Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
home:aualin:kde
kdelibs3
kdelibs-3.5.10-ossl-1.1.x.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File kdelibs-3.5.10-ossl-1.1.x.patch of Package kdelibs3
diff -Naru kdelibs-3.5.10_orig/kcert/kcertpart.cc kdelibs-3.5.10/kcert/kcertpart.cc --- kdelibs-3.5.10_orig/kcert/kcertpart.cc 2005-10-11 00:05:53.000000000 +0900 +++ kdelibs-3.5.10/kcert/kcertpart.cc 2022-12-06 16:49:30.226293440 +0900 @@ -429,7 +429,12 @@ if (certFile.endsWith("der") || certFile.endsWith("crt")) { enc = _ca->toDer(); } else if (certFile.endsWith("netscape")) { +#if OPENSSL_VERSION_NUMBER >= 0x10100000L + KMessageBox::sorry(_frame, i18n("Netscape format is not supported anymore!"), i18n("Certificate Import")); + return false; +#else enc = _ca->toNetscape(); +#endif } else { enc = _ca->toPem(); } diff -Naru kdelibs-3.5.10_orig/kio/Makefile.am kdelibs-3.5.10/kio/Makefile.am --- kdelibs-3.5.10_orig/kio/Makefile.am 2005-10-11 00:05:44.000000000 +0900 +++ kdelibs-3.5.10/kio/Makefile.am 2022-12-06 16:49:30.230293404 +0900 @@ -32,7 +32,7 @@ kio/libksycoca.la bookmarks/libkbookmarks.la kfile/libkfile.la \ ../kdeui/libkdeui.la ../kdesu/libkdesu.la \ ../kwallet/client/libkwalletclient.la \ - $(LIBZ) $(LIBFAM) $(LIBVOLMGT) $(ACL_LIBS) + $(LIBZ) $(LIBFAM) $(LIBVOLMGT) $(LIBSSL) $(ACL_LIBS) kde_mime_DATA = magic kde_servicetypes_DATA = application.desktop kurifilterplugin.desktop \ diff -Naru kdelibs-3.5.10_orig/kio/kssl/kopenssl.cc kdelibs-3.5.10/kio/kssl/kopenssl.cc --- kdelibs-3.5.10_orig/kio/kssl/kopenssl.cc 2022-12-06 16:48:29.534885678 +0900 +++ kdelibs-3.5.10/kio/kssl/kopenssl.cc 2022-12-06 16:53:54.368188015 +0900 @@ -53,7 +53,7 @@ int (*)(int, X509_STORE_CTX *)) = 0L; static int (*K_SSL_use_certificate)(SSL *, X509 *) = 0L; static SSL_CIPHER *(*K_SSL_get_current_cipher)(SSL *) = 0L; -static long (*K_SSL_ctrl) (SSL *,int, long, char *) = 0L; +static long (*K_SSL_ctrl) (SSL *,int, long, void *) = 0L; static int (*K_RAND_egd) (const char *) = 0L; static const char* (*K_RAND_file_name) (char *, size_t) = 0L; static int (*K_RAND_load_file) (const char *, long) = 0L; @@ -431,7 +431,11 @@ K_EVP_PKEY_new = (EVP_PKEY* (*)()) _cryptoLib->symbol("EVP_PKEY_new"); K_X509_REQ_free = (void (*)(X509_REQ*)) _cryptoLib->symbol("X509_REQ_free"); K_X509_REQ_new = (X509_REQ* (*)()) _cryptoLib->symbol("X509_REQ_new"); +#if OPENSSL_VERSION_NUMBER >= 0x10100000L + K_X509_STORE_CTX_set_chain = (void (*)(X509_STORE_CTX *, STACK_OF(X509)*)) _cryptoLib->symbol("X509_STORE_CTX_set0_untrusted"); +#else K_X509_STORE_CTX_set_chain = (void (*)(X509_STORE_CTX *, STACK_OF(X509)*)) _cryptoLib->symbol("X509_STORE_CTX_set_chain"); +#endif K_X509_STORE_CTX_set_purpose = (void (*)(X509_STORE_CTX *, int)) _cryptoLib->symbol("X509_STORE_CTX_set_purpose"); K_sk_free = (void (*) (STACK *)) _cryptoLib->symbol("sk_free"); K_sk_num = (int (*) (STACK *)) _cryptoLib->symbol("sk_num"); @@ -558,7 +562,7 @@ _sslLib->symbol("SSL_CTX_use_certificate"); K_SSL_get_current_cipher = (SSL_CIPHER *(*)(SSL *)) _sslLib->symbol("SSL_get_current_cipher"); - K_SSL_ctrl = (long (*)(SSL * ,int, long, char *)) + K_SSL_ctrl = (long (*)(SSL * ,int, long, void *)) _sslLib->symbol("SSL_ctrl"); K_TLSv1_client_method = (SSL_METHOD *(*)()) _sslLib->symbol("TLSv1_client_method"); K_SSLv2_client_method = (SSL_METHOD *(*)()) _sslLib->symbol("SSLv2_client_method"); @@ -747,7 +751,7 @@ } -long KOpenSSLProxy::SSL_ctrl(SSL *ssl,int cmd, long larg, char *parg) { +long KOpenSSLProxy::SSL_ctrl(SSL *ssl,int cmd, long larg, void *parg) { if (K_SSL_ctrl) return (K_SSL_ctrl)(ssl, cmd, larg, parg); return -1; } @@ -1082,6 +1086,7 @@ } +#if OPENSSL_VERSION_NUMBER < 0x10100000L void KOpenSSLProxy::sk_free(STACK *s) { if (K_sk_free) (K_sk_free)(s); } @@ -1103,6 +1108,7 @@ if (K_sk_value) return (K_sk_value)(s, n); else return 0L; } +#endif void KOpenSSLProxy::X509_STORE_CTX_set_chain(X509_STORE_CTX *v, STACK_OF(X509)* x) { @@ -1114,6 +1120,7 @@ } +#if OPENSSL_VERSION_NUMBER < 0x10100000L STACK* KOpenSSLProxy::sk_dup(STACK *s) { if (K_sk_dup) return (K_sk_dup)(s); else return 0L; @@ -1130,6 +1137,7 @@ if (K_sk_push) return (K_sk_push)(s,d); else return -1; } +#endif char *KOpenSSLProxy::i2s_ASN1_INTEGER(X509V3_EXT_METHOD *meth, ASN1_INTEGER *aint) { diff -Naru kdelibs-3.5.10_orig/kio/kssl/kopenssl.h kdelibs-3.5.10/kio/kssl/kopenssl.h --- kdelibs-3.5.10_orig/kio/kssl/kopenssl.h 2022-12-06 16:48:29.534885678 +0900 +++ kdelibs-3.5.10/kio/kssl/kopenssl.h 2022-12-06 16:49:30.242293295 +0900 @@ -188,7 +188,7 @@ /* long SSL_set_options(SSL *ssl, long options); */ /* Returns 0 if not reused, 1 if session id is reused */ /* int SSL_session_reused(SSL *ssl); */ - long SSL_ctrl(SSL *ssl,int cmd, long larg, char *parg); + long SSL_ctrl(SSL *ssl,int cmd, long larg, void *parg); /* * RAND_egd - set the path to the EGD diff -Naru kdelibs-3.5.10_orig/kio/kssl/ksmimecrypto.cc kdelibs-3.5.10/kio/kssl/ksmimecrypto.cc --- kdelibs-3.5.10_orig/kio/kssl/ksmimecrypto.cc 2022-12-06 16:48:29.530885717 +0900 +++ kdelibs-3.5.10/kio/kssl/ksmimecrypto.cc 2022-12-06 16:49:30.242293295 +0900 @@ -38,6 +38,7 @@ #endif +#if OPENSSL_VERSION_NUMBER < 0x10100000L // forward included macros to KOpenSSLProxy #define sk_new kossl->sk_new #define sk_free kossl->sk_free @@ -45,6 +46,7 @@ #define sk_value kossl->sk_value #define sk_num kossl->sk_num #define BIO_ctrl kossl->BIO_ctrl +#endif #ifdef KSSL_HAVE_SSL @@ -87,7 +89,11 @@ STACK_OF(X509) *KSMIMECryptoPrivate::certsToX509(QPtrList<KSSLCertificate> &certs) { +#if OPENSSL_VERSION_NUMBER >= 0x10100000L + STACK_OF(X509) *x509 = reinterpret_cast<STACK_OF(X509)*>(OPENSSL_sk_new(NULL)); +#else STACK_OF(X509) *x509 = reinterpret_cast<STACK_OF(X509)*>(sk_new(NULL)); +#endif KSSLCertificate *cert = certs.first(); while(cert) { sk_X509_push(x509, cert->getCert()); @@ -242,7 +248,11 @@ We assume that openssl uses malloc() (it does in default config) and rip out the buffer. */ +#if OPENSSL_VERSION_NUMBER >= 0x10100000L + reinterpret_cast<BUF_MEM *>(BIO_get_data(src))->data = NULL; +#else reinterpret_cast<BUF_MEM *>(src->ptr)->data = NULL; +#endif } diff -Naru kdelibs-3.5.10_orig/kio/kssl/kssl.cc kdelibs-3.5.10/kio/kssl/kssl.cc --- kdelibs-3.5.10_orig/kio/kssl/kssl.cc 2006-10-02 02:33:33.000000000 +0900 +++ kdelibs-3.5.10/kio/kssl/kssl.cc 2022-12-06 16:49:30.242293295 +0900 @@ -215,8 +215,13 @@ return true; } +#if OPENSSL_VERSION_NUMBER >= 0x10100000L + // reference count must be incremented via function. + SSL_SESSION_up_ref(static_cast<SSL_SESSION*>(session->_session)); +#else // Obtain a reference by incrementing the reference count. Yuck. static_cast<SSL_SESSION*>(session->_session)->references++; +#endif d->session = new KSSLSession; d->session->_session = session->_session; @@ -284,6 +289,11 @@ return -1; if (d->session) { +#if OPENSSL_VERSION_NUMBER >= 0x10100000L + kdDebug(7029) << "Can't reuse session because openssl is 1.1 or later." << endl; + delete d->session; + d->session = 0; +#else if (static_cast<SSL_SESSION*>(d->session->_session)->sess_cert == 0) { kdDebug(7029) << "Can't reuse session, no certificate." << endl; @@ -297,6 +307,7 @@ delete d->session; d->session = 0; } +#endif } /* @@ -316,7 +327,8 @@ if (!m_cfg->sslv2()) off |= SSL_OP_NO_SSLv2; - d->kossl->SSL_set_options(d->m_ssl, off); + // d->kossl->SSL_set_options(d->m_ssl, off); + SSL_set_options(d->m_ssl, off); rc = d->kossl->SSL_set_fd(d->m_ssl, sock); if (rc == 0) { @@ -341,7 +353,8 @@ return -1; } - if (!d->kossl->SSL_session_reused(d->m_ssl)) { + // if (!d->kossl->SSL_session_reused(d->m_ssl)) { + if (!SSL_session_reused(d->m_ssl)) { if (d->session) { kdDebug(7029) << "Session reuse failed. New session used instead." << endl; delete d->session; @@ -375,6 +388,12 @@ return -1; if (d->session) { +#if OPENSSL_VERSION_NUMBER >= 0x10100000L + kdDebug(7029) << "Can't reuse session because openssl is 1.1 or later." << endl; + delete d->session; + d->session = 0; +#else + if (static_cast<SSL_SESSION*>(d->session->_session)->sess_cert == 0) { kdDebug(7029) << "Can't reuse session, no certificate." << endl; @@ -388,6 +407,7 @@ delete d->session; d->session = 0; } +#endif } /* @@ -407,7 +427,8 @@ if (!m_cfg->sslv2()) off |= SSL_OP_NO_SSLv2; - d->kossl->SSL_set_options(d->m_ssl, off); + // d->kossl->SSL_set_options(d->m_ssl, off); + SSL_set_options(d->m_ssl, off); rc = d->kossl->SSL_set_fd(d->m_ssl, sock); if (rc == 0) { @@ -441,7 +462,8 @@ } } - if (!d->kossl->SSL_session_reused(d->m_ssl)) { + // if (!d->kossl->SSL_session_reused(d->m_ssl)) { + if (!SSL_session_reused(d->m_ssl)) { if (d->session) { kdDebug(7029) << "Session reuse failed. New session used instead." << endl; delete d->session; @@ -679,7 +701,8 @@ bool KSSL::reusingSession() const { #ifdef KSSL_HAVE_SSL - return (d->m_ssl && d->kossl->SSL_session_reused(d->m_ssl)); + // return (d->m_ssl && d->kossl->SSL_session_reused(d->m_ssl)); + return (d->m_ssl && SSL_session_reused(d->m_ssl)); #else return false; #endif diff -Naru kdelibs-3.5.10_orig/kio/kssl/ksslcallback.c kdelibs-3.5.10/kio/kssl/ksslcallback.c --- kdelibs-3.5.10_orig/kio/kssl/ksslcallback.c 2005-10-11 00:05:44.000000000 +0900 +++ kdelibs-3.5.10/kio/kssl/ksslcallback.c 2022-12-06 16:49:30.246293260 +0900 @@ -28,7 +28,7 @@ extern "C" { static int X509Callback(int ok, X509_STORE_CTX *ctx) { - kdDebug(7029) << "X509Callback: ok = " << ok << " error = " << ctx->error << " depth = " << ctx->error_depth << endl; + // kdDebug(7029) << "X509Callback: ok = " << ok << " error = " << ctx->error << " depth = " << ctx->error_depth << endl; // Here is how this works. We put "ok = 1;" in any case that we // don't consider to be an error. In that case, it will return OK // for the certificate check as long as there are no other critical @@ -39,14 +39,22 @@ if (KSSL_X509CallBack_ca) { +#if OPENSSL_VERSION_NUMBER >= 0x10100000L + if (KOSSL::self()->X509_cmp(X509_STORE_CTX_get_current_cert(ctx), KSSL_X509CallBack_ca) != 0) +#else if (KOSSL::self()->X509_cmp(ctx->current_cert, KSSL_X509CallBack_ca) != 0) +#endif return 1; // Ignore errors for this certificate KSSL_X509CallBack_ca_found = true; } if (!ok) { +#if OPENSSL_VERSION_NUMBER >= 0x10100000L + switch (X509_STORE_CTX_get_error(ctx)) { +#else switch (ctx->error) { +#endif case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT: case X509_V_ERR_UNABLE_TO_GET_CRL: case X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE: diff -Naru kdelibs-3.5.10_orig/kio/kssl/ksslcertchain.cc kdelibs-3.5.10/kio/kssl/ksslcertchain.cc --- kdelibs-3.5.10_orig/kio/kssl/ksslcertchain.cc 2005-10-11 00:05:44.000000000 +0900 +++ kdelibs-3.5.10/kio/kssl/ksslcertchain.cc 2022-12-06 16:49:30.246293260 +0900 @@ -45,6 +45,7 @@ +#if OPENSSL_VERSION_NUMBER < 0x10100000L #ifdef KSSL_HAVE_SSL #define sk_new d->kossl->sk_new #define sk_push d->kossl->sk_push @@ -54,6 +55,7 @@ #define sk_dup d->kossl->sk_dup #define sk_pop d->kossl->sk_pop #endif +#endif class KSSLCertChainPrivate { public: @@ -147,7 +149,11 @@ } if (chain.count() == 0) return; +#if OPENSSL_VERSION_NUMBER >= 0x10100000L + _chain = (void *)OPENSSL_sk_new(NULL); +#else _chain = (void *)sk_new(NULL); +#endif for (KSSLCertificate *x = chain.first(); x != 0; x = chain.next()) { sk_X509_push((STACK_OF(X509)*)_chain, d->kossl->X509_dup(x->getCert())); } @@ -172,7 +178,11 @@ if (!stack_of_x509) return; -_chain = (void *)sk_new(NULL); +#if OPENSSL_VERSION_NUMBER >= 0x10100000L + _chain = (void *)OPENSSL_sk_new(NULL); +#else + _chain = (void *)sk_new(NULL); +#endif STACK_OF(X509) *x = (STACK_OF(X509) *)stack_of_x509; for (int i = 0; i < sk_X509_num(x); i++) { diff -Naru kdelibs-3.5.10_orig/kio/kssl/ksslcertificate.cc kdelibs-3.5.10/kio/kssl/ksslcertificate.cc --- kdelibs-3.5.10_orig/kio/kssl/ksslcertificate.cc 2022-12-06 16:48:29.534885678 +0900 +++ kdelibs-3.5.10/kio/kssl/ksslcertificate.cc 2022-12-06 16:49:30.246293260 +0900 @@ -171,7 +171,7 @@ if (!t) return rc; rc = t; - d->kossl->OPENSSL_free(t); + OPENSSL_free(t); #endif return rc; } @@ -198,14 +198,28 @@ char *s; int n, i; +#if OPENSSL_VERSION_NUMBER >= 0x10100000L + i = X509_get_signature_nid(d->m_cert); +#else i = d->kossl->OBJ_obj2nid(d->m_cert->sig_alg->algorithm); +#endif rc = i18n("Signature Algorithm: "); rc += (i == NID_undef)?i18n("Unknown"):QString(d->kossl->OBJ_nid2ln(i)); rc += "\n"; rc += i18n("Signature Contents:"); +#if OPENSSL_VERSION_NUMBER >= 0x10100000L + const ASN1_BIT_STRING *psig; + const X509_ALGOR *palg; + + X509_get0_signature(&psig, &palg, d->m_cert); + + n = ASN1_STRING_length(psig); + s = (char *)ASN1_STRING_get0_data(psig); +#else n = d->m_cert->signature->length; s = (char *)d->m_cert->signature->data; +#endif for (i = 0; i < n; i++) { if (i%20 != 0) rc += ":"; else rc += "\n"; @@ -227,8 +241,13 @@ STACK *s = d->kossl->X509_get1_email(d->m_cert); if (s) { +#if OPENSSL_VERSION_NUMBER >= 0x10100000L + for(int n=0; n < OPENSSL_sk_num(s); n++) { + to.append((const char*)(OPENSSL_sk_value(s,n))); +#else for(int n=0; n < s->num; n++) { to.append(d->kossl->sk_value(s,n)); +#endif } d->kossl->X509_email_free(s); } @@ -309,12 +328,20 @@ EVP_PKEY *pkey = d->kossl->X509_get_pubkey(d->m_cert); if (pkey) { #ifndef NO_RSA +#if OPENSSL_VERSION_NUMBER >= 0x10100000L + if (EVP_PKEY_id(pkey) == EVP_PKEY_RSA) +#else if (pkey->type == EVP_PKEY_RSA) +#endif rc = "RSA"; else #endif #ifndef NO_DSA +#if OPENSSL_VERSION_NUMBER >= 0x10100000L + if (EVP_PKEY_id(pkey) == EVP_PKEY_DSA) +#else if (pkey->type == EVP_PKEY_DSA) +#endif rc = "DSA"; else #endif @@ -337,10 +364,21 @@ if (pkey) { rc = i18n("Unknown", "Unknown key algorithm"); #ifndef NO_RSA +#if OPENSSL_VERSION_NUMBER >= 0x10100000L + if (EVP_PKEY_id(pkey) == EVP_PKEY_RSA) { +#else if (pkey->type == EVP_PKEY_RSA) { +#endif rc = i18n("Key type: RSA (%1 bit)") + "\n"; +#if OPENSSL_VERSION_NUMBER >= 0x10100000L + const BIGNUM *n, *e; + + RSA_get0_key(EVP_PKEY_get0_RSA(pkey), &n, &e, NULL); + x = d->kossl->BN_bn2hex(n); +#else x = d->kossl->BN_bn2hex(pkey->pkey.rsa->n); +#endif rc += i18n("Modulus: "); rc = rc.arg(strlen(x)*4); for (unsigned int i = 0; i < strlen(x); i++) { @@ -351,18 +389,33 @@ rc += x[i]; } rc += "\n"; - d->kossl->OPENSSL_free(x); + OPENSSL_free(x); +#if OPENSSL_VERSION_NUMBER >= 0x10100000L + x = d->kossl->BN_bn2hex(e); +#else x = d->kossl->BN_bn2hex(pkey->pkey.rsa->e); +#endif rc += i18n("Exponent: 0x") + x + "\n"; - d->kossl->OPENSSL_free(x); + OPENSSL_free(x); } #endif #ifndef NO_DSA +#if OPENSSL_VERSION_NUMBER >= 0x10100000L + if (EVP_PKEY_id(pkey) == EVP_PKEY_DSA) { +#else if (pkey->type == EVP_PKEY_DSA) { +#endif rc = i18n("Key type: DSA (%1 bit)") + "\n"; +#if OPENSSL_VERSION_NUMBER >= 0x10100000L + const BIGNUM *p, *q, *g; + + DSA_get0_pqg(EVP_PKEY_get0_DSA(pkey), &p, &q, &g); + x = d->kossl->BN_bn2hex(p); +#else x = d->kossl->BN_bn2hex(pkey->pkey.dsa->p); +#endif rc += i18n("Prime: "); // hack - this may not be always accurate rc = rc.arg(strlen(x)*4) ; @@ -374,9 +427,13 @@ rc += x[i]; } rc += "\n"; - d->kossl->OPENSSL_free(x); + OPENSSL_free(x); +#if OPENSSL_VERSION_NUMBER >= 0x10100000L + x = d->kossl->BN_bn2hex(q); +#else x = d->kossl->BN_bn2hex(pkey->pkey.dsa->q); +#endif rc += i18n("160 bit prime factor: "); for (unsigned int i = 0; i < strlen(x); i++) { if (i%40 != 0 && i%2 == 0) @@ -386,9 +443,13 @@ rc += x[i]; } rc += "\n"; - d->kossl->OPENSSL_free(x); - + OPENSSL_free(x); + +#if OPENSSL_VERSION_NUMBER >= 0x10100000L + x = d->kossl->BN_bn2hex(g); +#else x = d->kossl->BN_bn2hex(pkey->pkey.dsa->g); +#endif rc += QString("g: "); for (unsigned int i = 0; i < strlen(x); i++) { if (i%40 != 0 && i%2 == 0) @@ -398,9 +459,16 @@ rc += x[i]; } rc += "\n"; - d->kossl->OPENSSL_free(x); - + OPENSSL_free(x); + +#if OPENSSL_VERSION_NUMBER >= 0x10100000L + const BIGNUM *pub_key; + + DSA_get0_key(EVP_PKEY_get0_DSA(pkey), &pub_key, NULL); + x = d->kossl->BN_bn2hex(pub_key); +#else x = d->kossl->BN_bn2hex(pkey->pkey.dsa->pub_key); +#endif rc += i18n("Public key: "); for (unsigned int i = 0; i < strlen(x); i++) { if (i%40 != 0 && i%2 == 0) @@ -410,7 +478,7 @@ rc += x[i]; } rc += "\n"; - d->kossl->OPENSSL_free(x); + OPENSSL_free(x); } #endif d->kossl->EVP_PKEY_free(pkey); @@ -432,7 +500,7 @@ return rc; rc = t; - d->kossl->OPENSSL_free(t); + OPENSSL_free(t); #endif return rc; @@ -701,9 +769,17 @@ KSSL_X509CallBack_ca = ca ? ca->d->m_cert : 0; KSSL_X509CallBack_ca_found = false; +#if OPENSSL_VERSION_NUMBER >= 0x10100000L + X509_STORE_CTX_set_error(certStoreCTX, X509_V_OK); +#else certStoreCTX->error = X509_V_OK; +#endif rc = d->kossl->X509_verify_cert(certStoreCTX); +#if OPENSSL_VERSION_NUMBER >= 0x10100000L + int errcode = X509_STORE_CTX_get_error(certStoreCTX); +#else int errcode = certStoreCTX->error; +#endif if (ca && !KSSL_X509CallBack_ca_found) { ksslv = KSSLCertificate::Irrelevant; } else { @@ -716,9 +792,17 @@ d->kossl->X509_STORE_CTX_set_purpose(certStoreCTX, X509_PURPOSE_NS_SSL_SERVER); +#if OPENSSL_VERSION_NUMBER >= 0x10100000L + X509_STORE_CTX_set_error(certStoreCTX, X509_V_OK); +#else certStoreCTX->error = X509_V_OK; +#endif rc = d->kossl->X509_verify_cert(certStoreCTX); +#if OPENSSL_VERSION_NUMBER >= 0x10100000L + errcode = X509_STORE_CTX_get_error(certStoreCTX); +#else errcode = certStoreCTX->error; +#endif ksslv = processError(errcode); } d->kossl->X509_STORE_CTX_free(certStoreCTX); @@ -999,6 +1083,7 @@ #define NETSCAPE_CERT_HDR "certificate" +#if OPENSSL_VERSION_NUMBER < 0x10100000L // what a piece of crap this is QByteArray KSSLCertificate::toNetscape() { QByteArray qba; @@ -1044,6 +1129,7 @@ #endif return qba; } +#endif @@ -1104,10 +1190,18 @@ return rc; } +#if OPENSSL_VERSION_NUMBER >= 0x10100000L + int cnt = sk_GENERAL_NAME_num(names); +#else int cnt = d->kossl->sk_GENERAL_NAME_num(names); +#endif for (int i = 0; i < cnt; i++) { +#if OPENSSL_VERSION_NUMBER >= 0x10100000L + const GENERAL_NAME *val = (const GENERAL_NAME *)OPENSSL_sk_value((const OPENSSL_STACK *)names, i); +#else const GENERAL_NAME *val = (const GENERAL_NAME *)d->kossl->sk_value(names, i); +#endif if (val->type != GEN_DNS) { continue; } @@ -1119,8 +1213,12 @@ rc += s; } } +#if OPENSSL_VERSION_NUMBER >= 0x10100000L + OPENSSL_sk_free((OPENSSL_STACK *)names); +#else d->kossl->sk_free(names); #endif +#endif return rc; } diff -Naru kdelibs-3.5.10_orig/kio/kssl/ksslcertificate.h kdelibs-3.5.10/kio/kssl/ksslcertificate.h --- kdelibs-3.5.10_orig/kio/kssl/ksslcertificate.h 2005-10-11 00:05:44.000000000 +0900 +++ kdelibs-3.5.10/kio/kssl/ksslcertificate.h 2022-12-06 16:49:30.246293260 +0900 @@ -181,7 +181,9 @@ * Convert the certificate to Netscape format. * @return the binary data of the Netscape encoding */ +#if OPENSSL_VERSION_NUMBER < 0x10100000L QByteArray toNetscape(); +#endif /** * Convert the certificate to OpenSSL plain text format. diff -Naru kdelibs-3.5.10_orig/kio/kssl/ksslsettings.cc kdelibs-3.5.10/kio/kssl/ksslsettings.cc --- kdelibs-3.5.10_orig/kio/kssl/ksslsettings.cc 2006-07-22 17:16:39.000000000 +0900 +++ kdelibs-3.5.10/kio/kssl/ksslsettings.cc 2022-12-06 16:49:30.250293223 +0900 @@ -156,19 +156,28 @@ STACK_OF(SSL_CIPHER)* sk = d->kossl->SSL_get_ciphers(ssl); int cnt = sk_SSL_CIPHER_num(sk); for (int i=0; i< cnt; i++) { - SSL_CIPHER *sc = sk_SSL_CIPHER_value(sk,i); + const SSL_CIPHER *sc = sk_SSL_CIPHER_value(sk,i); if (!sc) break; - if(!strcmp("SSLv2", d->kossl->SSL_CIPHER_get_version(sc))) + if(!strcmp("SSLv2", d->kossl->SSL_CIPHER_get_version(const_cast<SSL_CIPHER*>(sc)))) m_cfg->setGroup("SSLv2"); else m_cfg->setGroup("SSLv3"); +#if OPENSSL_VERSION_NUMBER >= 0x10100000L + tcipher.sprintf("cipher_%s", SSL_CIPHER_get_name(sc)); +#else tcipher.sprintf("cipher_%s", sc->name); - int bits = d->kossl->SSL_CIPHER_get_bits(sc, NULL); +#endif + // int bits = d->kossl->SSL_CIPHER_get_bits(sc, NULL); + int bits = SSL_CIPHER_get_bits(sc, NULL); if (m_cfg->readBoolEntry(tcipher, bits >= 56)) { +#if OPENSSL_VERSION_NUMBER >= 0x10100000L + CipherNode *xx = new CipherNode(SSL_CIPHER_get_name(sc),bits); +#else CipherNode *xx = new CipherNode(sc->name,bits); +#endif if (!cipherList.contains(xx)) cipherList.prepend(xx); else diff -Naru kdelibs-3.5.10_orig/kio/kssl/ksslutils.cc kdelibs-3.5.10/kio/kssl/ksslutils.cc --- kdelibs-3.5.10_orig/kio/kssl/ksslutils.cc 2005-10-11 00:05:44.000000000 +0900 +++ kdelibs-3.5.10/kio/kssl/ksslutils.cc 2022-12-06 16:49:30.250293223 +0900 @@ -85,7 +85,11 @@ QString ASN1_INTEGER_QString(ASN1_INTEGER *aint) { char *rep = KOSSL::self()->i2s_ASN1_INTEGER(NULL, aint); QString yy = rep; +#if OPENSSL_VERSION_NUMBER >= 0x10100000L +OPENSSL_free(rep); +#else KOSSL::self()->OPENSSL_free(rep); +#endif return yy; }
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor
