A new user interface for you! Read more...

File kdelibs-trinity-tls_client_method-tlsext_hostname.patch of Package kdelibs3

diff -Naru kdelibs-3.5.10_orig/kio/kssl/kopenssl.cc kdelibs-3.5.10/kio/kssl/kopenssl.cc
--- kdelibs-3.5.10_orig/kio/kssl/kopenssl.cc	2018-05-16 04:37:21.338975706 +0000
+++ kdelibs-3.5.10/kio/kssl/kopenssl.cc	2018-05-16 04:50:44.108104318 +0000
@@ -58,6 +58,9 @@
 static const char* (*K_RAND_file_name) (char *, size_t) = 0L;
 static int (*K_RAND_load_file)  (const char *, long) = 0L;
 static int (*K_RAND_write_file) (const char *) = 0L;
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
+static SSL_METHOD * (*K_TLS_client_method) () = 0L;
+#endif
 static SSL_METHOD * (*K_TLSv1_client_method) () = 0L;
 static SSL_METHOD * (*K_SSLv2_client_method) () = 0L;
 static SSL_METHOD * (*K_SSLv3_client_method) () = 0L;
@@ -560,6 +563,9 @@
                                   _sslLib->symbol("SSL_get_current_cipher");
       K_SSL_ctrl = (long (*)(SSL * ,int, long, char *))
                                   _sslLib->symbol("SSL_ctrl");
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
+      K_TLS_client_method = (SSL_METHOD *(*)()) _sslLib->symbol("TLS_client_method");
+#endif
       K_TLSv1_client_method = (SSL_METHOD *(*)()) _sslLib->symbol("TLSv1_client_method");
       K_SSLv2_client_method = (SSL_METHOD *(*)()) _sslLib->symbol("SSLv2_client_method");
       K_SSLv3_client_method = (SSL_METHOD *(*)()) _sslLib->symbol("SSLv3_client_method");
@@ -778,7 +784,13 @@
 
 
 SSL_METHOD *KOpenSSLProxy::SSLv23_client_method() {
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
+   // Because openssl/ssl.h maps SSLv23_client_method to TLS_client_method,
+   // this method is used as KOpenSSLProxy::TLS_client_method.
+   if (K_TLS_client_method) return (K_TLS_client_method)();
+#else
    if (K_SSLv23_client_method) return (K_SSLv23_client_method)();
+#endif
    return 0L;
 }
 
diff -Naru kdelibs-3.5.10_orig/kio/kssl/kssl.cc kdelibs-3.5.10/kio/kssl/kssl.cc
--- kdelibs-3.5.10_orig/kio/kssl/kssl.cc	2018-05-16 04:37:21.342975651 +0000
+++ kdelibs-3.5.10/kio/kssl/kssl.cc	2018-05-16 04:45:51.644064971 +0000
@@ -135,7 +135,13 @@
 		return false;
 
 	seedWithEGD();
+
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
+	d->m_meth = d->kossl->TLS_client_method();
+#else
+	// Since openssl < 1.1 does not support TLS_client_method()...
 	d->m_meth = d->kossl->TLSv1_client_method();
+#endif
 	d->lastInitTLS = true;
 
 	m_pi.reset();
@@ -174,13 +180,19 @@
 
 	m_pi.reset();
 
-	if (!m_cfg->tlsv1() && !m_cfg->sslv3() && m_cfg->sslv2())
-		d->m_meth = d->kossl->SSLv2_client_method();
-        else if (m_cfg->tlsv1() && !m_cfg->sslv3() && !m_cfg->sslv2())
+	if (m_cfg->tlsv1() || (m_cfg->sslv3() && m_cfg->sslv2())) {
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
+		d->m_meth = d->kossl->TLS_client_method();
+#else
 		d->m_meth = d->kossl->TLSv1_client_method();
-	else if (!m_cfg->tlsv1() && m_cfg->sslv3() && !m_cfg->sslv2())
+#endif
+	}
+	else if (m_cfg->sslv3()) {
 		d->m_meth = d->kossl->SSLv3_client_method();
-	else d->m_meth = d->kossl->SSLv23_client_method();
+	}
+	else if (m_cfg->sslv2()) {
+		d->m_meth = d->kossl->SSLv2_client_method();
+	}
 
 /*
 if (m_cfg->sslv2() && m_cfg->sslv3()) kdDebug(7029) << "Double method" << endl;
@@ -337,6 +349,9 @@
 		d->m_ssl = 0;
 		return rc;
 	}
+#ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME
+	d->kossl->SSL_set_tlsext_host_name(d->m_ssl, d->proxyPeer.ascii());
+#endif
 
 	rc = d->kossl->SSL_accept(d->m_ssl);
 	if (rc == 1) {
@@ -441,6 +456,9 @@
 		d->m_ssl = 0;
 		return rc;
 	}
+#ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME
+	d->kossl->SSL_set_tlsext_host_name(d->m_ssl, d->proxyPeer.ascii());
+#endif
 
 connect_again:
 	rc = d->kossl->SSL_connect(d->m_ssl);