_ALT: Define an alternative initialiser function. This
++ * function will be declared as static within the file. It takes no arguments
++ * and returns an int result (1 for success or 0 for failure). An alternative
++ * initialiser function is expected to be associated with a primary initialiser
++ * function defined via DEFINE_ONCE_STATIC where both functions use the same
++ * CRYPTO_ONCE object to synchronise. Where an alternative initialiser function
++ * is used only one of the primary or the alternative initialiser function will
++ * ever be called - and that function will be called exactly once. Definitition
++ * of an alternative initialiser function MUST occur AFTER the definition of the
++ * primary initialiser function.
++ *
++ * Typical usage might be:
++ *
++ * DEFINE_RUN_ONCE_STATIC(myinitfunc)
++ * {
++ *     do_some_initialisation();
++ *     if (init_is_successful())
++ *         return 1;
++ *
++ *     return 0;
++ * }
++ *
++ * DEFINE_RUN_ONCE_STATIC_ALT(myaltinitfunc, myinitfunc)
++ * {
++ *     do_some_alternative_initialisation();
++ *     if (init_is_successful())
++ *         return 1;
++ *
++ *     return 0;
++ * }
++ */
++#define DEFINE_RUN_ONCE_STATIC_ALT(initalt, init) \
++    static int initalt(void);                     \
++    static void initalt##_ossl_(void)             \
++    {                                             \
++        init##_ossl_ret_ = initalt();             \
++    }                                             \
++    static int initalt(void)
++
+ /*
+  * RUN_ONCE - use CRYPTO_THREAD_run_once, and check if the init succeeded
+  * @once: pointer to static object of type CRYPTO_ONCE
+@@ -43,3 +117,21 @@
+  */
+ #define RUN_ONCE(once, init)                                            \
+     (CRYPTO_THREAD_run_once(once, init##_ossl_) ? init##_ossl_ret_ : 0)
++
++/*
++ * RUN_ONCE_ALT - use CRYPTO_THREAD_run_once, to run an alternative initialiser
++ *                function and check if that initialisation succeeded
++ * @once:    pointer to static object of type CRYPTO_ONCE
++ * @initalt: alternative initialiser function name that was previously given to
++ *           DEFINE_RUN_ONCE_STATIC_ALT.  This function must return 1 for
++ *           success or 0 for failure.
++ * @init:    primary initialiser function name that was previously given to
++ *           DEFINE_RUN_ONCE_STATIC.  This function must return 1 for success or
++ *           0 for failure.
++ *
++ * The return value is 1 on success (*) or 0 in case of error.
++ *
++ * (*) by convention, since the init function must return 1 on success.
++ */
++#define RUN_ONCE_ALT(once, initalt, init)                               \
++    (CRYPTO_THREAD_run_once(once, initalt##_ossl_) ? init##_ossl_ret_ : 0)
+diff --git a/ssl/ssl_init.c b/ssl/ssl_init.c
+index c0ccb9304a6..96526472c57 100644
+--- a/ssl/ssl_init.c
++++ b/ssl/ssl_init.c
+@@ -134,7 +134,8 @@ DEFINE_RUN_ONCE_STATIC(ossl_init_load_ssl_strings)
+     return 1;
+ }
+ 
+-DEFINE_RUN_ONCE_STATIC(ossl_init_no_load_ssl_strings)
++DEFINE_RUN_ONCE_STATIC_ALT(ossl_init_no_load_ssl_strings,
++                           ossl_init_load_ssl_strings)
+ {
+     /* Do nothing in this case */
+     return 1;
+@@ -207,7 +208,8 @@ int OPENSSL_init_ssl(uint64_t opts, const OPENSSL_INIT_SETTINGS * settings)
+         return 0;
+ 
+     if ((opts & OPENSSL_INIT_NO_LOAD_SSL_STRINGS)
+-        && !RUN_ONCE(&ssl_strings, ossl_init_no_load_ssl_strings))
++        && !RUN_ONCE_ALT(&ssl_strings, ossl_init_no_load_ssl_strings,
++                         ossl_init_load_ssl_strings))
+         return 0;
+ 
+     if ((opts & OPENSSL_INIT_LOAD_SSL_STRINGS)

From 0930945aa0c7db4a990726ee24bfed7b1c8bd04b Mon Sep 17 00:00:00 2001
From: DeckerSU <support@decker.su>
Date: Mon, 22 Apr 2019 20:54:49 +0300
Subject: [PATCH 4/5] remove debug delays in libcurl.mk

---
 depends/packages/libcurl.mk | 2 --
 1 file changed, 2 deletions(-)

diff --git a/depends/packages/libcurl.mk b/depends/packages/libcurl.mk
index 1ce0a9161..71e9803a4 100644
--- a/depends/packages/libcurl.mk
+++ b/depends/packages/libcurl.mk
@@ -26,7 +26,6 @@ endif
 define $(package)_config_cmds
   echo '=== config for $(package):' && \
   echo '$($(package)_config_env) $($(package)_conf_tool) $($(package)_config_opts)' && \
-  sleep 10 && \
   echo '=== ' && \
   $($(package)_config_env) $($(package)_conf_tool) $($(package)_config_opts) 
 endef
@@ -43,6 +42,5 @@ endif
 
 define $(package)_stage_cmds
   echo 'Staging dir: $($(package)_staging_dir)$(host_prefix)/' && \
-  sleep 10 && \
   $(MAKE) DESTDIR=$($(package)_staging_dir) install
 endef

From c4c5746e9c9988de03c506ca02354b580865e8d6 Mon Sep 17 00:00:00 2001
From: DeckerSU <support@decker.su>
Date: Mon, 22 Apr 2019 20:56:25 +0300
Subject: [PATCH 5/5] added config flags to openssl

to make libcurl HTTPS connections work OpenSSL needs to be built
with sock, ssl, tls and des. all other config options can be disabled,
like in ZCash.
---
 depends/packages/openssl.mk | 64 +++++++++++++++++++++++++++++++++++++
 1 file changed, 64 insertions(+)

diff --git a/depends/packages/openssl.mk b/depends/packages/openssl.mk
index 5c689fe0b..c5ac5bb32 100644
--- a/depends/packages/openssl.mk
+++ b/depends/packages/openssl.mk
@@ -8,7 +8,71 @@ $(package)_patches=ssl_fix.patch
 define $(package)_set_vars
 $(package)_config_env=AR="$($(package)_ar)" RANLIB="$($(package)_ranlib)" CC="$($(package)_cc)"
 $(package)_config_opts=--prefix=$(host_prefix) --openssldir=$(host_prefix)/etc/openssl
+$(package)_config_opts+=no-afalgeng
+$(package)_config_opts+=no-asm
+$(package)_config_opts+=no-async
+$(package)_config_opts+=no-bf
+$(package)_config_opts+=no-blake2
+$(package)_config_opts+=no-camellia
+$(package)_config_opts+=no-capieng
+$(package)_config_opts+=no-cast
+$(package)_config_opts+=no-chacha
+$(package)_config_opts+=no-cmac
+$(package)_config_opts+=no-cms
+$(package)_config_opts+=no-comp
+$(package)_config_opts+=no-crypto-mdebug
+$(package)_config_opts+=no-crypto-mdebug-backtrace
+$(package)_config_opts+=no-ct
+$(package)_config_opts+=no-dgram
+$(package)_config_opts+=no-dsa
+$(package)_config_opts+=no-dso
+$(package)_config_opts+=no-dtls
+$(package)_config_opts+=no-dtls1
+$(package)_config_opts+=no-dtls1-method
+$(package)_config_opts+=no-dynamic-engine
+$(package)_config_opts+=no-ec2m
+$(package)_config_opts+=no-ec_nistp_64_gcc_128
+$(package)_config_opts+=no-egd
+$(package)_config_opts+=no-engine
+$(package)_config_opts+=no-err
+$(package)_config_opts+=no-gost
+$(package)_config_opts+=no-heartbeats
+$(package)_config_opts+=no-idea
+$(package)_config_opts+=no-md2
+$(package)_config_opts+=no-md4
+$(package)_config_opts+=no-mdc2
+$(package)_config_opts+=no-multiblock
+$(package)_config_opts+=no-nextprotoneg
+$(package)_config_opts+=no-ocb
+$(package)_config_opts+=no-ocsp
+$(package)_config_opts+=no-poly1305
+$(package)_config_opts+=no-posix-io
+$(package)_config_opts+=no-psk
+$(package)_config_opts+=no-rc2
+$(package)_config_opts+=no-rc4
+$(package)_config_opts+=no-rc5
+$(package)_config_opts+=no-rdrand
+$(package)_config_opts+=no-rfc3779
+$(package)_config_opts+=no-rmd160
+$(package)_config_opts+=no-scrypt
+$(package)_config_opts+=no-sctp
+$(package)_config_opts+=no-seed
 $(package)_config_opts+=no-shared
+$(package)_config_opts+=no-srp
+$(package)_config_opts+=no-srtp
+$(package)_config_opts+=no-ssl3
+$(package)_config_opts+=no-ssl3-method
+$(package)_config_opts+=no-ssl-trace
+$(package)_config_opts+=no-stdio
+$(package)_config_opts+=no-tls1
+$(package)_config_opts+=no-tls1-method
+$(package)_config_opts+=no-ts
+$(package)_config_opts+=no-ui
+$(package)_config_opts+=no-unit-test
+$(package)_config_opts+=no-weak-ssl-ciphers
+$(package)_config_opts+=no-whirlpool
+$(package)_config_opts+=no-zlib
+$(package)_config_opts+=no-zlib-dynamic
 $(package)_config_opts+=$($(package)_cflags) $($(package)_cppflags)
 $(package)_config_opts+=-DPURIFY
 $(package)_config_opts_linux=-fPIC -Wa,--noexecstack