diff options
author | Patrick J Volkerding <volkerdi@slackware.com> | 2020-10-22 19:20:07 +0000 |
---|---|---|
committer | Eric Hameleers <alien@slackware.com> | 2020-10-23 08:59:54 +0200 |
commit | 82d302bd56724cbf2571ff24937ab4e5c60c107c (patch) | |
tree | f22a18500d2384de5fa5fa1beb0d5271ef48b1b6 /source | |
parent | 02df087c4b8f24d50f217959edd84963958f64ea (diff) | |
download | current-82d302bd56724cbf2571ff24937ab4e5c60c107c.tar.gz |
Thu Oct 22 19:20:07 UTC 202020201022192007
a/aaa_elflibs-15.0-x86_64-25.txz: Rebuilt.
Add back libffi.so.6.0.4.
a/less-563-x86_64-1.txz: Upgraded.
a/splitvt-1.6.6-x86_64-3.txz: Rebuilt.
Recompiled against libnsl-1.3.0.
a/sysvinit-scripts-2.1-noarch-36.txz: Rebuilt.
rc.M: before starting rc.elogind, also check for /bin/loginctl.
kde/kdelibs-4.14.38-x86_64-8.txz: Rebuilt.
Use a better patch to support OpenSSL 1.1.x. Thanks to ifo.
l/mozilla-nss-3.57-x86_64-1.txz: Upgraded.
This package has not been a security fix since NSS 3.23, so we'll drop it
back to the previous version to work around an SSL handshake failure when
attempting to connect to talk.google.com with pidgin. Once this issue has
been addressed upstream we'll look into bumping the package again.
Thanks to Jefferson for the bug report.
n/bind-9.16.8-x86_64-1.txz: Upgraded.
n/nfs-utils-2.5.2-x86_64-1.txz: Upgraded.
Diffstat (limited to 'source')
-rwxr-xr-x | source/a/aaa_elflibs/aaa_elflibs.SlackBuild | 2 | ||||
-rw-r--r-- | source/a/aaa_elflibs/symlinks-to-tracked-libs | 1 | ||||
-rwxr-xr-x | source/a/splitvt/splitvt.SlackBuild | 2 | ||||
-rw-r--r-- | source/a/sysvinit-scripts/scripts/rc.M | 2 | ||||
-rwxr-xr-x | source/a/sysvinit-scripts/sysvinit-scripts.SlackBuild | 2 | ||||
-rw-r--r-- | source/kde/build/kdelibs | 2 | ||||
-rw-r--r-- | source/kde/patch/kdelibs.patch | 2 | ||||
-rw-r--r-- | source/kde/patch/kdelibs/0001-Make-kssl-compile-against-OpenSSL-1.1.0.patch | 1000 | ||||
-rw-r--r-- | source/kde/patch/kdelibs/kdelibs-openssl-1.1.patch | 4007 | ||||
-rwxr-xr-x | source/l/mozilla-nss/mozilla-nss.SlackBuild | 2 |
10 files changed, 1008 insertions, 4014 deletions
diff --git a/source/a/aaa_elflibs/aaa_elflibs.SlackBuild b/source/a/aaa_elflibs/aaa_elflibs.SlackBuild index 2f4c4230..875506fb 100755 --- a/source/a/aaa_elflibs/aaa_elflibs.SlackBuild +++ b/source/a/aaa_elflibs/aaa_elflibs.SlackBuild @@ -23,7 +23,7 @@ cd $(dirname $0) ; CWD=$(pwd) PKGNAM=aaa_elflibs VERSION=${VERSION:-15.0} -BUILD=${BUILD:-24} +BUILD=${BUILD:-25} # Automatically determine the architecture we're building on: if [ -z "$ARCH" ]; then diff --git a/source/a/aaa_elflibs/symlinks-to-tracked-libs b/source/a/aaa_elflibs/symlinks-to-tracked-libs index c70e471a..6f1d3ab0 100644 --- a/source/a/aaa_elflibs/symlinks-to-tracked-libs +++ b/source/a/aaa_elflibs/symlinks-to-tracked-libs @@ -36,6 +36,7 @@ /usr/lib/libatomic.so.1 /usr/lib/libcurl.so.4 /usr/lib/libexpat.so.1 +/usr/lib/libffi.so.6 /usr/lib/libffi.so.7 /usr/lib/libform.so.5 /usr/lib/libform.so.6 diff --git a/source/a/splitvt/splitvt.SlackBuild b/source/a/splitvt/splitvt.SlackBuild index 7e6137d9..58fc04e0 100755 --- a/source/a/splitvt/splitvt.SlackBuild +++ b/source/a/splitvt/splitvt.SlackBuild @@ -24,7 +24,7 @@ cd $(dirname $0) ; CWD=$(pwd) PKGNAM=splitvt VERSION=1.6.6 -BUILD=${BUILD:-2} +BUILD=${BUILD:-3} # Automatically determine the architecture we're building on: if [ -z "$ARCH" ]; then diff --git a/source/a/sysvinit-scripts/scripts/rc.M b/source/a/sysvinit-scripts/scripts/rc.M index d02452ea..f2c7952c 100644 --- a/source/a/sysvinit-scripts/scripts/rc.M +++ b/source/a/sysvinit-scripts/scripts/rc.M @@ -117,7 +117,7 @@ if [ -x /etc/rc.d/rc.messagebus ]; then fi # Start the session/seat daemon: -if [ -x /etc/rc.d/rc.elogind ]; then +if [ -x /etc/rc.d/rc.elogind -a -x /bin/loginctl ]; then /etc/rc.d/rc.elogind start elif [ -x /etc/rc.d/rc.consolekit -a -x /usr/sbin/console-kit-daemon ]; then /etc/rc.d/rc.consolekit start diff --git a/source/a/sysvinit-scripts/sysvinit-scripts.SlackBuild b/source/a/sysvinit-scripts/sysvinit-scripts.SlackBuild index 34d6dd3b..78e1381c 100755 --- a/source/a/sysvinit-scripts/sysvinit-scripts.SlackBuild +++ b/source/a/sysvinit-scripts/sysvinit-scripts.SlackBuild @@ -25,7 +25,7 @@ cd $(dirname $0) ; CWD=$(pwd) PKGNAM=sysvinit-scripts VERSION=${VERSION:-2.1} ARCH=noarch -BUILD=${BUILD:-35} +BUILD=${BUILD:-36} # If the variable PRINT_PACKAGE_NAME is set, then this script will report what # the name of the created package would be, and then exit. This information diff --git a/source/kde/build/kdelibs b/source/kde/build/kdelibs index 7f8f011e..45a4fb75 100644 --- a/source/kde/build/kdelibs +++ b/source/kde/build/kdelibs @@ -1 +1 @@ -7 +8 diff --git a/source/kde/patch/kdelibs.patch b/source/kde/patch/kdelibs.patch index e74d8bf0..f102b8a3 100644 --- a/source/kde/patch/kdelibs.patch +++ b/source/kde/patch/kdelibs.patch @@ -13,7 +13,7 @@ zcat $CWD/patch/kdelibs/coding-style-fixes.patch.gz | patch -R -p1 --verbose || zcat $CWD/patch/kdelibs/return-application-icons-properly.patch.gz | patch -R -p1 --verbose || { touch ${SLACK_KDE_BUILD_DIR}/${PKGNAME}.failed ; continue ; } # Support OpenSSL-1.1.x: -zcat $CWD/patch/kdelibs/kdelibs-openssl-1.1.patch.gz | patch -p1 --verbose || { touch ${SLACK_KDE_BUILD_DIR}/${PKGNAME}.failed ; continue ; } +zcat $CWD/patch/kdelibs/0001-Make-kssl-compile-against-OpenSSL-1.1.0.patch.gz | patch -p1 --verbose || { touch ${SLACK_KDE_BUILD_DIR}/${PKGNAME}.failed ; continue ; } # Security: remove support for $(...) in config keys with [$e] marker. (CVE-2019-14744) zcat $CWD/patch/kdelibs/kdelibs.2c3762feddf7e66cf6b64d9058f625a715694a00.patch.gz | patch -p1 --verbose || { touch ${SLACK_KDE_BUILD_DIR}/${PKGNAME}.failed ; continue ; } diff --git a/source/kde/patch/kdelibs/0001-Make-kssl-compile-against-OpenSSL-1.1.0.patch b/source/kde/patch/kdelibs/0001-Make-kssl-compile-against-OpenSSL-1.1.0.patch new file mode 100644 index 00000000..69474edd --- /dev/null +++ b/source/kde/patch/kdelibs/0001-Make-kssl-compile-against-OpenSSL-1.1.0.patch @@ -0,0 +1,1000 @@ +From a015996bb55bbd63d94b227a2c82d0d97cd86ae8 Mon Sep 17 00:00:00 2001 +From: Wolfgang Bauer <wbauer@tmo.at> +Date: Wed, 25 Oct 2017 07:49:32 +0200 +Subject: [PATCH] Make kssl compile against OpenSSL 1.1.0 + +OpenSSL 1.1.0 contains some source-incompatible changes, most notably +making most of the structures opaque and introducing new getter/setter +functions to modify the structures. This patch adds some of the newly +introduced functions to the KOpenSSL class and modifies the code to +call them. The implementation of those newly introduced methods +contains both OpenSSL < 1.1 compatible code (direct structure member +access) and calls to real functions resolved from OpenSSL>= 1.1 +library. Which implementation is used is decided at compile time. Some +of the existing methods were renamed to match the OpenSSL 1.1 naming +and to avoid conflicts with backward-compatibility names provided by +OpenSSL 1.1. + +KSSLCertificate::toNetscape() returns empty result when built against +OpenSSL 1.1 since I wasn't able to find a proper equivalent in OpenSSL +1.1 API (and there does not seem to be any). + +(Backport of commit 9a990c69c606126bcd60cd7718462aec2a92460d from +kdelibs4support) +--- + kio/kssl/kopenssl.cpp | 250 ++++++++++++++++++++++++++++++++++++++----- + kio/kssl/kopenssl.h | 80 ++++++++++++-- + kio/kssl/kssl.cpp | 4 - + kio/kssl/ksslcallback.c | 6 +- + kio/kssl/ksslcertchain.cpp | 53 +++------ + kio/kssl/ksslcertificate.cpp | 68 +++++++----- + 6 files changed, 351 insertions(+), 110 deletions(-) + +diff --git a/kio/kssl/kopenssl.cpp b/kio/kssl/kopenssl.cpp +index e3ca535b25..8f8b921159 100644 +--- a/kio/kssl/kopenssl.cpp ++++ b/kio/kssl/kopenssl.cpp +@@ -75,18 +75,26 @@ static void (*K_X509_STORE_CTX_free) (X509_STORE_CTX *) = 0L; + static int (*K_X509_verify_cert) (X509_STORE_CTX *) = 0L; + static X509_STORE_CTX *(*K_X509_STORE_CTX_new) (void) = 0L; + static void (*K_X509_STORE_free) (X509_STORE *) = 0L; ++static void (*K_X509_STORE_set_verify_cb)(X509_STORE *, int (*)(int, X509_STORE_CTX *)) = 0L; + static X509_STORE *(*K_X509_STORE_new) (void) = 0L; + static void (*K_X509_free) (X509 *) = 0L; + static char *(*K_X509_NAME_oneline) (X509_NAME *,char *,int) = 0L; + static X509_NAME *(*K_X509_get_subject_name) (X509 *) = 0L; + static X509_NAME *(*K_X509_get_issuer_name) (X509 *) = 0L; ++static void (*K_X509_get0_signature)(const ASN1_BIT_STRING **psig, const X509_ALGOR **palg, const X509 *x) = 0L; + static X509_LOOKUP *(*K_X509_STORE_add_lookup) (X509_STORE *, X509_LOOKUP_METHOD *) = 0L; + static X509_LOOKUP_METHOD *(*K_X509_LOOKUP_file)(void) = 0L; + static void (*K_X509_LOOKUP_free)(X509_LOOKUP *) = 0L; + static int (*K_X509_LOOKUP_ctrl)(X509_LOOKUP *, int, const char *, long, char **) = 0L; + static void (*K_X509_STORE_CTX_init)(X509_STORE_CTX *, X509_STORE *, X509 *, STACK_OF(X509) *) = 0L; ++#if OPENSSL_VERSION_NUMBER < 0x10100000L + static void (*K_CRYPTO_free) (void *) = 0L; ++#else ++static void (*K_CRYPTO_free)(void *, const char *, int) = 0L; ++#endif + static X509* (*K_X509_dup) (X509 *) = 0L; ++static ASN1_TIME *(*K_X509_getm_notBefore)(const X509 *) = 0L; ++static ASN1_TIME *(*K_X509_getm_notAfter)(const X509 *) = 0L; + static BIO_METHOD *(*K_BIO_s_mem) (void) = 0L; + static BIO* (*K_BIO_new) (BIO_METHOD *) = 0L; + static BIO* (*K_BIO_new_fp) (FILE *, int) = 0L; +@@ -118,13 +126,16 @@ static int (*K_SSL_get_error) (SSL*, int) = 0L; + static STACK_OF(X509)* (*K_SSL_get_peer_cert_chain) (SSL*) = 0L; + static void (*K_X509_STORE_CTX_set_chain) (X509_STORE_CTX *, STACK_OF(X509)*) = 0L; + static void (*K_X509_STORE_CTX_set_purpose) (X509_STORE_CTX *, int) = 0L; +-static void (*K_sk_free) (STACK*) = 0L; +-static int (*K_sk_num) (STACK*) = 0L; +-static char* (*K_sk_pop) (STACK*) = 0L; +-static char* (*K_sk_value) (STACK*, int) = 0L; +-static STACK* (*K_sk_new) (int (*)()) = 0L; +-static int (*K_sk_push) (STACK*, char*) = 0L; +-static STACK* (*K_sk_dup) (STACK *) = 0L; ++static X509 *(*K_X509_STORE_CTX_get_current_cert)(X509_STORE_CTX *) = 0L; ++static void (*K_X509_STORE_CTX_set_error)(X509_STORE_CTX *, int) = 0L; ++static int (*K_X509_STORE_CTX_get_error)(X509_STORE_CTX *) = 0L; ++static void (*K_OPENSSL_sk_free)(STACK *) = 0L; ++static int (*K_OPENSSL_sk_num)(STACK *) = 0L; ++static char *(*K_OPENSSL_sk_pop)(STACK *) = 0L; ++static char *(*K_OPENSSL_sk_value)(STACK *, int) = 0L; ++static STACK *(*K_OPENSSL_sk_new)(int (*)()) = 0L; ++static int (*K_OPENSSL_sk_push)(STACK *, char *) = 0L; ++static STACK *(*K_OPENSSL_sk_dup)(STACK *) = 0L; + static char * (*K_i2s_ASN1_INTEGER) (X509V3_EXT_METHOD *, ASN1_INTEGER *) =0L; + static ASN1_INTEGER * (*K_X509_get_serialNumber) (X509 *) = 0L; + static EVP_PKEY *(*K_X509_get_pubkey)(X509 *) = 0L; +@@ -164,6 +175,12 @@ static int (*K_X509_PURPOSE_get_id)(X509_PURPOSE *) = 0L; + static int (*K_X509_check_purpose)(X509*,int,int) = 0L; + static X509_PURPOSE* (*K_X509_PURPOSE_get0)(int) = 0L; + static int (*K_EVP_PKEY_assign)(EVP_PKEY*, int, char*) = 0L; ++static int (*K_EVP_PKEY_base_id)(EVP_PKEY *) = 0L; ++static RSA *(*K_EVP_PKEY_get0_RSA)(EVP_PKEY *) = 0L; ++static void (*K_RSA_get0_key)(RSA *, const BIGNUM **, const BIGNUM **, const BIGNUM **) = 0L; ++static DSA *(*K_EVP_PKEY_get0_DSA)(EVP_PKEY *) = 0L; ++static void (*K_DSA_get0_pqg)(DSA *, const BIGNUM **, const BIGNUM **, const BIGNUM **) = 0L; ++static void (*K_DSA_get0_key)(DSA *, const BIGNUM **, const BIGNUM **) = 0L; + static int (*K_X509_REQ_set_pubkey)(X509_REQ*, EVP_PKEY*) = 0L; + static RSA *(*K_RSA_generate_key)(int, unsigned long, void (*)(int,int,void *), void *) = 0L; + static int (*K_i2d_X509_REQ_fp)(FILE*, X509_REQ*) = 0L; +@@ -410,7 +427,11 @@ KOpenSSLProxy::KOpenSSLProxy() + K_RAND_load_file = (int (*)(const char *, long)) d->cryptoLib->resolveFunction("RAND_load_file"); + K_RAND_file_name = (const char* (*)(char *, size_t)) d->cryptoLib->resolveFunction("RAND_file_name"); + K_RAND_write_file = (int (*)(const char *)) d->cryptoLib->resolveFunction("RAND_write_file"); ++#if OPENSSL_VERSION_NUMBER < 0x10100000L + K_CRYPTO_free = (void (*) (void *)) d->cryptoLib->resolveFunction("CRYPTO_free"); ++#else ++ K_CRYPTO_free = (void (*)(void *, const char *, int)) d->cryptoLib->resolveFunction("CRYPTO_free"); ++#endif + K_d2i_X509 = (X509 * (*)(X509 **,unsigned char **,long)) d->cryptoLib->resolveFunction("d2i_X509"); + K_i2d_X509 = (int (*)(X509 *,unsigned char **)) d->cryptoLib->resolveFunction("i2d_X509"); + K_X509_cmp = (int (*)(X509 *, X509 *)) d->cryptoLib->resolveFunction("X509_cmp"); +@@ -419,15 +440,19 @@ KOpenSSLProxy::KOpenSSLProxy() + K_X509_verify_cert = (int (*) (X509_STORE_CTX *)) d->cryptoLib->resolveFunction("X509_verify_cert"); + K_X509_STORE_new = (X509_STORE * (*) (void)) d->cryptoLib->resolveFunction("X509_STORE_new"); + K_X509_STORE_free = (void (*) (X509_STORE *)) d->cryptoLib->resolveFunction("X509_STORE_free"); ++ K_X509_STORE_set_verify_cb = (void (*)(X509_STORE *, int (*)(int, X509_STORE_CTX *))) d->cryptoLib->resolveFunction("X509_STORE_set_verify_cb"); + K_X509_NAME_oneline = (char * (*) (X509_NAME *,char *,int)) d->cryptoLib->resolveFunction("X509_NAME_oneline"); + K_X509_get_subject_name = (X509_NAME * (*) (X509 *)) d->cryptoLib->resolveFunction("X509_get_subject_name"); + K_X509_get_issuer_name = (X509_NAME * (*) (X509 *)) d->cryptoLib->resolveFunction("X509_get_issuer_name"); ++ K_X509_get0_signature = (void (*)(const ASN1_BIT_STRING **, const X509_ALGOR **, const X509 *)) d->cryptoLib->resolveFunction("X509_get0_signature"); + K_X509_STORE_add_lookup = (X509_LOOKUP *(*) (X509_STORE *, X509_LOOKUP_METHOD *)) d->cryptoLib->resolveFunction("X509_STORE_add_lookup"); + K_X509_LOOKUP_file = (X509_LOOKUP_METHOD *(*)(void)) d->cryptoLib->resolveFunction("X509_LOOKUP_file"); + K_X509_LOOKUP_free = (void (*)(X509_LOOKUP *)) d->cryptoLib->resolveFunction("X509_LOOKUP_free"); + K_X509_LOOKUP_ctrl = (int (*)(X509_LOOKUP *, int, const char *, long, char **)) d->cryptoLib->resolveFunction("X509_LOOKUP_ctrl"); + K_X509_STORE_CTX_init = (void (*)(X509_STORE_CTX *, X509_STORE *, X509 *, STACK_OF(X509) *)) d->cryptoLib->resolveFunction("X509_STORE_CTX_init"); + K_X509_dup = (X509* (*)(X509*)) d->cryptoLib->resolveFunction("X509_dup"); ++ K_X509_getm_notBefore = (ASN1_TIME *(*)(const X509 *)) d->cryptoLib->resolveFunction("X509_getm_notBefore"); ++ K_X509_getm_notAfter = (ASN1_TIME *(*)(const X509 *)) d->cryptoLib->resolveFunction("X509_getm_notAfter"); + K_BIO_s_mem = (BIO_METHOD *(*) (void)) d->cryptoLib->resolveFunction("BIO_s_mem"); + K_BIO_new = (BIO* (*)(BIO_METHOD *)) d->cryptoLib->resolveFunction("BIO_new"); + K_BIO_new_fp = (BIO* (*)(FILE*, int)) d->cryptoLib->resolveFunction("BIO_new_fp"); +@@ -454,13 +479,26 @@ KOpenSSLProxy::KOpenSSLProxy() + K_X509_REQ_new = (X509_REQ* (*)()) d->cryptoLib->resolveFunction("X509_REQ_new"); + K_X509_STORE_CTX_set_chain = (void (*)(X509_STORE_CTX *, STACK_OF(X509)*)) d->cryptoLib->resolveFunction("X509_STORE_CTX_set_chain"); + K_X509_STORE_CTX_set_purpose = (void (*)(X509_STORE_CTX *, int)) d->cryptoLib->resolveFunction("X509_STORE_CTX_set_purpose"); +- K_sk_free = (void (*) (STACK *)) d->cryptoLib->resolveFunction("sk_free"); +- K_sk_num = (int (*) (STACK *)) d->cryptoLib->resolveFunction("sk_num"); +- K_sk_pop = (char* (*) (STACK *)) d->cryptoLib->resolveFunction("sk_pop"); +- K_sk_value = (char* (*) (STACK *, int)) d->cryptoLib->resolveFunction("sk_value"); +- K_sk_new = (STACK* (*) (int (*)())) d->cryptoLib->resolveFunction("sk_new"); +- K_sk_push = (int (*) (STACK*, char*)) d->cryptoLib->resolveFunction("sk_push"); +- K_sk_dup = (STACK* (*) (STACK *)) d->cryptoLib->resolveFunction("sk_dup"); ++ K_X509_STORE_CTX_get_current_cert = (X509 * (*)(X509_STORE_CTX *)) d->cryptoLib->resolveFunction("X509_STORE_CTX_get_current_cert"); ++ K_X509_STORE_CTX_set_error = (void (*)(X509_STORE_CTX *, int)) d->cryptoLib->resolveFunction("X509_STORE_CTX_set_error"); ++ K_X509_STORE_CTX_get_error = (int (*)(X509_STORE_CTX *)) d->cryptoLib->resolveFunction("X509_STORE_CTX_get_error"); ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++ K_OPENSSL_sk_free = (void (*)(STACK *)) d->cryptoLib->resolveFunction("OPENSSL_sk_free"); ++ K_OPENSSL_sk_num = (int (*)(STACK *)) d->cryptoLib->resolveFunction("OPENSSL_sk_num"); ++ K_OPENSSL_sk_pop = (char *(*)(STACK *)) d->cryptoLib->resolveFunction("OPENSSL_sk_pop"); ++ K_OPENSSL_sk_value = (char *(*)(STACK *, int)) d->cryptoLib->resolveFunction("OPENSSL_sk_value"); ++ K_OPENSSL_sk_new = (STACK * (*)(int (*)())) d->cryptoLib->resolveFunction("OPENSSL_sk_new"); ++ K_OPENSSL_sk_push = (int (*)(STACK *, char *)) d->cryptoLib->resolveFunction("OPENSSL_sk_push"); ++ K_OPENSSL_sk_dup = (STACK * (*)(STACK *)) d->cryptoLib->resolveFunction("OPENSSL_sk_dup"); ++#else ++ K_OPENSSL_sk_free = (void (*)(STACK *)) d->cryptoLib->resolveFunction("sk_free"); ++ K_OPENSSL_sk_num = (int (*)(STACK *)) d->cryptoLib->resolveFunction("sk_num"); ++ K_OPENSSL_sk_pop = (char *(*)(STACK *)) d->cryptoLib->resolveFunction("sk_pop"); ++ K_OPENSSL_sk_value = (char *(*)(STACK *, int)) d->cryptoLib->resolveFunction("sk_value"); ++ K_OPENSSL_sk_new = (STACK * (*)(int (*)())) d->cryptoLib->resolveFunction("sk_new"); ++ K_OPENSSL_sk_push = (int (*)(STACK *, char *)) d->cryptoLib->resolveFunction("sk_push"); ++ K_OPENSSL_sk_dup = (STACK * (*)(STACK *)) d->cryptoLib->resolveFunction("sk_dup"); ++#endif + K_i2s_ASN1_INTEGER = (char *(*) (X509V3_EXT_METHOD *, ASN1_INTEGER *)) d->cryptoLib->resolveFunction("i2s_ASN1_INTEGER"); + K_X509_get_serialNumber = (ASN1_INTEGER * (*) (X509 *)) d->cryptoLib->resolveFunction("X509_get_serialNumber"); + K_X509_get_pubkey = (EVP_PKEY *(*)(X509 *)) d->cryptoLib->resolveFunction("X509_get_pubkey"); +@@ -504,6 +542,12 @@ KOpenSSLProxy::KOpenSSLProxy() + K_X509_check_purpose = (int (*)(X509*,int,int)) d->cryptoLib->resolveFunction("X509_check_purpose"); + K_X509_PURPOSE_get0 = (X509_PURPOSE *(*)(int)) d->cryptoLib->resolveFunction("X509_PURPOSE_get0"); + K_EVP_PKEY_assign = (int (*)(EVP_PKEY*, int, char*)) d->cryptoLib->resolveFunction("EVP_PKEY_assign"); ++ K_EVP_PKEY_base_id = (int (*)(EVP_PKEY *)) d->cryptoLib->resolveFunction("EVP_PKEY_base_id"); ++ K_EVP_PKEY_get0_RSA = (RSA *(*)(EVP_PKEY *)) d->cryptoLib->resolveFunction("EVP_PKEY_get0_RSA"); ++ K_RSA_get0_key = (void (*)(RSA *, const BIGNUM **, const BIGNUM **, const BIGNUM **)) d->cryptoLib->resolveFunction("ESA_get0_key"); ++ K_EVP_PKEY_get0_DSA = (DSA *(*)(EVP_PKEY *)) d->cryptoLib->resolveFunction("EVP_PKEY_get0_DSA"); ++ K_DSA_get0_pqg = (void (*)(DSA *, const BIGNUM **, const BIGNUM **, const BIGNUM **)) d->cryptoLib->resolveFunction("DSA_get0_pqg"); ++ K_DSA_get0_key = (void (*)(DSA *, const BIGNUM **, const BIGNUM **)) d->cryptoLib->resolveFunction("DSA_get0_key"); + K_X509_REQ_set_pubkey = (int (*)(X509_REQ*, EVP_PKEY*)) d->cryptoLib->resolveFunction("X509_REQ_set_pubkey"); + K_RSA_generate_key = (RSA* (*)(int, unsigned long, void (*)(int,int,void *), void *)) d->cryptoLib->resolveFunction("RSA_generate_key"); + K_i2d_X509_REQ_fp = (int (*)(FILE *, X509_REQ *)) d->cryptoLib->resolveFunction("i2d_X509_REQ_fp"); +@@ -866,6 +910,16 @@ void KOpenSSLProxy::X509_STORE_free(X509_STORE *v) { + } + + ++void KOpenSSLProxy::X509_STORE_set_verify_cb(X509_STORE *store, int (*verify_cb)(int, X509_STORE_CTX *)) ++{ ++#if OPENSSL_VERSION_NUMBER < 0x10100000L ++ X509_STORE_set_verify_cb_func(store, verify_cb); ++#else ++ if (K_X509_STORE_set_verify_cb) (K_X509_STORE_set_verify_cb)(store, verify_cb); ++#endif ++} ++ ++ + X509_STORE_CTX *KOpenSSLProxy::X509_STORE_CTX_new(void) { + if (K_X509_STORE_CTX_new) return (K_X509_STORE_CTX_new)(); + return 0L; +@@ -906,6 +960,17 @@ X509_NAME *KOpenSSLProxy::X509_get_issuer_name(X509 *a) { + } + + ++void KOpenSSLProxy::X509_get0_signature(const ASN1_BIT_STRING **psig, const X509_ALGOR **algor, const X509 *x) ++{ ++#if OPENSSL_VERSION_NUMBER < 0x10100000L ++ if (psig) *psig = x->signature; ++ if (algor) *algor = x->sig_alg; ++#else ++ if (K_X509_get0_signature) return (K_X509_get0_signature)(psig, algor, x); ++#endif ++} ++ ++ + X509_LOOKUP *KOpenSSLProxy::X509_STORE_add_lookup(X509_STORE *v, X509_LOOKUP_METHOD *m) { + if (K_X509_STORE_add_lookup) return (K_X509_STORE_add_lookup)(v,m); + return 0L; +@@ -934,9 +999,16 @@ void KOpenSSLProxy::X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store, + } + + ++#if OPENSSL_VERSION_NUMBER < 0x10100000L + void KOpenSSLProxy::CRYPTO_free(void *x) { + if (K_CRYPTO_free) (K_CRYPTO_free)(x); + } ++#else ++void KOpenSSLProxy::CRYPTO_free(void *x, const char *file, int line) ++{ ++ if (K_CRYPTO_free) K_CRYPTO_free(x, file, line); ++} ++#endif + + + X509 *KOpenSSLProxy::X509_dup(X509 *x509) { +@@ -945,6 +1017,28 @@ X509 *KOpenSSLProxy::X509_dup(X509 *x509) { + } + + ++ASN1_TIME *KOpenSSLProxy::X509_getm_notBefore(const X509 *x) ++{ ++#if OPENSSL_VERSION_NUMBER < 0x10100000L ++ return X509_get_notBefore(x); ++#else ++ if (K_X509_getm_notBefore) return (K_X509_getm_notBefore)(x); ++ else return 0L; ++#endif ++} ++ ++ ++ASN1_TIME *KOpenSSLProxy::X509_getm_notAfter(const X509 *x) ++{ ++#if OPENSSL_VERSION_NUMBER < 0x10100000L ++ return X509_get_notAfter(x); ++#else ++ if (K_X509_getm_notAfter) return (K_X509_getm_notAfter)(x); ++ else return 0L; ++#endif ++} ++ ++ + BIO *KOpenSSLProxy::BIO_new(BIO_METHOD *type) { + if (K_BIO_new) return (K_BIO_new)(type); + else return 0L; +@@ -1093,25 +1187,25 @@ STACK_OF(X509) *KOpenSSLProxy::SSL_get_peer_cert_chain(SSL *s) { + } + + +-void KOpenSSLProxy::sk_free(STACK *s) { +- if (K_sk_free) (K_sk_free)(s); ++void KOpenSSLProxy::OPENSSL_sk_free(STACK *s) { ++ if (K_OPENSSL_sk_free) (K_OPENSSL_sk_free)(s); + } + + +-int KOpenSSLProxy::sk_num(STACK *s) { +- if (K_sk_num) return (K_sk_num)(s); ++int KOpenSSLProxy::OPENSSL_sk_num(STACK *s) { ++ if (K_OPENSSL_sk_num) return (K_OPENSSL_sk_num)(s); + else return -1; + } + + +-char *KOpenSSLProxy::sk_pop(STACK *s) { +- if (K_sk_pop) return (K_sk_pop)(s); ++char *KOpenSSLProxy::OPENSSL_sk_pop(STACK *s) { ++ if (K_OPENSSL_sk_pop) return (K_OPENSSL_sk_pop)(s); + else return 0L; + } + + +-char *KOpenSSLProxy::sk_value(STACK *s, int n) { +- if (K_sk_value) return (K_sk_value)(s, n); ++char *KOpenSSLProxy::OPENSSL_sk_value(STACK *s, int n) { ++ if (K_OPENSSL_sk_value) return (K_OPENSSL_sk_value)(s, n); + else return 0L; + } + +@@ -1125,20 +1219,52 @@ void KOpenSSLProxy::X509_STORE_CTX_set_purpose(X509_STORE_CTX *v, int purpose) { + } + + +-STACK* KOpenSSLProxy::sk_dup(STACK *s) { +- if (K_sk_dup) return (K_sk_dup)(s); ++X509 *KOpenSSLProxy::X509_STORE_CTX_get_current_cert(X509_STORE_CTX *v) ++{ ++#if OPENSSL_VERSION_NUMBER < 0x10100000L ++ return v->current_cert; ++#else ++ if (K_X509_STORE_CTX_get_current_cert) return (K_X509_STORE_CTX_get_current_cert)(v); ++ else return 0L; ++#endif ++} ++ ++ ++void KOpenSSLProxy::X509_STORE_CTX_set_error(X509_STORE_CTX *v, int error) ++{ ++#if OPENSSL_VERSION_NUMBER < 0x10100000L ++ v->error = error; ++#else ++ if (K_X509_STORE_CTX_set_error) (K_X509_STORE_CTX_set_error)(v, error); ++#endif ++} ++ ++ ++int KOpenSSLProxy::X509_STORE_CTX_get_error(X509_STORE_CTX *v) ++{ ++#if OPENSSL_VERSION_NUMBER < 0x10100000L ++ return v->error; ++#else ++ if (K_X509_STORE_CTX_get_error) return (K_X509_STORE_CTX_get_error)(v); ++ else return 0; ++#endif ++} ++ ++ ++STACK* KOpenSSLProxy::OPENSSL_sk_dup(STACK *s) { ++ if (K_OPENSSL_sk_dup) return (K_OPENSSL_sk_dup)(s); + else return 0L; + } + + +-STACK* KOpenSSLProxy::sk_new(int (*cmp)()) { +- if (K_sk_new) return (K_sk_new)(cmp); ++STACK* KOpenSSLProxy::OPENSSL_sk_new(int (*cmp)()) { ++ if (K_OPENSSL_sk_new) return (K_OPENSSL_sk_new)(cmp); + else return 0L; + } + + +-int KOpenSSLProxy::sk_push(STACK* s, char* d) { +- if (K_sk_push) return (K_sk_push)(s,d); ++int KOpenSSLProxy::OPENSSL_sk_push(STACK* s, char* d) { ++ if (K_OPENSSL_sk_push) return (K_OPENSSL_sk_push)(s,d); + else return -1; + } + +@@ -1423,6 +1549,74 @@ int KOpenSSLProxy::EVP_PKEY_assign(EVP_PKEY *pkey, int type, char *key) { + else return -1; + } + ++ ++int KOpenSSLProxy::EVP_PKEY_base_id(EVP_PKEY *pkey) ++{ ++#if OPENSSL_VERSION_NUMBER < 0x10100000L ++ return pkey->type; ++#else ++ if (K_EVP_PKEY_base_id) return (K_EVP_PKEY_base_id)(pkey); ++ else return 0; ++#endif ++} ++ ++ ++RSA *KOpenSSLProxy::EVP_PKEY_get0_RSA(EVP_PKEY *pkey) ++{ ++#if OPENSSL_VERSION_NUMBER < 0x10100000L ++ return pkey->pkey.rsa; ++#else ++ if (K_EVP_PKEY_get0_RSA) return (K_EVP_PKEY_get0_RSA)(pkey); ++ else return 0L; ++#endif ++} ++ ++ ++void KOpenSSLProxy::RSA_get0_key(RSA *rsa, const BIGNUM **n, const BIGNUM **e, const BIGNUM **d) ++{ ++#if OPENSSL_VERSION_NUMBER < 0x10100000L ++ if (n) *n = rsa->n; ++ if (e) *e = rsa->e; ++ if (d) *d = rsa->d; ++#else ++ if (K_RSA_get0_key) (K_RSA_get0_key)(rsa, n, e, d); ++#endif ++} ++ ++ ++DSA *KOpenSSLProxy::EVP_PKEY_get0_DSA(EVP_PKEY *pkey) ++{ ++#if OPENSSL_VERSION_NUMBER < 0x10100000L ++ return pkey->pkey.dsa; ++#else ++ if (K_EVP_PKEY_get0_DSA) return (K_EVP_PKEY_get0_DSA)(pkey); ++ else return 0L; ++#endif ++} ++ ++ ++void KOpenSSLProxy::DSA_get0_pqg(DSA *dsa, const BIGNUM **p, const BIGNUM **q, const BIGNUM **g) ++{ ++#if OPENSSL_VERSION_NUMBER < 0x10100000L ++ if (p) *p = dsa->p; ++ if (q) *q = dsa->q; ++ if (g) *g = dsa->g; ++#else ++ if (K_DSA_get0_pqg) (K_DSA_get0_pqg)(dsa, p, q, g); ++#endif ++} ++ ++ ++void KOpenSSLProxy::DSA_get0_key(DSA *dsa, const BIGNUM **pub_key, const BIGNUM **priv_key) ++{ ++#if OPENSSL_VERSION_NUMBER < 0x10100000L ++ if (pub_key) *pub_key = dsa->pub_key; ++ if (priv_key) *priv_key = dsa->priv_key; ++#else ++ if (K_DSA_get0_key) (K_DSA_get0_key)(dsa, pub_key, priv_key); ++#endif ++} ++ + + int KOpenSSLProxy::X509_REQ_set_pubkey(X509_REQ *x, EVP_PKEY *pkey) { + if (K_X509_REQ_set_pubkey) return (K_X509_REQ_set_pubkey)(x, pkey); +diff --git a/kio/kssl/kopenssl.h b/kio/kssl/kopenssl.h +index ab05486336..ae3398fbef 100644 +--- a/kio/kssl/kopenssl.h ++++ b/kio/kssl/kopenssl.h +@@ -297,6 +297,18 @@ public: + + + /* ++ * X509_getm_notBefore - get validity start ++ */ ++ ASN1_TIME *X509_getm_notBefore(const X509 *x); ++ ++ ++ /* ++ * X509_getm_notAfter - get validity end ++ */ ++ ASN1_TIME *X509_getm_notAfter(const X509 *x); ++ ++ ++ /* + * X509_STORE_CTX_new - create an X509 store context + */ + X509_STORE_CTX *X509_STORE_CTX_new(void); +@@ -313,11 +325,31 @@ public: + */ + void X509_STORE_CTX_set_chain(X509_STORE_CTX *v, STACK_OF(X509)* x); + ++ + /* + * X509_STORE_CTX_set_purpose - set the purpose of the certificate + */ + void X509_STORE_CTX_set_purpose(X509_STORE_CTX *v, int purpose); + ++ ++ /* ++ * X509_STORE_CTX_get_current_cert - get the current certificate ++ */ ++ X509 *X509_STORE_CTX_get_current_cert(X509_STORE_CTX *v); ++ ++ ++ /* ++ * X509_STORE_CTX_set_error - set certificate error ++ */ ++ void X509_STORE_CTX_set_error(X509_STORE_CTX *v, int error); ++ ++ ++ /* ++ * X509_STORE_CTX_get_error - get certificate error ++ */ ++ int X509_STORE_CTX_get_error(X509_STORE_CTX *v); ++ ++ + /* + * X509_verify_cert - verify the certificate + */ +@@ -337,6 +369,12 @@ public: + + + /* ++ * X509_STORE_set_verify_cb - set verify callback ++ */ ++ void X509_STORE_set_verify_cb(X509_STORE *v, int (*verify_cb)(int, X509_STORE_CTX *)); ++ ++ ++ /* + * X509_free - free up an X509 + */ + void X509_free(X509 *v); +@@ -361,6 +399,12 @@ public: + + + /* ++ * X509_get0_signature - return X509 signature and signature algorithm ++ */ ++ void X509_get0_signature(const ASN1_BIT_STRING **psig, const X509_ALGOR **palg, const X509 *x); ++ ++ ++ /* + * X509_STORE_add_lookup - add a lookup file/method to an X509 store + */ + X509_LOOKUP *X509_STORE_add_lookup(X509_STORE *v, X509_LOOKUP_METHOD *m); +@@ -393,7 +437,11 @@ public: + /* + * CRYPTO_free - free up an internally allocated object + */ ++#if OPENSSL_VERSION_NUMBER < 0x10100000L + void CRYPTO_free(void *x); ++#else ++ void CRYPTO_free(void *x, const char *file, int line); ++#endif + + /* + * BIO_new - create new BIO +@@ -505,53 +553,53 @@ public: + /* + * Pop off the stack + */ +- char *sk_pop(STACK *s); ++ char *OPENSSL_sk_pop(STACK *s); + + + /* + * Free the stack + */ +- void sk_free(STACK *s); ++ void OPENSSL_sk_free(STACK *s); + + #if OPENSSL_VERSION_NUMBER >= 0x10000000L +- void sk_free(void *s) { return sk_free(reinterpret_cast<STACK*>(s)); } ++ void OPENSSL_sk_free(void *s) { return OPENSSL_sk_free(reinterpret_cast<STACK*>(s)); } + #endif + + /* + * Number of elements in the stack + */ +- int sk_num(STACK *s); ++ int OPENSSL_sk_num(STACK *s); + + + /* + * Value of element n in the stack + */ +- char *sk_value(STACK *s, int n); ++ char *OPENSSL_sk_value(STACK *s, int n); + + #if OPENSSL_VERSION_NUMBER >= 0x10000000L +- char *sk_value(void *s, int n) { return sk_value(reinterpret_cast<STACK*>(s), n); } ++ char *OPENSSL_sk_value(void *s, int n) { return OPENSSL_sk_value(reinterpret_cast<STACK*>(s), n); } + #endif + + /* + * Create a new stack + */ +- STACK *sk_new(int (*cmp)()); ++ STACK *OPENSSL_sk_new(int (*cmp)()); + + + /* + * Add an element to the stack + */ +- int sk_push(STACK *s, char *d); ++ int OPENSSL_sk_push(STACK *s, char *d); + + #if OPENSSL_VERSION_NUMBER >= 0x10000000L +- int sk_push(void *s, void *d) { return sk_push(reinterpret_cast<STACK*>(s), reinterpret_cast<char*>(d)); } ++ int OPENSSL_sk_push(void *s, void *d) { return OPENSSL_sk_push(reinterpret_cast<STACK*>(s), reinterpret_cast<char*>(d)); } + #endif + + + /* + * Duplicate the stack + */ +- STACK *sk_dup(STACK *s); ++ STACK *OPENSSL_sk_dup(STACK *s); + + + /* +@@ -800,6 +848,18 @@ public: + + + /* ++ * Get key type ++ */ ++ int EVP_PKEY_base_id(EVP_PKEY *pkey); ++ ++ RSA *EVP_PKEY_get0_RSA(EVP_PKEY *pkey); ++ void RSA_get0_key(RSA *rsa, const BIGNUM **n, const BIGNUM **e, const BIGNUM **d); ++ DSA *EVP_PKEY_get0_DSA(EVP_PKEY *pkey); ++ void DSA_get0_pqg(DSA *dsa, const BIGNUM **p, const BIGNUM **q, const BIGNUM **g); ++ void DSA_get0_key(DSA *dsa, const BIGNUM **pub_key, const BIGNUM **priv_key); ++ ++ ++ /* + * Generate a RSA key + */ + RSA *RSA_generate_key(int bits, unsigned long e, void +diff --git a/kio/kssl/kssl.cpp b/kio/kssl/kssl.cpp +index c36db55a42..faba1bb5ab 100644 +--- a/kio/kssl/kssl.cpp ++++ b/kio/kssl/kssl.cpp +@@ -55,8 +55,6 @@ + #warning "kssl.cc needs to be ported to QSslSocket" + #endif + +-#define sk_dup d->kossl->sk_dup +- + class KSSLPrivate { + public: + KSSLPrivate() { +@@ -212,5 +210,3 @@ bool KSSL::doesSSLWork() { + return m_bSSLWorks; + } + +-#undef sk_dup +- +diff --git a/kio/kssl/ksslcallback.c b/kio/kssl/ksslcallback.c +index 516b916337..38e94356e8 100644 +--- a/kio/kssl/ksslcallback.c ++++ b/kio/kssl/ksslcallback.c +@@ -28,7 +28,7 @@ bool KSSL_X509CallBack_ca_found; + extern "C" { + static int X509Callback(int ok, X509_STORE_CTX *ctx) { + +- kDebug(7029) << "X509Callback: ok = " << ok << " error = " << ctx->error << " depth = " << ctx->error_depth; ++ //kDebug(7029) << "X509Callback: ok = " << ok << " error = " << ctx->error << " depth = " << ctx->error_depth; + // Here is how this works. We put "ok = 1;" in any case that we + // don't consider to be an error. In that case, it will return OK + // for the certificate check as long as there are no other critical +@@ -39,14 +39,14 @@ static int X509Callback(int ok, X509_STORE_CTX *ctx) { + + if (KSSL_X509CallBack_ca) + { +- if (KOSSL::self()->X509_cmp(ctx->current_cert, KSSL_X509CallBack_ca) != 0) ++ if (KOSSL::self()->X509_cmp(KOSSL::self()->X509_STORE_CTX_get_current_cert(ctx), KSSL_X509CallBack_ca) != 0) + return 1; // Ignore errors for this certificate + + KSSL_X509CallBack_ca_found = true; + } + + if (!ok) { +- switch (ctx->error) { ++ switch (KOSSL::self()->X509_STORE_CTX_get_error(ctx)) { + case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT: + case X509_V_ERR_UNABLE_TO_GET_CRL: + case X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE: +diff --git a/kio/kssl/ksslcertchain.cpp b/kio/kssl/ksslcertchain.cpp +index 2be7995bf8..cdfab2b5ae 100644 +--- a/kio/kssl/ksslcertchain.cpp ++++ b/kio/kssl/ksslcertchain.cpp +@@ -44,16 +44,6 @@ + #include <kdebug.h> + #include <QtCore/QStringList> + +-#ifdef KSSL_HAVE_SSL +-#define sk_new d->kossl->sk_new +-#define sk_push d->kossl->sk_push +-#define sk_free d->kossl->sk_free +-#define sk_value d->kossl->sk_value +-#define sk_num d->kossl->sk_num +-#define sk_dup d->kossl->sk_dup +-#define sk_pop d->kossl->sk_pop +-#endif +- + class KSSLCertChainPrivate { + public: + KSSLCertChainPrivate() { +@@ -79,11 +69,11 @@ KSSLCertChain::~KSSLCertChain() { + STACK_OF(X509) *x = (STACK_OF(X509) *)_chain; + + for (;;) { +- X509* x5 = sk_X509_pop(x); ++ X509 *x5 = reinterpret_cast<X509*>(d->kossl->OPENSSL_sk_pop(reinterpret_cast<STACK *>(x))); + if (!x5) break; + d->kossl->X509_free(x5); + } +- sk_X509_free(x); ++ d->kossl->OPENSSL_sk_free(reinterpret_cast<STACK *>(x)); + } + #endif + delete d; +@@ -106,7 +96,7 @@ KSSLCertChain *KSSLCertChain::replicate() { + + int KSSLCertChain::depth() { + #ifdef KSSL_HAVE_SSL +- return sk_X509_num((STACK_OF(X509)*)_chain); ++ return d->kossl->OPENSSL_sk_num(static_cast<STACK *>(_chain)); + #endif + return 0; + } +@@ -123,8 +113,8 @@ QList<KSSLCertificate *> KSSLCertChain::getChain() const { + #ifdef KSSL_HAVE_SSL + STACK_OF(X509) *x = (STACK_OF(X509) *)_chain; + +- for (int i = 0; i < sk_X509_num(x); i++) { +- X509* x5 = sk_X509_value(x, i); ++ for (int i = 0; i < d->kossl->OPENSSL_sk_num(reinterpret_cast<STACK *>(x)); i++) { ++ X509 *x5 = reinterpret_cast<X509*>(d->kossl->OPENSSL_sk_value(reinterpret_cast<STACK *>(x), i)); + if (!x5) continue; + KSSLCertificate *nc = new KSSLCertificate; + nc->setCert(d->kossl->X509_dup(x5)); +@@ -142,18 +132,18 @@ void KSSLCertChain::setChain(const QList<KSSLCertificate *>& chain) { + STACK_OF(X509) *x = (STACK_OF(X509) *)_chain; + + for (;;) { +- X509* x5 = sk_X509_pop(x); ++ X509 *x5 = reinterpret_cast<X509*>(d->kossl->OPENSSL_sk_pop(reinterpret_cast<STACK*>(x))); + if (!x5) break; + d->kossl->X509_free(x5); + } +- sk_X509_free(x); +- _chain = NULL; ++ d->kossl->OPENSSL_sk_free(reinterpret_cast<STACK*>(x)); ++ _chain = NULL; + } + + if (chain.isEmpty()) return; +- _chain = (void *)sk_new(NULL); ++ _chain = (void *)d->kossl->OPENSSL_sk_new(NULL); + foreach (KSSLCertificate *x, chain) { +- sk_X509_push((STACK_OF(X509)*)_chain, d->kossl->X509_dup(x->getCert())); ++ d->kossl->OPENSSL_sk_push(static_cast<STACK*>(_chain), d->kossl->X509_dup(x->getCert())); + } + + #endif +@@ -166,23 +156,23 @@ if (_chain) { + STACK_OF(X509) *x = (STACK_OF(X509) *)_chain; + + for (;;) { +- X509* x5 = sk_X509_pop(x); ++ X509 *x5 = reinterpret_cast<X509 *>(d->kossl->OPENSSL_sk_pop(reinterpret_cast<STACK *>(x))); + if (!x5) break; + d->kossl->X509_free(x5); + } +- sk_X509_free(x); ++ d->kossl->OPENSSL_sk_free(reinterpret_cast<STACK *>(x)); + _chain = NULL; + } + + if (!stack_of_x509) return; + +-_chain = (void *)sk_new(NULL); ++_chain = (void *)d->kossl->OPENSSL_sk_new(NULL); + STACK_OF(X509) *x = (STACK_OF(X509) *)stack_of_x509; + +- for (int i = 0; i < sk_X509_num(x); i++) { +- X509* x5 = sk_X509_value(x, i); ++ for (int i = 0; i < d->kossl->OPENSSL_sk_num(reinterpret_cast<STACK *>(x)); i++) { ++ X509 *x5 = reinterpret_cast<X509*>(d->kossl->OPENSSL_sk_value(reinterpret_cast<STACK *>(x), i)); + if (!x5) continue; +- sk_X509_push((STACK_OF(X509)*)_chain,d->kossl->X509_dup(x5)); ++ d->kossl->OPENSSL_sk_push(reinterpret_cast<STACK *>(_chain), d->kossl->X509_dup(x5)); + } + + #else +@@ -202,14 +192,3 @@ void KSSLCertChain::setCertChain(const QStringList& chain) { + setChain(cl); + } + +- +-#ifdef KSSL_HAVE_SSL +-#undef sk_new +-#undef sk_push +-#undef sk_free +-#undef sk_value +-#undef sk_num +-#undef sk_dup +-#undef sk_pop +-#endif +- +diff --git a/kio/kssl/ksslcertificate.cpp b/kio/kssl/ksslcertificate.cpp +index 0d4fbd9cdc..c93d5c5b22 100644 +--- a/kio/kssl/ksslcertificate.cpp ++++ b/kio/kssl/ksslcertificate.cpp +@@ -200,14 +200,17 @@ QString KSSLCertificate::getSignatureText() const { + char *s; + int n, i; + +- i = d->kossl->OBJ_obj2nid(d->m_cert->sig_alg->algorithm); ++ const X509_ALGOR *algor; ++ const ASN1_BIT_STRING *sig; ++ d->kossl->X509_get0_signature(&sig, &algor, d->m_cert); ++ i = d->kossl->OBJ_obj2nid(algor->algorithm); + rc = i18n("Signature Algorithm: "); + rc += (i == NID_undef)?i18n("Unknown"):QString(d->kossl->OBJ_nid2ln(i)); + + rc += '\n'; + rc += i18n("Signature Contents:"); +- n = d->m_cert->signature->length; +- s = (char *)d->m_cert->signature->data; ++ n = sig->length; ++ s = (char *)sig->data; + for (i = 0; i < n; ++i) { + if (i%20 != 0) { + rc += ':'; +@@ -233,9 +236,10 @@ void KSSLCertificate::getEmails(QStringList &to) const { + } + + STACK *s = d->kossl->X509_get1_email(d->m_cert); ++ const int size = d->kossl->OPENSSL_sk_num(s); + if (s) { +- for(int n=0; n < s->num; n++) { +- to.append(d->kossl->sk_value(s,n)); ++ for(int n=0; n < size; n++) { ++ to.append(d->kossl->OPENSSL_sk_value(s,n)); + } + d->kossl->X509_email_free(s); + } +@@ -317,13 +321,13 @@ QString rc = ""; + EVP_PKEY *pkey = d->kossl->X509_get_pubkey(d->m_cert); + if (pkey) { + #ifndef NO_RSA +- if (pkey->type == EVP_PKEY_RSA) { ++ if (d->kossl->EVP_PKEY_base_id(pkey) == EVP_PKEY_RSA) { + rc = "RSA"; + } + else + #endif + #ifndef NO_DSA +- if (pkey->type == EVP_PKEY_DSA) { ++ if (d->kossl->EVP_PKEY_base_id(pkey) == EVP_PKEY_DSA) { + rc = "DSA"; + } + else +@@ -347,8 +351,10 @@ char *x = NULL; + if (pkey) { + rc = i18nc("Unknown", "Unknown key algorithm"); + #ifndef NO_RSA +- if (pkey->type == EVP_PKEY_RSA) { +- x = d->kossl->BN_bn2hex(pkey->pkey.rsa->n); ++ if (d->kossl->EVP_PKEY_base_id(pkey) == EVP_PKEY_RSA) { ++ const BIGNUM *n, *e; ++ d->kossl->RSA_get0_key(d->kossl->EVP_PKEY_get0_RSA(pkey), &n, &e, NULL); ++ x = d->kossl->BN_bn2hex(n); + rc = i18n("Key type: RSA (%1 bit)", strlen(x)*4) + '\n'; + + rc += i18n("Modulus: "); +@@ -364,15 +370,18 @@ char *x = NULL; + rc += '\n'; + d->kossl->OPENSSL_free(x); + +- x = d->kossl->BN_bn2hex(pkey->pkey.rsa->e); ++ x = d->kossl->BN_bn2hex(e); + rc += i18n("Exponent: 0x") + QLatin1String(x) + + QLatin1String("\n"); + d->kossl->OPENSSL_free(x); + } + #endif + #ifndef NO_DSA +- if (pkey->type == EVP_PKEY_DSA) { +- x = d->kossl->BN_bn2hex(pkey->pkey.dsa->p); ++ if (d->kossl->EVP_PKEY_base_id(pkey) == EVP_PKEY_DSA) { ++ DSA *dsa = d->kossl->EVP_PKEY_get0_DSA(pkey); ++ const BIGNUM *p, *q, *g; ++ d->kossl->DSA_get0_pqg(dsa, &p, &q, &g); ++ x = d->kossl->BN_bn2hex(p); + // hack - this may not be always accurate + rc = i18n("Key type: DSA (%1 bit)", strlen(x)*4) + '\n'; + +@@ -389,7 +398,7 @@ char *x = NULL; + rc += '\n'; + d->kossl->OPENSSL_free(x); + +- x = d->kossl->BN_bn2hex(pkey->pkey.dsa->q); ++ x = d->kossl->BN_bn2hex(q); + rc += i18n("160 bit prime factor: "); + for (unsigned int i = 0; i < strlen(x); i++) { + if (i%40 != 0 && i%2 == 0) { +@@ -403,7 +412,7 @@ char *x = NULL; + rc += '\n'; + d->kossl->OPENSSL_free(x); + +- x = d->kossl->BN_bn2hex(pkey->pkey.dsa->g); ++ x = d->kossl->BN_bn2hex(g); + rc += QString("g: "); + for (unsigned int i = 0; i < strlen(x); i++) { + if (i%40 != 0 && i%2 == 0) { +@@ -417,7 +426,9 @@ char *x = NULL; + rc += '\n'; + d->kossl->OPENSSL_free(x); + +- x = d->kossl->BN_bn2hex(pkey->pkey.dsa->pub_key); ++ const BIGNUM *pub_key; ++ d->kossl->DSA_get0_key(dsa, &pub_key, NULL); ++ x = d->kossl->BN_bn2hex(pub_key); + rc += i18n("Public key: "); + for (unsigned int i = 0; i < strlen(x); i++) { + if (i%40 != 0 && i%2 == 0) { +@@ -682,7 +693,7 @@ KSSLCertificate::KSSLValidationList KSSLCertificate::validateVerbose(KSSLCertifi + return errors; + } + +- X509_STORE_set_verify_cb_func(certStore, X509Callback); ++ d->kossl->X509_STORE_set_verify_cb(certStore, X509Callback); + + certLookup = d->kossl->X509_STORE_add_lookup(certStore, d->kossl->X509_LOOKUP_file()); + if (!certLookup) { +@@ -724,9 +735,9 @@ KSSLCertificate::KSSLValidationList KSSLCertificate::validateVerbose(KSSLCertifi + KSSL_X509CallBack_ca = ca ? ca->d->m_cert : 0; + KSSL_X509CallBack_ca_found = false; + +- certStoreCTX->error = X509_V_OK; ++ d->kossl->X509_STORE_CTX_set_error(certStoreCTX, X509_V_OK); + rc = d->kossl->X509_verify_cert(certStoreCTX); +- int errcode = certStoreCTX->error; ++ int errcode = d->kossl->X509_STORE_CTX_get_error(certStoreCTX); + if (ca && !KSSL_X509CallBack_ca_found) { + ksslv = KSSLCertificate::Irrelevant; + } else { +@@ -739,9 +750,9 @@ KSSLCertificate::KSSLValidationList KSSLCertificate::validateVerbose(KSSLCertifi + d->kossl->X509_STORE_CTX_set_purpose(certStoreCTX, + X509_PURPOSE_NS_SSL_SERVER); + +- certStoreCTX->error = X509_V_OK; ++ d->kossl->X509_STORE_CTX_set_error(certStoreCTX, X509_V_OK); + rc = d->kossl->X509_verify_cert(certStoreCTX); +- errcode = certStoreCTX->error; ++ errcode = d->kossl->X509_STORE_CTX_get_error(certStoreCTX); + ksslv = processError(errcode); + } + d->kossl->X509_STORE_CTX_free(certStoreCTX); +@@ -978,7 +989,7 @@ KSSLCertificate::KSSLValidation KSSLCertificate::processError(int ec) { + + QString KSSLCertificate::getNotBefore() const { + #ifdef KSSL_HAVE_SSL +- return ASN1_UTCTIME_QString(X509_get_notBefore(d->m_cert)); ++ return ASN1_UTCTIME_QString(d->kossl->X509_getm_notBefore(d->m_cert)); + #else + return QString(); + #endif +@@ -987,7 +998,7 @@ QString KSSLCertificate::getNotBefore() const { + + QString KSSLCertificate::getNotAfter() const { + #ifdef KSSL_HAVE_SSL +- return ASN1_UTCTIME_QString(X509_get_notAfter(d->m_cert)); ++ return ASN1_UTCTIME_QString(d->kossl->X509_getm_notAfter(d->m_cert)); + #else + return QString(); + #endif +@@ -996,7 +1007,7 @@ QString KSSLCertificate::getNotAfter() const { + + QDateTime KSSLCertificate::getQDTNotBefore() const { + #ifdef KSSL_HAVE_SSL +- return ASN1_UTCTIME_QDateTime(X509_get_notBefore(d->m_cert), NULL); ++ return ASN1_UTCTIME_QDateTime(d->kossl->X509_getm_notBefore(d->m_cert), NULL); + #else + return QDateTime::currentDateTime(); + #endif +@@ -1005,7 +1016,7 @@ QDateTime KSSLCertificate::getQDTNotBefore() const { + + QDateTime KSSLCertificate::getQDTNotAfter() const { + #ifdef KSSL_HAVE_SSL +- return ASN1_UTCTIME_QDateTime(X509_get_notAfter(d->m_cert), NULL); ++ return ASN1_UTCTIME_QDateTime(d->kossl->X509_getm_notAfter(d->m_cert), NULL); + #else + return QDateTime::currentDateTime(); + #endif +@@ -1210,7 +1221,8 @@ typedef struct NETSCAPE_X509_st + // what a piece of crap this is + QByteArray KSSLCertificate::toNetscape() { + QByteArray qba; +-#ifdef KSSL_HAVE_SSL ++ // no equivalent in OpenSSL 1.1.0 (?), so behave as if we had no OpenSSL at all ++#if KSSL_HAVE_SSL && OPENSSL_VERSION_NUMBER < 0x10100000L + NETSCAPE_X509 nx; + ASN1_OCTET_STRING hdr; + KTemporaryFile ktf; +@@ -1293,10 +1305,10 @@ QStringList KSSLCertificate::subjAltNames() const { + return rc; + } + +- int cnt = d->kossl->sk_GENERAL_NAME_num(names); ++ int cnt = d->kossl->OPENSSL_sk_num((STACK *)names); + + for (int i = 0; i < cnt; i++) { +- const GENERAL_NAME *val = (const GENERAL_NAME *)d->kossl->sk_value(names, i); ++ const GENERAL_NAME *val = (const GENERAL_NAME *)d->kossl->OPENSSL_sk_value(names, i); + if (val->type != GEN_DNS) { + continue; + } +@@ -1308,7 +1320,7 @@ QStringList KSSLCertificate::subjAltNames() const { + rc += s; + } + } +- d->kossl->sk_free(names); ++ d->kossl->OPENSSL_sk_free(names); + #endif + return rc; + } +-- +2.13.6 + + diff --git a/source/kde/patch/kdelibs/kdelibs-openssl-1.1.patch b/source/kde/patch/kdelibs/kdelibs-openssl-1.1.patch deleted file mode 100644 index 1f6b7fcb..00000000 --- a/source/kde/patch/kdelibs/kdelibs-openssl-1.1.patch +++ /dev/null @@ -1,4007 +0,0 @@ ---- kdelibs-4.14.26/kio/CMakeLists.txt.omv~ 2016-11-14 22:38:29.427137096 +0100 -+++ kdelibs-4.14.26/kio/CMakeLists.txt 2016-11-14 22:39:21.476667341 +0100 -@@ -325,6 +325,7 @@ install(FILES kssl/ksslcertificatemanage - DESTINATION ${DATA_INSTALL_DIR}/kconf_update) - - kde4_add_library(kio ${LIBRARY_TYPE} ${kio_LIB_SRCS}) -+target_link_libraries(kio -lssl -lcrypto) - - if(NOT KIO_NO_NEPOMUK) - kde4_add_executable(kfilemetadatareader ${kfilemetadatareaderprocess_SRCS}) ---- kdelibs-4.14.26/kio/kssl/kopenssl.cpp.omv~ 2016-11-07 00:11:51.000000000 +0100 -+++ kdelibs-4.14.26/kio/kssl/kopenssl.cpp 2016-11-14 22:11:02.355008887 +0100 -@@ -18,223 +18,52 @@ - - #include "kopenssl.h" - --#include <config.h> - #include <ksslconfig.h> - --#ifdef KSSL_HAVE_SSL -+#if KSSL_HAVE_SSL - #include <openssl/opensslv.h> -+#include <openssl/err.h> - #endif - --#include <kdebug.h> - #include <kconfig.h> - #include <kconfiggroup.h> --#include <klibrary.h> - #include <QtCore/QCoreApplication> - #include <QtCore/QFile> -+#include <QtCore/QLibrary> - #include <QtCore/QRegExp> - -- --#include <stdio.h> --#include <unistd.h> -- --extern "C" { --#ifdef KSSL_HAVE_SSL --static int (*K_SSL_connect) (SSL *) = 0L; --static int (*K_SSL_accept) (SSL *) = 0L; --static int (*K_SSL_read) (SSL *, void *, int) = 0L; --static int (*K_SSL_write) (SSL *, const void *, int) = 0L; --static SSL *(*K_SSL_new) (SSL_CTX *) = 0L; --static void (*K_SSL_free) (SSL *) = 0L; --static int (*K_SSL_shutdown) (SSL *) = 0L; --static SSL_CTX *(*K_SSL_CTX_new)(SSL_METHOD *) = 0L; --static void (*K_SSL_CTX_free) (SSL_CTX *) = 0L; --static int (*K_SSL_set_fd) (SSL *, int) = 0L; --static int (*K_SSL_pending) (SSL *) = 0L; --static int (*K_SSL_peek) (SSL *, void *, int) = 0L; --static int (*K_SSL_CTX_set_cipher_list)(SSL_CTX *, const char *) = 0L; --static void (*K_SSL_CTX_set_verify)(SSL_CTX *, int, -- int (*)(int, X509_STORE_CTX *)) = 0L; --static int (*K_SSL_use_certificate)(SSL *, X509 *) = 0L; --static SSL_CIPHER *(*K_SSL_get_current_cipher)(SSL *) = 0L; --static long (*K_SSL_ctrl) (SSL *,int, long, char *) = 0L; --static int (*K_RAND_egd) (const char *) = 0L; --static const char* (*K_RAND_file_name) (char *, size_t) = 0L; --static int (*K_RAND_load_file) (const char *, long) = 0L; --static int (*K_RAND_write_file) (const char *) = 0L; --static SSL_METHOD * (*K_TLSv1_client_method) () = 0L; --static SSL_METHOD * (*K_SSLv23_client_method) () = 0L; --static X509 * (*K_SSL_get_peer_certificate) (SSL *) = 0L; --static int (*K_SSL_CIPHER_get_bits) (SSL_CIPHER *,int *) = 0L; --static char * (*K_SSL_CIPHER_get_version) (SSL_CIPHER *) = 0L; --static const char * (*K_SSL_CIPHER_get_name) (SSL_CIPHER *) = 0L; --static char * (*K_SSL_CIPHER_description) (SSL_CIPHER *, char *, int) = 0L; --static X509 * (*K_d2i_X509) (X509 **,unsigned char **,long) = 0L; --static int (*K_i2d_X509) (X509 *,unsigned char **) = 0L; --static int (*K_X509_cmp) (X509 *, X509 *) = 0L; --static void (*K_X509_STORE_CTX_free) (X509_STORE_CTX *) = 0L; --static int (*K_X509_verify_cert) (X509_STORE_CTX *) = 0L; --static X509_STORE_CTX *(*K_X509_STORE_CTX_new) (void) = 0L; --static void (*K_X509_STORE_free) (X509_STORE *) = 0L; --static X509_STORE *(*K_X509_STORE_new) (void) = 0L; --static void (*K_X509_free) (X509 *) = 0L; --static char *(*K_X509_NAME_oneline) (X509_NAME *,char *,int) = 0L; --static X509_NAME *(*K_X509_get_subject_name) (X509 *) = 0L; --static X509_NAME *(*K_X509_get_issuer_name) (X509 *) = 0L; --static X509_LOOKUP *(*K_X509_STORE_add_lookup) (X509_STORE *, X509_LOOKUP_METHOD *) = 0L; --static X509_LOOKUP_METHOD *(*K_X509_LOOKUP_file)(void) = 0L; --static void (*K_X509_LOOKUP_free)(X509_LOOKUP *) = 0L; --static int (*K_X509_LOOKUP_ctrl)(X509_LOOKUP *, int, const char *, long, char **) = 0L; --static void (*K_X509_STORE_CTX_init)(X509_STORE_CTX *, X509_STORE *, X509 *, STACK_OF(X509) *) = 0L; --static void (*K_CRYPTO_free) (void *) = 0L; --static X509* (*K_X509_dup) (X509 *) = 0L; --static BIO_METHOD *(*K_BIO_s_mem) (void) = 0L; --static BIO* (*K_BIO_new) (BIO_METHOD *) = 0L; --static BIO* (*K_BIO_new_fp) (FILE *, int) = 0L; --static BIO* (*K_BIO_new_mem_buf) (void *, int) = 0L; --static int (*K_BIO_free) (BIO *) = 0L; --static long (*K_BIO_ctrl) (BIO *,int,long,void *) = 0L; --static int (*K_BIO_write) (BIO *b, const void *data, int len) = 0L; --static int (*K_PEM_ASN1_write_bio) (int (*)(),const char *,BIO *,char *, -- const EVP_CIPHER *,unsigned char *,int , -- pem_password_cb *, void *) = 0L; --static int (*K_ASN1_item_i2d_fp)(ASN1_ITEM *,FILE *,unsigned char *) = 0L; --static ASN1_ITEM *K_NETSCAPE_X509_it = 0L; --static int (*K_X509_print_fp) (FILE *, X509*) = 0L; --static int (*K_i2d_PKCS12) (PKCS12*, unsigned char**) = 0L; --static int (*K_i2d_PKCS12_fp) (FILE *, PKCS12*) = 0L; --static int (*K_PKCS12_newpass) (PKCS12*, char*, char*) = 0L; --static PKCS12* (*K_d2i_PKCS12_fp) (FILE*, PKCS12**) = 0L; --static PKCS12* (*K_PKCS12_new) (void) = 0L; --static void (*K_PKCS12_free) (PKCS12 *) = 0L; --static int (*K_PKCS12_parse) (PKCS12*, const char *, EVP_PKEY**, -- X509**, STACK_OF(X509)**) = 0L; --static void (*K_EVP_PKEY_free) (EVP_PKEY *) = 0L; --static EVP_PKEY* (*K_EVP_PKEY_new) () = 0L; --static void (*K_X509_REQ_free) (X509_REQ *) = 0L; --static X509_REQ* (*K_X509_REQ_new) () = 0L; --static int (*K_SSL_CTX_use_PrivateKey) (SSL_CTX*, EVP_PKEY*) = 0L; --static int (*K_SSL_CTX_use_certificate) (SSL_CTX*, X509*) = 0L; --static int (*K_SSL_get_error) (SSL*, int) = 0L; --static STACK_OF(X509)* (*K_SSL_get_peer_cert_chain) (SSL*) = 0L; --static void (*K_X509_STORE_CTX_set_chain) (X509_STORE_CTX *, STACK_OF(X509)*) = 0L; --static void (*K_X509_STORE_CTX_set_purpose) (X509_STORE_CTX *, int) = 0L; --static void (*K_sk_free) (STACK*) = 0L; --static int (*K_sk_num) (STACK*) = 0L; --static char* (*K_sk_pop) (STACK*) = 0L; --static char* (*K_sk_value) (STACK*, int) = 0L; --static STACK* (*K_sk_new) (int (*)()) = 0L; --static int (*K_sk_push) (STACK*, char*) = 0L; --static STACK* (*K_sk_dup) (STACK *) = 0L; --static char * (*K_i2s_ASN1_INTEGER) (X509V3_EXT_METHOD *, ASN1_INTEGER *) =0L; --static ASN1_INTEGER * (*K_X509_get_serialNumber) (X509 *) = 0L; --static EVP_PKEY *(*K_X509_get_pubkey)(X509 *) = 0L; --static int (*K_i2d_PublicKey)(EVP_PKEY *, unsigned char **) = 0L; --static int (*K_X509_check_private_key)(X509 *, EVP_PKEY *) = 0L; --static char * (*K_BN_bn2hex)(const BIGNUM *) = 0L; --static int (*K_X509_digest)(const X509 *,const EVP_MD *, unsigned char *, unsigned int *) = 0L; --static EVP_MD* (*K_EVP_md5)() = 0L; --static void (*K_ASN1_INTEGER_free)(ASN1_INTEGER *) = 0L; --static int (*K_OBJ_obj2nid)(ASN1_OBJECT *) = 0L; --static const char * (*K_OBJ_nid2ln)(int) = 0L; --static int (*K_X509_get_ext_count)(X509*) = 0L; --static int (*K_X509_get_ext_by_NID)(X509*, int, int) = 0L; --static int (*K_X509_get_ext_by_OBJ)(X509*,ASN1_OBJECT*,int) = 0L; --static X509_EXTENSION *(*K_X509_get_ext)(X509*, int loc) = 0L; --static X509_EXTENSION *(*K_X509_delete_ext)(X509*, int) = 0L; --static int (*K_X509_add_ext)(X509*, X509_EXTENSION*, int) = 0L; --static void *(*K_X509_get_ext_d2i)(X509*, int, int*, int*) = 0L; --static char *(*K_i2s_ASN1_OCTET_STRING)(X509V3_EXT_METHOD*, ASN1_OCTET_STRING*) = 0L; --static int (*K_ASN1_BIT_STRING_get_bit)(ASN1_BIT_STRING*, int) = 0L; --static PKCS7 *(*K_PKCS7_new)() = 0L; --static void (*K_PKCS7_free)(PKCS7*) = 0L; --static void (*K_PKCS7_content_free)(PKCS7*) = 0L; --static int (*K_i2d_PKCS7)(PKCS7*, unsigned char**) = 0L; --static PKCS7 *(*K_d2i_PKCS7)(PKCS7**, unsigned char**,long) = 0L; --static int (*K_i2d_PKCS7_fp)(FILE*,PKCS7*) = 0L; --static PKCS7* (*K_d2i_PKCS7_fp)(FILE*,PKCS7**) = 0L; --static int (*K_i2d_PKCS7_bio)(BIO *bp,PKCS7 *p7) = 0L; --static PKCS7 *(*K_d2i_PKCS7_bio)(BIO *bp,PKCS7 **p7) = 0L; --static PKCS7* (*K_PKCS7_dup)(PKCS7*) = 0L; --static STACK_OF(X509_NAME) *(*K_SSL_load_client_CA_file)(const char*) = 0L; --static STACK_OF(X509_INFO) *(*K_PEM_X509_INFO_read)(FILE*, STACK_OF(X509_INFO)*, pem_password_cb*, void*) = 0L; --static char *(*K_ASN1_d2i_fp)(char *(*)(),char *(*)(),FILE*,unsigned char**) = 0L; --static X509 *(*K_X509_new)() = 0L; --static int (*K_X509_PURPOSE_get_count)() = 0L; --static int (*K_X509_PURPOSE_get_id)(X509_PURPOSE *) = 0L; --static int (*K_X509_check_purpose)(X509*,int,int) = 0L; --static X509_PURPOSE* (*K_X509_PURPOSE_get0)(int) = 0L; --static int (*K_EVP_PKEY_assign)(EVP_PKEY*, int, char*) = 0L; --static int (*K_X509_REQ_set_pubkey)(X509_REQ*, EVP_PKEY*) = 0L; --static RSA *(*K_RSA_generate_key)(int, unsigned long, void (*)(int,int,void *), void *) = 0L; --static int (*K_i2d_X509_REQ_fp)(FILE*, X509_REQ*) = 0L; --static void (*K_ERR_clear_error)() = 0L; --static unsigned long (*K_ERR_get_error)() = 0L; --static void (*K_ERR_print_errors_fp)(FILE*) = 0L; --static PKCS7 *(*K_PKCS7_sign)(X509*, EVP_PKEY*, STACK_OF(X509)*, BIO*, int) = 0L; --static int (*K_PKCS7_verify)(PKCS7*,STACK_OF(X509)*,X509_STORE*,BIO*,BIO*,int) = 0L; --static STACK_OF(X509) *(*K_PKCS7_get0_signers)(PKCS7 *, STACK_OF(X509) *, int) = 0L; --static PKCS7 *(*K_PKCS7_encrypt)(STACK_OF(X509) *, BIO *, EVP_CIPHER *, int) = 0L; --static int (*K_PKCS7_decrypt)(PKCS7 *, EVP_PKEY *, X509 *, BIO *, int) = 0L; --static SSL_SESSION* (*K_SSL_get1_session)(SSL*) = 0L; --static void (*K_SSL_SESSION_free)(SSL_SESSION*) = 0L; --static int (*K_SSL_set_session)(SSL*,SSL_SESSION*) = 0L; --static SSL_SESSION* (*K_d2i_SSL_SESSION)(SSL_SESSION**,unsigned char**, long) = 0L; --static int (*K_i2d_SSL_SESSION)(SSL_SESSION*,unsigned char**) = 0L; --static STACK *(*K_X509_get1_email)(X509 *x) = 0L; --static void (*K_X509_email_free)(STACK *sk) = 0L; --static EVP_CIPHER *(*K_EVP_des_ede3_cbc)() = 0L; --static EVP_CIPHER *(*K_EVP_des_cbc)() = 0L; --static EVP_CIPHER *(*K_EVP_rc2_cbc)() = 0L; --static EVP_CIPHER *(*K_EVP_rc2_64_cbc)() = 0L; --static EVP_CIPHER *(*K_EVP_rc2_40_cbc)() = 0L; --static int (*K_i2d_PrivateKey_fp)(FILE*,EVP_PKEY*) = 0L; --static int (*K_i2d_PKCS8PrivateKey_fp)(FILE*, EVP_PKEY*, const EVP_CIPHER*, char*, int, pem_password_cb*, void*) = 0L; --static void (*K_RSA_free)(RSA*) = 0L; --static EVP_CIPHER *(*K_EVP_bf_cbc)() = 0L; --static int (*K_X509_REQ_sign)(X509_REQ*, EVP_PKEY*, const EVP_MD*) = 0L; --static int (*K_X509_NAME_add_entry_by_txt)(X509_NAME*, char*, int, unsigned char*, int, int, int) = 0L; --static X509_NAME *(*K_X509_NAME_new)() = 0L; --static int (*K_X509_REQ_set_subject_name)(X509_REQ*,X509_NAME*) = 0L; --static unsigned char *(*K_ASN1_STRING_data)(ASN1_STRING*) = 0L; --static int (*K_ASN1_STRING_length)(ASN1_STRING*) = 0L; --static STACK_OF(SSL_CIPHER) *(*K_SSL_get_ciphers)(const SSL *ssl) = 0L; -- --#endif --} -- -- - class KOpenSSLProxyPrivate - { - public: -- KOpenSSLProxyPrivate() -- : sslLib(0), cryptoLib(0), ok(false) -- {} -- -- KLibrary *sslLib; -- KLibrary *cryptoLib; -- bool ok; -- -- static KOpenSSLProxy *sSelf; -- static void cleanupKOpenSSLProxy() { -- delete KOpenSSLProxyPrivate::sSelf; -- } -+ KOpenSSLProxyPrivate() -+ : ok(true) -+ {} -+ -+ bool ok; -+ -+ static KOpenSSLProxy *sSelf; -+ static void cleanupKOpenSSLProxy() -+ { -+ delete KOpenSSLProxyPrivate::sSelf; -+ } - }; - KOpenSSLProxy *KOpenSSLProxyPrivate::sSelf = 0; - --bool KOpenSSLProxy::hasLibSSL() const { -- return d->sslLib != 0L; -+bool KOpenSSLProxy::hasLibSSL() const -+{ -+ return true; - } - -- --bool KOpenSSLProxy::hasLibCrypto() const { -- return d->cryptoLib != 0L; -+bool KOpenSSLProxy::hasLibCrypto() const -+{ -+ return true; - } - -- --void KOpenSSLProxy::destroy() { -- KOpenSSLProxy *x = KOpenSSLProxyPrivate::sSelf; -- KOpenSSLProxyPrivate::sSelf = 0; -- delete x; -+void KOpenSSLProxy::destroy() -+{ -+ KOpenSSLProxy *x = KOpenSSLProxyPrivate::sSelf; -+ KOpenSSLProxyPrivate::sSelf = 0; -+ delete x; - } - - #ifdef __OpenBSD__ -@@ -244,1347 +73,842 @@ void KOpenSSLProxy::destroy() { - - static QString findMostRecentLib(QString dir, QString name) - { -- // Grab all shared libraries in the directory -- QString filter = "lib"+name+".so.*"; -- QDir d(dir, filter); -- if (!d.exists()) -- return 0L; -- QStringList l = d.entryList(); -- -- // Find the best one -- int bestmaj = -1; -- int bestmin = -1; -- QString best = 0L; -- // where do we start -- uint s = filter.length()-1; -- for (QStringList::const_iterator it = l.begin(); it != l.end(); ++it) { -- QString numberpart = (*it).mid(s); -- uint endmaj = numberpart.indexOf('.'); -- if (endmaj == -1) -- continue; -- bool ok; -- int maj = numberpart.left(endmaj).toInt(&ok); -- if (!ok) -- continue; -- int min = numberpart.mid(endmaj+1).toInt(&ok); -- if (!ok) -- continue; -- if (maj > bestmaj || (maj == bestmaj && min > bestmin)) { -- bestmaj = maj; -- bestmin = min; -- best = (*it); -- } -- } -- if (best.isNull()) -- return 0L; -- else -- return dir+'/'+best; -+ // Grab all shared libraries in the directory -+ QString filter = "lib" + name + ".so.*"; -+ QDir d(dir, filter); -+ if (!d.exists()) { -+ return 0L; -+ } -+ QStringList l = d.entryList(); -+ -+ // Find the best one -+ int bestmaj = -1; -+ int bestmin = -1; -+ QString best = 0L; -+ // where do we start -+ uint s = filter.length() - 1; -+ for (QStringList::const_iterator it = l.begin(); it != l.end(); ++it) { -+ QString numberpart = (*it).mid(s); -+ uint endmaj = numberpart.indexOf('.'); -+ if (endmaj == -1) { -+ continue; -+ } -+ bool ok; -+ int maj = numberpart.left(endmaj).toInt(&ok); -+ if (!ok) { -+ continue; -+ } -+ int min = numberpart.mid(endmaj + 1).toInt(&ok); -+ if (!ok) { -+ continue; -+ } -+ if (maj > bestmaj || (maj == bestmaj && min > bestmin)) { -+ bestmaj = maj; -+ bestmin = min; -+ best = (*it); -+ } -+ } -+ if (best.isNull()) { -+ return 0L; -+ } else { -+ return dir + '/' + best; -+ } - } - #endif - - KOpenSSLProxy::KOpenSSLProxy() - : d(new KOpenSSLProxyPrivate()) - { -- QStringList libpaths, libnamesc, libnamess; -- -- d->cryptoLib = 0L; -- d->sslLib = 0L; -- -- KConfig cfg("cryptodefaults", KConfig::NoGlobals ); -- KConfigGroup cg(&cfg, "OpenSSL"); -- QString upath = cg.readPathEntry("Path", QString()); -- if (!upath.isEmpty()) -- libpaths << upath; -- --#ifdef Q_OS_WIN -- d->cryptoLib = new KLibrary("libeay32.dll"); -- if (!d->cryptoLib->load()) { -- delete d->cryptoLib; -- d->cryptoLib = 0; -- } --#elif defined(__OpenBSD__) -- { -- QString libname = findMostRecentLib("/usr/lib" KDELIBSUFF, "crypto"); -- if (!libname.isNull()) { -- d->cryptoLib = new KLibrary(libname); -- d->cryptoLib->setLoadHints(QLibrary::ExportExternalSymbolsHint); -- if (!d->cryptoLib->load()) { -- delete d->cryptoLib; -- d->cryptoLib = 0; -- } -- } -- } --#elif defined(__CYGWIN__) -- libpaths << "/usr/bin/" -- << ""; -- -- libnamess << "cygssl-0.9.8.dll" -- << "cygssl-0.9.7.dll" -- << ""; -- -- libnamesc << "cygcrypto-0.9.8.dll" -- << "cygcrypto-0.9.7.dll" -- << ""; --#else -- libpaths -- #ifdef _AIX -- << "/opt/freeware/lib/" -- #endif -- << "/usr/lib" KDELIBSUFF "/" -- << "/usr/ssl/lib" KDELIBSUFF "/" -- << "/usr/local/lib" KDELIBSUFF "/" -- << "/usr/local/openssl/lib" KDELIBSUFF "/" -- << "/usr/local/ssl/lib" KDELIBSUFF "/" -- << "/opt/openssl/lib" KDELIBSUFF "/" -- << "/lib" KDELIBSUFF "/" -- << ""; -- --// FIXME: #define here for the various OS types to optimize -- libnamess -- #ifdef hpux -- << "libssl.sl" -- #elif defined(_AIX) -- << "libssl.a(libssl.so.0)" -- #elif defined(__APPLE__) -- << "libssl.dylib" -- << "libssl.0.9.dylib" -- #else -- #ifdef SHLIB_VERSION_NUMBER -- << "libssl.so." SHLIB_VERSION_NUMBER -- #endif -- << "libssl.so" -- << "libssl.so.0" -- #endif -- ; -- -- libnamesc -- #ifdef hpux -- << "libcrypto.sl" -- #elif defined(_AIX) -- << "libcrypto.a(libcrypto.so.0)" -- #elif defined(__APPLE__) -- << "libcrypto.dylib" -- << "libcrypto.0.9.dylib" -- #else -- #ifdef SHLIB_VERSION_NUMBER -- << "libcrypto.so." SHLIB_VERSION_NUMBER -- #endif -- << "libcrypto.so" -- << "libcrypto.so.0" -- #endif -- ; --#endif -- -- for (QStringList::const_iterator it = libpaths.constBegin(); -- it != libpaths.constEnd(); -- ++it) { -- for (QStringList::const_iterator shit = libnamesc.constBegin(); -- shit != libnamesc.constEnd(); -- ++shit) { -- QString alib = *it; -- if (!alib.isEmpty() && !alib.endsWith('/')) -- alib += '/'; -- alib += *shit; -- // someone knows why this is needed? -- QString tmpStr(alib.toLatin1().constData()); -- tmpStr.remove(QRegExp("\\(.*\\)")); -- if (!access(tmpStr.toLatin1(), R_OK)) { -- d->cryptoLib = new KLibrary(alib); -- d->cryptoLib->setLoadHints(QLibrary::ExportExternalSymbolsHint); -- } -- if (d->cryptoLib && d->cryptoLib->load()) { -- break; -- } -- else { -- delete d->cryptoLib; -- d->cryptoLib = 0; -- } -- } -- if (d->cryptoLib) break; -- } -- -- if (d->cryptoLib) { --#ifdef KSSL_HAVE_SSL -- K_X509_free = (void (*) (X509 *)) d->cryptoLib->resolveFunction("X509_free"); -- K_RAND_egd = (int (*)(const char *)) d->cryptoLib->resolveFunction("RAND_egd"); -- K_RAND_load_file = (int (*)(const char *, long)) d->cryptoLib->resolveFunction("RAND_load_file"); -- K_RAND_file_name = (const char* (*)(char *, size_t)) d->cryptoLib->resolveFunction("RAND_file_name"); -- K_RAND_write_file = (int (*)(const char *)) d->cryptoLib->resolveFunction("RAND_write_file"); -- K_CRYPTO_free = (void (*) (void *)) d->cryptoLib->resolveFunction("CRYPTO_free"); -- K_d2i_X509 = (X509 * (*)(X509 **,unsigned char **,long)) d->cryptoLib->resolveFunction("d2i_X509"); -- K_i2d_X509 = (int (*)(X509 *,unsigned char **)) d->cryptoLib->resolveFunction("i2d_X509"); -- K_X509_cmp = (int (*)(X509 *, X509 *)) d->cryptoLib->resolveFunction("X509_cmp"); -- K_X509_STORE_CTX_new = (X509_STORE_CTX * (*) (void)) d->cryptoLib->resolveFunction("X509_STORE_CTX_new"); -- K_X509_STORE_CTX_free = (void (*) (X509_STORE_CTX *)) d->cryptoLib->resolveFunction("X509_STORE_CTX_free"); -- K_X509_verify_cert = (int (*) (X509_STORE_CTX *)) d->cryptoLib->resolveFunction("X509_verify_cert"); -- K_X509_STORE_new = (X509_STORE * (*) (void)) d->cryptoLib->resolveFunction("X509_STORE_new"); -- K_X509_STORE_free = (void (*) (X509_STORE *)) d->cryptoLib->resolveFunction("X509_STORE_free"); -- K_X509_NAME_oneline = (char * (*) (X509_NAME *,char *,int)) d->cryptoLib->resolveFunction("X509_NAME_oneline"); -- K_X509_get_subject_name = (X509_NAME * (*) (X509 *)) d->cryptoLib->resolveFunction("X509_get_subject_name"); -- K_X509_get_issuer_name = (X509_NAME * (*) (X509 *)) d->cryptoLib->resolveFunction("X509_get_issuer_name"); -- K_X509_STORE_add_lookup = (X509_LOOKUP *(*) (X509_STORE *, X509_LOOKUP_METHOD *)) d->cryptoLib->resolveFunction("X509_STORE_add_lookup"); -- K_X509_LOOKUP_file = (X509_LOOKUP_METHOD *(*)(void)) d->cryptoLib->resolveFunction("X509_LOOKUP_file"); -- K_X509_LOOKUP_free = (void (*)(X509_LOOKUP *)) d->cryptoLib->resolveFunction("X509_LOOKUP_free"); -- K_X509_LOOKUP_ctrl = (int (*)(X509_LOOKUP *, int, const char *, long, char **)) d->cryptoLib->resolveFunction("X509_LOOKUP_ctrl"); -- K_X509_STORE_CTX_init = (void (*)(X509_STORE_CTX *, X509_STORE *, X509 *, STACK_OF(X509) *)) d->cryptoLib->resolveFunction("X509_STORE_CTX_init"); -- K_X509_dup = (X509* (*)(X509*)) d->cryptoLib->resolveFunction("X509_dup"); -- K_BIO_s_mem = (BIO_METHOD *(*) (void)) d->cryptoLib->resolveFunction("BIO_s_mem"); -- K_BIO_new = (BIO* (*)(BIO_METHOD *)) d->cryptoLib->resolveFunction("BIO_new"); -- K_BIO_new_fp = (BIO* (*)(FILE*, int)) d->cryptoLib->resolveFunction("BIO_new_fp"); -- K_BIO_new_mem_buf = (BIO* (*)(void *, int)) d->cryptoLib->resolveFunction("BIO_new_mem_buf"); -- K_BIO_free = (int (*)(BIO*)) d->cryptoLib->resolveFunction("BIO_free"); -- K_BIO_ctrl = (long (*) (BIO *,int,long,void *)) d->cryptoLib->resolveFunction("BIO_ctrl"); -- K_BIO_write = (int (*) (BIO *b, const void *data, int len)) d->cryptoLib->resolveFunction("BIO_write"); -- K_PEM_ASN1_write_bio = (int (*)(int (*)(), const char *,BIO*, char*, const EVP_CIPHER *, unsigned char *, int, pem_password_cb *, void *)) d->cryptoLib->resolveFunction("PEM_ASN1_write_bio"); -- K_ASN1_item_i2d_fp = (int (*)(ASN1_ITEM *, FILE*, unsigned char *)) -- d->cryptoLib->resolveFunction("ASN1_item_i2d_fp"); -- K_NETSCAPE_X509_it = (ASN1_ITEM *) d->cryptoLib->resolveFunction("NETSCAPE_X509_it"); -- K_X509_print_fp = (int (*)(FILE*, X509*)) d->cryptoLib->resolveFunction("X509_print_fp"); -- K_i2d_PKCS12 = (int (*)(PKCS12*, unsigned char**)) d->cryptoLib->resolveFunction("i2d_PKCS12"); -- K_i2d_PKCS12_fp = (int (*)(FILE *, PKCS12*)) d->cryptoLib->resolveFunction("i2d_PKCS12_fp"); -- K_PKCS12_newpass = (int (*)(PKCS12*, char*, char*)) d->cryptoLib->resolveFunction("PKCS12_newpass"); -- K_d2i_PKCS12_fp = (PKCS12* (*)(FILE*, PKCS12**)) d->cryptoLib->resolveFunction("d2i_PKCS12_fp"); -- K_PKCS12_new = (PKCS12* (*)()) d->cryptoLib->resolveFunction("PKCS12_new"); -- K_PKCS12_free = (void (*)(PKCS12 *)) d->cryptoLib->resolveFunction("PKCS12_free"); -- K_PKCS12_parse = (int (*)(PKCS12*, const char *, EVP_PKEY**, -- X509**, STACK_OF(X509)**)) d->cryptoLib->resolveFunction("PKCS12_parse"); -- K_EVP_PKEY_free = (void (*) (EVP_PKEY *)) d->cryptoLib->resolveFunction("EVP_PKEY_free"); -- K_EVP_PKEY_new = (EVP_PKEY* (*)()) d->cryptoLib->resolveFunction("EVP_PKEY_new"); -- K_X509_REQ_free = (void (*)(X509_REQ*)) d->cryptoLib->resolveFunction("X509_REQ_free"); -- K_X509_REQ_new = (X509_REQ* (*)()) d->cryptoLib->resolveFunction("X509_REQ_new"); -- K_X509_STORE_CTX_set_chain = (void (*)(X509_STORE_CTX *, STACK_OF(X509)*)) d->cryptoLib->resolveFunction("X509_STORE_CTX_set_chain"); -- K_X509_STORE_CTX_set_purpose = (void (*)(X509_STORE_CTX *, int)) d->cryptoLib->resolveFunction("X509_STORE_CTX_set_purpose"); -- K_sk_free = (void (*) (STACK *)) d->cryptoLib->resolveFunction("sk_free"); -- K_sk_num = (int (*) (STACK *)) d->cryptoLib->resolveFunction("sk_num"); -- K_sk_pop = (char* (*) (STACK *)) d->cryptoLib->resolveFunction("sk_pop"); -- K_sk_value = (char* (*) (STACK *, int)) d->cryptoLib->resolveFunction("sk_value"); -- K_sk_new = (STACK* (*) (int (*)())) d->cryptoLib->resolveFunction("sk_new"); -- K_sk_push = (int (*) (STACK*, char*)) d->cryptoLib->resolveFunction("sk_push"); -- K_sk_dup = (STACK* (*) (STACK *)) d->cryptoLib->resolveFunction("sk_dup"); -- K_i2s_ASN1_INTEGER = (char *(*) (X509V3_EXT_METHOD *, ASN1_INTEGER *)) d->cryptoLib->resolveFunction("i2s_ASN1_INTEGER"); -- K_X509_get_serialNumber = (ASN1_INTEGER * (*) (X509 *)) d->cryptoLib->resolveFunction("X509_get_serialNumber"); -- K_X509_get_pubkey = (EVP_PKEY *(*)(X509 *)) d->cryptoLib->resolveFunction("X509_get_pubkey"); -- K_i2d_PublicKey = (int (*)(EVP_PKEY *, unsigned char **)) d->cryptoLib->resolveFunction("i2d_PublicKey"); -- K_X509_check_private_key = (int (*)(X509 *, EVP_PKEY *)) d->cryptoLib->resolveFunction("X509_check_private_key"); -- K_BN_bn2hex = (char *(*)(const BIGNUM *)) d->cryptoLib->resolveFunction("BN_bn2hex"); -- K_X509_digest = (int (*)(const X509 *,const EVP_MD *, unsigned char *, unsigned int *)) d->cryptoLib->resolveFunction("X509_digest"); -- K_EVP_md5 = (EVP_MD *(*)()) d->cryptoLib->resolveFunction("EVP_md5"); -- K_ASN1_INTEGER_free = (void (*)(ASN1_INTEGER *)) d->cryptoLib->resolveFunction("ASN1_INTEGER_free"); -- K_OBJ_obj2nid = (int (*)(ASN1_OBJECT *)) d->cryptoLib->resolveFunction("OBJ_obj2nid"); -- K_OBJ_nid2ln = (const char *(*)(int)) d->cryptoLib->resolveFunction("OBJ_nid2ln"); -- K_X509_get_ext_count = (int (*)(X509*)) d->cryptoLib->resolveFunction("X509_get_ext_count"); -- K_X509_get_ext_by_NID = (int (*)(X509*,int,int)) d->cryptoLib->resolveFunction("X509_get_ext_by_NID"); -- K_X509_get_ext_by_OBJ = (int (*)(X509*,ASN1_OBJECT*,int)) d->cryptoLib->resolveFunction("X509_get_ext_by_OBJ"); -- K_X509_get_ext = (X509_EXTENSION* (*)(X509*,int)) d->cryptoLib->resolveFunction("X509_get_ext"); -- K_X509_delete_ext = (X509_EXTENSION* (*)(X509*,int)) d->cryptoLib->resolveFunction("X509_delete_ext"); -- K_X509_add_ext = (int (*)(X509*,X509_EXTENSION*,int)) d->cryptoLib->resolveFunction("X509_add_ext"); -- K_X509_get_ext_d2i = (void* (*)(X509*,int,int*,int*)) d->cryptoLib->resolveFunction("X509_get_ext_d2i"); -- K_i2s_ASN1_OCTET_STRING = (char *(*)(X509V3_EXT_METHOD*,ASN1_OCTET_STRING*)) d->cryptoLib->resolveFunction("i2s_ASN1_OCTET_STRING"); -- K_ASN1_BIT_STRING_get_bit = (int (*)(ASN1_BIT_STRING*,int)) d->cryptoLib->resolveFunction("ASN1_BIT_STRING_get_bit"); -- K_PKCS7_new = (PKCS7 *(*)()) d->cryptoLib->resolveFunction("PKCS7_new"); -- K_PKCS7_free = (void (*)(PKCS7*)) d->cryptoLib->resolveFunction("PKCS7_free"); -- K_PKCS7_content_free = (void (*)(PKCS7*)) d->cryptoLib->resolveFunction("PKCS7_content_free"); -- K_i2d_PKCS7 = (int (*)(PKCS7*, unsigned char**)) d->cryptoLib->resolveFunction("i2d_PKCS7"); -- K_i2d_PKCS7_fp = (int (*)(FILE*,PKCS7*)) d->cryptoLib->resolveFunction("i2d_PKCS7_fp"); -- K_i2d_PKCS7_bio = (int (*)(BIO *bp,PKCS7 *p7)) d->cryptoLib->resolveFunction("i2d_PKCS7_bio"); -- K_d2i_PKCS7 = (PKCS7* (*)(PKCS7**,unsigned char**,long)) d->cryptoLib->resolveFunction("d2i_PKCS7"); -- K_d2i_PKCS7_fp = (PKCS7 *(*)(FILE *,PKCS7**)) d->cryptoLib->resolveFunction("d2i_PKCS7_fp"); -- K_d2i_PKCS7_bio = (PKCS7 *(*)(BIO *bp,PKCS7 **p7)) d->cryptoLib->resolveFunction("d2i_PKCS7_bio"); -- K_PKCS7_dup = (PKCS7* (*)(PKCS7*)) d->cryptoLib->resolveFunction("PKCS7_dup"); -- K_PKCS7_sign = (PKCS7 *(*)(X509*, EVP_PKEY*, STACK_OF(X509)*, BIO*, int)) d->cryptoLib->resolveFunction("PKCS7_sign"); -- K_PKCS7_verify = (int (*)(PKCS7*,STACK_OF(X509)*,X509_STORE*,BIO*,BIO*,int)) d->cryptoLib->resolveFunction("PKCS7_verify"); -- K_PKCS7_get0_signers = (STACK_OF(X509) *(*)(PKCS7 *, STACK_OF(X509) *, int)) d->cryptoLib->resolveFunction("PKCS7_get0_signers"); -- K_PKCS7_encrypt = (PKCS7* (*)(STACK_OF(X509) *, BIO *, EVP_CIPHER *, int)) d->cryptoLib->resolveFunction("PKCS7_encrypt"); -- K_PKCS7_decrypt = (int (*)(PKCS7 *, EVP_PKEY *, X509 *, BIO *, int)) d->cryptoLib->resolveFunction("PKCS7_decrypt"); -- K_PEM_X509_INFO_read = (STACK_OF(X509_INFO) *(*)(FILE*, STACK_OF(X509_INFO)*, pem_password_cb*, void *)) d->cryptoLib->resolveFunction("PEM_X509_INFO_read"); -- K_ASN1_d2i_fp = (char *(*)(char *(*)(),char *(*)(),FILE*,unsigned char**)) d->cryptoLib->resolveFunction("ASN1_d2i_fp"); -- K_X509_new = (X509 *(*)()) d->cryptoLib->resolveFunction("X509_new"); -- K_X509_PURPOSE_get_count = (int (*)()) d->cryptoLib->resolveFunction("X509_PURPOSE_get_count"); -- K_X509_PURPOSE_get_id = (int (*)(X509_PURPOSE *)) d->cryptoLib->resolveFunction("X509_PURPOSE_get_id"); -- K_X509_check_purpose = (int (*)(X509*,int,int)) d->cryptoLib->resolveFunction("X509_check_purpose"); -- K_X509_PURPOSE_get0 = (X509_PURPOSE *(*)(int)) d->cryptoLib->resolveFunction("X509_PURPOSE_get0"); -- K_EVP_PKEY_assign = (int (*)(EVP_PKEY*, int, char*)) d->cryptoLib->resolveFunction("EVP_PKEY_assign"); -- K_X509_REQ_set_pubkey = (int (*)(X509_REQ*, EVP_PKEY*)) d->cryptoLib->resolveFunction("X509_REQ_set_pubkey"); -- K_RSA_generate_key = (RSA* (*)(int, unsigned long, void (*)(int,int,void *), void *)) d->cryptoLib->resolveFunction("RSA_generate_key"); -- K_i2d_X509_REQ_fp = (int (*)(FILE *, X509_REQ *)) d->cryptoLib->resolveFunction("i2d_X509_REQ_fp"); -- K_ERR_clear_error = (void (*)()) d->cryptoLib->resolveFunction("ERR_clear_error"); -- K_ERR_get_error = (unsigned long (*)()) d->cryptoLib->resolveFunction("ERR_get_error"); -- K_ERR_print_errors_fp = (void (*)(FILE*)) d->cryptoLib->resolveFunction("ERR_print_errors_fp"); -- K_X509_get1_email = (STACK *(*)(X509 *x)) d->cryptoLib->resolveFunction("X509_get1_email"); -- K_X509_email_free = (void (*)(STACK *sk)) d->cryptoLib->resolveFunction("X509_email_free"); -- K_EVP_des_ede3_cbc = (EVP_CIPHER *(*)()) d->cryptoLib->resolveFunction("EVP_des_ede3_cbc"); -- K_EVP_des_cbc = (EVP_CIPHER *(*)()) d->cryptoLib->resolveFunction("EVP_des_cbc"); -- K_EVP_rc2_cbc = (EVP_CIPHER *(*)()) d->cryptoLib->resolveFunction("EVP_rc2_cbc"); -- K_EVP_rc2_64_cbc = (EVP_CIPHER *(*)()) d->cryptoLib->resolveFunction("EVP_rc2_64_cbc"); -- K_EVP_rc2_40_cbc = (EVP_CIPHER *(*)()) d->cryptoLib->resolveFunction("EVP_rc2_40_cbc"); -- K_i2d_PrivateKey_fp = (int (*)(FILE*,EVP_PKEY*)) d->cryptoLib->resolveFunction("i2d_PrivateKey_fp"); -- K_i2d_PKCS8PrivateKey_fp = (int (*)(FILE*, EVP_PKEY*, const EVP_CIPHER*, char*, int, pem_password_cb*, void*)) d->cryptoLib->resolveFunction("i2d_PKCS8PrivateKey_fp"); -- K_RSA_free = (void (*)(RSA*)) d->cryptoLib->resolveFunction("RSA_free"); -- K_EVP_bf_cbc = (EVP_CIPHER *(*)()) d->cryptoLib->resolveFunction("EVP_bf_cbc"); -- K_X509_REQ_sign = (int (*)(X509_REQ*, EVP_PKEY*, const EVP_MD*)) d->cryptoLib->resolveFunction("X509_REQ_sign"); -- K_X509_NAME_add_entry_by_txt = (int (*)(X509_NAME*, char*, int, unsigned char*, int, int, int)) d->cryptoLib->resolveFunction("X509_NAME_add_entry_by_txt"); -- K_X509_NAME_new = (X509_NAME *(*)()) d->cryptoLib->resolveFunction("X509_NAME_new"); -- K_X509_REQ_set_subject_name = (int (*)(X509_REQ*,X509_NAME*)) d->cryptoLib->resolveFunction("X509_REQ_set_subject_name"); -- K_ASN1_STRING_data = (unsigned char *(*)(ASN1_STRING*)) d->cryptoLib->resolveFunction("ASN1_STRING_data"); -- K_ASN1_STRING_length = (int (*)(ASN1_STRING*)) d->cryptoLib->resolveFunction("ASN1_STRING_length"); --#endif -- } -- --#ifdef Q_OS_WIN -- d->sslLib = new KLibrary("ssleay32.dll"); -- if (!d->sslLib->load()) { -- delete d->sslLib; -- d->sslLib = 0; -- } --#elif defined(__OpenBSD__) -- { -- QString libname = findMostRecentLib("/usr/lib", "ssl"); -- if (!libname.isNull()) { -- d->sslLib = new KLibrary(libname); -- d->sslLib->setLoadHints(QLibrary::ExportExternalSymbolsHint); -- if (!d->sslLib->load()) { -- delete d->sslLib; -- d->sslLib = 0; -- } -- } -- } --#else -- for (QStringList::const_iterator it = libpaths.constBegin(); -- it != libpaths.constEnd(); -- ++it) { -- for (QStringList::const_iterator shit = libnamess.constBegin(); -- shit != libnamess.constEnd(); -- ++shit) { -- QString alib = *it; -- if (!alib.isEmpty() && !alib.endsWith('/')) -- alib += '/'; -- alib += *shit; -- QString tmpStr(alib.toLatin1()); -- tmpStr.remove(QRegExp("\\(.*\\)")); -- if (!access(tmpStr.toLatin1(), R_OK)) { -- d->sslLib = new KLibrary(alib); -- d->sslLib->setLoadHints(QLibrary::ExportExternalSymbolsHint); -- } -- if (d->sslLib && d->sslLib->load()) { -- break; -- } -- else { -- delete d->sslLib; -- d->sslLib = 0; -- } -- } -- if (d->sslLib) break; -- } --#endif -- -- if (d->sslLib) { --#ifdef KSSL_HAVE_SSL -- // stand back from your monitor and look at this. it's fun! :) -- K_SSL_connect = (int (*)(SSL *)) d->sslLib->resolveFunction("SSL_connect"); -- K_SSL_accept = (int (*)(SSL *)) d->sslLib->resolveFunction("SSL_accept"); -- K_SSL_read = (int (*)(SSL *, void *, int)) d->sslLib->resolveFunction("SSL_read"); -- K_SSL_write = (int (*)(SSL *, const void *, int)) -- d->sslLib->resolveFunction("SSL_write"); -- K_SSL_new = (SSL* (*)(SSL_CTX *)) d->sslLib->resolveFunction("SSL_new"); -- K_SSL_free = (void (*)(SSL *)) d->sslLib->resolveFunction("SSL_free"); -- K_SSL_shutdown = (int (*)(SSL *)) d->sslLib->resolveFunction("SSL_shutdown"); -- K_SSL_CTX_new = (SSL_CTX* (*)(SSL_METHOD*)) d->sslLib->resolveFunction("SSL_CTX_new"); -- K_SSL_CTX_free = (void (*)(SSL_CTX*)) d->sslLib->resolveFunction("SSL_CTX_free"); -- K_SSL_set_fd = (int (*)(SSL *, int)) d->sslLib->resolveFunction("SSL_set_fd"); -- K_SSL_pending = (int (*)(SSL *)) d->sslLib->resolveFunction("SSL_pending"); -- K_SSL_CTX_set_cipher_list = (int (*)(SSL_CTX *, const char *)) -- d->sslLib->resolveFunction("SSL_CTX_set_cipher_list"); -- K_SSL_CTX_set_verify = (void (*)(SSL_CTX*, int, int (*)(int, X509_STORE_CTX*))) d->sslLib->resolveFunction("SSL_CTX_set_verify"); -- K_SSL_use_certificate = (int (*)(SSL*, X509*)) -- d->sslLib->resolveFunction("SSL_CTX_use_certificate"); -- K_SSL_get_current_cipher = (SSL_CIPHER *(*)(SSL *)) -- d->sslLib->resolveFunction("SSL_get_current_cipher"); -- K_SSL_ctrl = (long (*)(SSL * ,int, long, char *)) -- d->sslLib->resolveFunction("SSL_ctrl"); -- K_TLSv1_client_method = (SSL_METHOD *(*)()) d->sslLib->resolveFunction("TLSv1_client_method"); -- K_SSLv23_client_method = (SSL_METHOD *(*)()) d->sslLib->resolveFunction("SSLv23_client_method"); -- K_SSL_get_peer_certificate = (X509 *(*)(SSL *)) d->sslLib->resolveFunction("SSL_get_peer_certificate"); -- K_SSL_CIPHER_get_bits = (int (*)(SSL_CIPHER *,int *)) d->sslLib->resolveFunction("SSL_CIPHER_get_bits"); -- K_SSL_CIPHER_get_version = (char * (*)(SSL_CIPHER *)) d->sslLib->resolveFunction("SSL_CIPHER_get_version"); -- K_SSL_CIPHER_get_name = (const char * (*)(SSL_CIPHER *)) d->sslLib->resolveFunction("SSL_CIPHER_get_name"); -- K_SSL_CIPHER_description = (char * (*)(SSL_CIPHER *, char *, int)) d->sslLib->resolveFunction("SSL_CIPHER_description"); -- K_SSL_CTX_use_PrivateKey = (int (*)(SSL_CTX*, EVP_PKEY*)) d->sslLib->resolveFunction("SSL_CTX_use_PrivateKey"); -- K_SSL_CTX_use_certificate = (int (*)(SSL_CTX*, X509*)) d->sslLib->resolveFunction("SSL_CTX_use_certificate"); -- K_SSL_get_error = (int (*)(SSL*, int)) d->sslLib->resolveFunction("SSL_get_error"); -- K_SSL_get_peer_cert_chain = (STACK_OF(X509)* (*)(SSL*)) d->sslLib->resolveFunction("SSL_get_peer_cert_chain"); -- K_SSL_load_client_CA_file = (STACK_OF(X509_NAME)* (*)(const char *)) d->sslLib->resolveFunction("SSL_load_client_CA_file"); -- K_SSL_peek = (int (*)(SSL*,void*,int)) d->sslLib->resolveFunction("SSL_peek"); -- K_SSL_get1_session = (SSL_SESSION* (*)(SSL*)) d->sslLib->resolveFunction("SSL_get1_session"); -- K_SSL_SESSION_free = (void (*)(SSL_SESSION*)) d->sslLib->resolveFunction("SSL_SESSION_free"); -- K_SSL_set_session = (int (*)(SSL*,SSL_SESSION*)) d->sslLib->resolveFunction("SSL_set_session"); -- K_d2i_SSL_SESSION = (SSL_SESSION* (*)(SSL_SESSION**,unsigned char**, long)) d->sslLib->resolveFunction("d2i_SSL_SESSION"); -- K_i2d_SSL_SESSION = (int (*)(SSL_SESSION*,unsigned char**)) d->sslLib->resolveFunction("i2d_SSL_SESSION"); -- K_SSL_get_ciphers = (STACK_OF(SSL_CIPHER) *(*)(const SSL*)) d->sslLib->resolveFunction("SSL_get_ciphers"); --#endif -- -- -- // Initialize the library (once only!) -- KLibrary::void_function_ptr x; -- x = d->sslLib->resolveFunction("SSL_library_init"); -- if (d->cryptoLib) { -- if (x) ((int (*)())x)(); -- x = d->cryptoLib->resolveFunction("OpenSSL_add_all_algorithms"); -- if (!x) -- x = d->cryptoLib->resolveFunction("OPENSSL_add_all_algorithms"); -- if (x) { -- ((void (*)())x)(); -- } else { -- x = d->cryptoLib->resolveFunction("OpenSSL_add_all_algorithms_conf"); -- if (!x) -- x = d->cryptoLib->resolveFunction("OPENSSL_add_all_algorithms_conf"); -- if (x) { -- ((void (*)())x)(); -- } else { -- x = d->cryptoLib->resolveFunction("OpenSSL_add_all_algorithms_noconf"); -- if (!x) -- x = d->cryptoLib->resolveFunction("OPENSSL_add_all_algorithms_noconf"); -- if (x) -- ((void (*)())x)(); -- } -- } -- x = d->cryptoLib->resolveFunction("OpenSSL_add_all_ciphers"); -- if (!x) -- x = d->cryptoLib->resolveFunction("OPENSSL_add_all_ciphers"); -- if (x) ((void (*)())x)(); -- x = d->cryptoLib->resolveFunction("OpenSSL_add_all_digests"); -- if (!x) -- x = d->cryptoLib->resolveFunction("OPENSSL_add_all_digests"); -- if (x) ((void (*)())x)(); -- } -- } -- - } - --KOpenSSLProxy::~KOpenSSLProxy() { -- if (d->sslLib) { -- d->sslLib->unload(); -- } -- if (d->cryptoLib) { -- d->cryptoLib->unload(); -- } -- -- KOpenSSLProxyPrivate::sSelf = 0; -- delete d; -+KOpenSSLProxy::~KOpenSSLProxy() -+{ -+ KOpenSSLProxyPrivate::sSelf = 0; -+ delete d; - } - -- - // FIXME: we should check "ok" and allow this to init the lib if !ok. - --KOpenSSLProxy *KOpenSSLProxy::self() { --#ifdef KSSL_HAVE_SSL -- if(!KOpenSSLProxyPrivate::sSelf) { -- KOpenSSLProxyPrivate::sSelf = new KOpenSSLProxy(); -- qAddPostRoutine(KOpenSSLProxyPrivate::cleanupKOpenSSLProxy); -- } -+KOpenSSLProxy *KOpenSSLProxy::self() -+{ -+#if KSSL_HAVE_SSL -+ if (!KOpenSSLProxyPrivate::sSelf) { -+ KOpenSSLProxyPrivate::sSelf = new KOpenSSLProxy(); -+ qAddPostRoutine(KOpenSSLProxyPrivate::cleanupKOpenSSLProxy); -+ } - #endif -- return KOpenSSLProxyPrivate::sSelf; -+ return KOpenSSLProxyPrivate::sSelf; - } - -+#if KSSL_HAVE_SSL - -- -- -- -- -- --#ifdef KSSL_HAVE_SSL -- -- -- --int KOpenSSLProxy::SSL_connect(SSL *ssl) { -- if (K_SSL_connect) return (K_SSL_connect)(ssl); -- return -1; -+int KOpenSSLProxy::SSL_connect(SSL *ssl) -+{ -+ return ::SSL_connect(ssl); - } - -- --int KOpenSSLProxy::SSL_accept(SSL *ssl) { -- if (K_SSL_accept) return (K_SSL_accept)(ssl); -- return -1; -+int KOpenSSLProxy::SSL_accept(SSL *ssl) -+{ -+ return ::SSL_accept(ssl); - } - -- --int KOpenSSLProxy::SSL_read(SSL *ssl, void *buf, int num) { -- if (K_SSL_read) return (K_SSL_read)(ssl, buf, num); -- return -1; -+int KOpenSSLProxy::SSL_read(SSL *ssl, void *buf, int num) -+{ -+ return ::SSL_read(ssl, buf, num); - } - -- --int KOpenSSLProxy::SSL_write(SSL *ssl, const void *buf, int num) { -- if (K_SSL_write) return (K_SSL_write)(ssl, buf, num); -- return -1; -+int KOpenSSLProxy::SSL_write(SSL *ssl, const void *buf, int num) -+{ -+ return ::SSL_write(ssl, buf, num); - } - -- --SSL *KOpenSSLProxy::SSL_new(SSL_CTX *ctx) { -- if (K_SSL_new) return (K_SSL_new)(ctx); -- return 0L; -+SSL *KOpenSSLProxy::SSL_new(SSL_CTX *ctx) -+{ -+ return ::SSL_new(ctx); - } - -- --void KOpenSSLProxy::SSL_free(SSL *ssl) { -- if (K_SSL_free) (K_SSL_free)(ssl); -+void KOpenSSLProxy::SSL_free(SSL *ssl) -+{ -+ return ::SSL_free(ssl); - } - -- --int KOpenSSLProxy::SSL_shutdown(SSL *ssl) { -- if (K_SSL_shutdown) return (K_SSL_shutdown)(ssl); -- return -1; -+int KOpenSSLProxy::SSL_shutdown(SSL *ssl) -+{ -+ return ::SSL_shutdown(ssl); - } - -- --SSL_CTX *KOpenSSLProxy::SSL_CTX_new(SSL_METHOD *method) { -- if (K_SSL_CTX_new) return (K_SSL_CTX_new)(method); -- return 0L; -+SSL_CTX *KOpenSSLProxy::SSL_CTX_new(const SSL_METHOD *method) -+{ -+ return ::SSL_CTX_new(method); - } - -- --void KOpenSSLProxy::SSL_CTX_free(SSL_CTX *ctx) { -- if (K_SSL_CTX_free) (K_SSL_CTX_free)(ctx); -+void KOpenSSLProxy::SSL_CTX_free(SSL_CTX *ctx) -+{ -+ return ::SSL_CTX_free(ctx); - } - -- --int KOpenSSLProxy::SSL_set_fd(SSL *ssl, int fd) { -- if (K_SSL_set_fd) return (K_SSL_set_fd)(ssl, fd); -- return -1; -+int KOpenSSLProxy::SSL_set_fd(SSL *ssl, int fd) -+{ -+ return ::SSL_set_fd(ssl, fd); - } - -- --int KOpenSSLProxy::SSL_pending(SSL *ssl) { -- if (K_SSL_pending) return (K_SSL_pending)(ssl); -- return -1; -+int KOpenSSLProxy::SSL_pending(SSL *ssl) -+{ -+ return ::SSL_pending(ssl); - } - -- --int KOpenSSLProxy::SSL_CTX_set_cipher_list(SSL_CTX *ctx, const char *str) { -- if (K_SSL_CTX_set_cipher_list) return (K_SSL_CTX_set_cipher_list)(ctx, str); -- return -1; -+int KOpenSSLProxy::SSL_CTX_set_cipher_list(SSL_CTX *ctx, const char *str) -+{ -+ return ::SSL_CTX_set_cipher_list(ctx, str); - } - -- - void KOpenSSLProxy::SSL_CTX_set_verify(SSL_CTX *ctx, int mode, -- int (*verify_callback)(int, X509_STORE_CTX *)) { -- if (K_SSL_CTX_set_verify) (K_SSL_CTX_set_verify)(ctx, mode, verify_callback); --} -- -- --int KOpenSSLProxy::SSL_use_certificate(SSL *ssl, X509 *x) { -- if (K_SSL_use_certificate) return (K_SSL_use_certificate)(ssl, x); -- return -1; -+ int (*verify_callback)(int, X509_STORE_CTX *)) -+{ -+ ::SSL_CTX_set_verify(ctx, mode, verify_callback); - } - -- --SSL_CIPHER *KOpenSSLProxy::SSL_get_current_cipher(SSL *ssl) { -- if (K_SSL_get_current_cipher) return (K_SSL_get_current_cipher)(ssl); -- return 0L; -+int KOpenSSLProxy::SSL_use_certificate(SSL *ssl, X509 *x) -+{ -+ return ::SSL_use_certificate(ssl, x); - } - -- --long KOpenSSLProxy::SSL_ctrl(SSL *ssl,int cmd, long larg, char *parg) { -- if (K_SSL_ctrl) return (K_SSL_ctrl)(ssl, cmd, larg, parg); -- return -1; -+const SSL_CIPHER *KOpenSSLProxy::SSL_get_current_cipher(SSL *ssl) -+{ -+ return ::SSL_get_current_cipher(ssl); - } - -- --int KOpenSSLProxy::RAND_egd(const char *path) { -- if (K_RAND_egd) return (K_RAND_egd)(path); -- return -1; -+long KOpenSSLProxy::SSL_ctrl(SSL *ssl, int cmd, long larg, char *parg) -+{ -+ return ::SSL_ctrl(ssl, cmd, larg, parg); - } - -- --SSL_METHOD *KOpenSSLProxy::TLSv1_client_method() { -- if (K_TLSv1_client_method) return (K_TLSv1_client_method)(); -- return 0L; -+int KOpenSSLProxy::RAND_egd(const char *path) -+{ -+#ifndef OPENSSL_NO_EGD -+ return ::RAND_egd(path); -+#endif -+ return 0; - } - -- --SSL_METHOD *KOpenSSLProxy::SSLv23_client_method() { -- if (K_SSLv23_client_method) return (K_SSLv23_client_method)(); -- return 0L; -+const SSL_METHOD *KOpenSSLProxy::TLSv1_client_method() -+{ -+ return ::TLSv1_client_method(); - } - -- --X509 *KOpenSSLProxy::SSL_get_peer_certificate(SSL *s) { -- if (K_SSL_get_peer_certificate) return (K_SSL_get_peer_certificate)(s); -- return 0L; -+const SSL_METHOD *KOpenSSLProxy::SSLv23_client_method() -+{ -+ return ::SSLv23_client_method(); - } - -- --int KOpenSSLProxy::SSL_CIPHER_get_bits(SSL_CIPHER *c,int *alg_bits) { -- if (K_SSL_CIPHER_get_bits) return (K_SSL_CIPHER_get_bits)(c, alg_bits); -- return -1; -+X509 *KOpenSSLProxy::SSL_get_peer_certificate(SSL *s) -+{ -+ return ::SSL_get_peer_certificate(s); - } - -- --char * KOpenSSLProxy::SSL_CIPHER_get_version(SSL_CIPHER *c) { -- if (K_SSL_CIPHER_get_version) return (K_SSL_CIPHER_get_version)(c); -- return 0L; -+int KOpenSSLProxy::SSL_CIPHER_get_bits(SSL_CIPHER *c, int *alg_bits) -+{ -+ return ::SSL_CIPHER_get_bits(c, alg_bits); - } - -- --const char * KOpenSSLProxy::SSL_CIPHER_get_name(SSL_CIPHER *c) { -- if (K_SSL_CIPHER_get_name) return (K_SSL_CIPHER_get_name)(c); -- return 0L; -+const char *KOpenSSLProxy::SSL_CIPHER_get_version(SSL_CIPHER *c) -+{ -+ return ::SSL_CIPHER_get_version(c); - } - -- --char * KOpenSSLProxy::SSL_CIPHER_description(SSL_CIPHER *c,char *buf,int size) { -- if (K_SSL_CIPHER_description) return (K_SSL_CIPHER_description)(c,buf,size); -- return 0L; -+const char *KOpenSSLProxy::SSL_CIPHER_get_name(SSL_CIPHER *c) -+{ -+ return ::SSL_CIPHER_get_name(c); - } - -- --X509 * KOpenSSLProxy::d2i_X509(X509 **a,unsigned char **pp,long length) { -- if (K_d2i_X509) return (K_d2i_X509)(a,pp,length); -- return 0L; -+char *KOpenSSLProxy::SSL_CIPHER_description(SSL_CIPHER *c, char *buf, int size) -+{ -+ return ::SSL_CIPHER_description(c, buf, size); - } - -- --int KOpenSSLProxy::i2d_X509(X509 *a,unsigned char **pp) { -- if (K_i2d_X509) return (K_i2d_X509)(a,pp); -- return -1; -+X509 *KOpenSSLProxy::d2i_X509(X509 **a, const unsigned char **pp, long length) -+{ -+ return ::d2i_X509(a, pp, length); - } - -- --int KOpenSSLProxy::X509_cmp(X509 *a, X509 *b) { -- if (K_X509_cmp) return (K_X509_cmp)(a,b); -- return 0; -+int KOpenSSLProxy::i2d_X509(X509 *a, unsigned char **pp) -+{ -+ return ::i2d_X509(a, pp); - } - -- --X509_STORE *KOpenSSLProxy::X509_STORE_new(void) { -- if (K_X509_STORE_new) return (K_X509_STORE_new)(); -- return 0L; -+int KOpenSSLProxy::X509_cmp(X509 *a, X509 *b) -+{ -+ return ::X509_cmp(a, b); - } - -- --void KOpenSSLProxy::X509_STORE_free(X509_STORE *v) { -- if (K_X509_STORE_free) (K_X509_STORE_free)(v); -+X509_STORE *KOpenSSLProxy::X509_STORE_new(void) -+{ -+ return ::X509_STORE_new(); - } - -- --X509_STORE_CTX *KOpenSSLProxy::X509_STORE_CTX_new(void) { -- if (K_X509_STORE_CTX_new) return (K_X509_STORE_CTX_new)(); -- return 0L; -+void KOpenSSLProxy::X509_STORE_free(X509_STORE *v) -+{ -+ ::X509_STORE_free(v); - } - -- --void KOpenSSLProxy::X509_STORE_CTX_free(X509_STORE_CTX *ctx) { -- if (K_X509_STORE_CTX_free) (K_X509_STORE_CTX_free)(ctx); -+X509_STORE_CTX *KOpenSSLProxy::X509_STORE_CTX_new(void) -+{ -+ return ::X509_STORE_CTX_new(); - } - -- --int KOpenSSLProxy::X509_verify_cert(X509_STORE_CTX *ctx) { -- if (K_X509_verify_cert) return (K_X509_verify_cert)(ctx); -- return -1; -+void KOpenSSLProxy::X509_STORE_CTX_free(X509_STORE_CTX *ctx) -+{ -+ ::X509_STORE_CTX_free(ctx); - } - -- --void KOpenSSLProxy::X509_free(X509 *a) { -- if (K_X509_free) (K_X509_free)(a); -+int KOpenSSLProxy::X509_verify_cert(X509_STORE_CTX *ctx) -+{ -+ return ::X509_verify_cert(ctx); - } - -- --char *KOpenSSLProxy::X509_NAME_oneline(X509_NAME *a,char *buf,int size) { -- if (K_X509_NAME_oneline) return (K_X509_NAME_oneline)(a,buf,size); -- return 0L; -+void KOpenSSLProxy::X509_free(X509 *a) -+{ -+ ::X509_free(a); - } - -- --X509_NAME *KOpenSSLProxy::X509_get_subject_name(X509 *a) { -- if (K_X509_get_subject_name) return (K_X509_get_subject_name)(a); -- return 0L; -+char *KOpenSSLProxy::X509_NAME_oneline(X509_NAME *a, char *buf, int size) -+{ -+ return ::X509_NAME_oneline(a, buf, size); - } - -- --X509_NAME *KOpenSSLProxy::X509_get_issuer_name(X509 *a) { -- if (K_X509_get_issuer_name) return (K_X509_get_issuer_name)(a); -- return 0L; -+X509_NAME *KOpenSSLProxy::X509_get_subject_name(X509 *a) -+{ -+ return ::X509_get_subject_name(a); - } - -- --X509_LOOKUP *KOpenSSLProxy::X509_STORE_add_lookup(X509_STORE *v, X509_LOOKUP_METHOD *m) { -- if (K_X509_STORE_add_lookup) return (K_X509_STORE_add_lookup)(v,m); -- return 0L; -+X509_NAME *KOpenSSLProxy::X509_get_issuer_name(X509 *a) -+{ -+ return ::X509_get_issuer_name(a); - } - -- --X509_LOOKUP_METHOD *KOpenSSLProxy::X509_LOOKUP_file(void) { -- if (K_X509_LOOKUP_file) return (K_X509_LOOKUP_file)(); -- return 0L; -+X509_LOOKUP *KOpenSSLProxy::X509_STORE_add_lookup(X509_STORE *v, X509_LOOKUP_METHOD *m) -+{ -+ return ::X509_STORE_add_lookup(v, m); - } - -- --void KOpenSSLProxy::X509_LOOKUP_free(X509_LOOKUP *x) { -- if (K_X509_LOOKUP_free) (K_X509_LOOKUP_free)(x); -+X509_LOOKUP_METHOD *KOpenSSLProxy::X509_LOOKUP_file(void) -+{ -+ return ::X509_LOOKUP_file(); - } - -- --int KOpenSSLProxy::X509_LOOKUP_ctrl(X509_LOOKUP *ctx, int cmd, const char *argc, long argl, char **ret) { -- if (K_X509_LOOKUP_ctrl) return (K_X509_LOOKUP_ctrl)(ctx,cmd,argc,argl,ret); -- return -1; -+void KOpenSSLProxy::X509_LOOKUP_free(X509_LOOKUP *x) -+{ -+ ::X509_LOOKUP_free(x); - } - -- --void KOpenSSLProxy::X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store, X509 *x509, STACK_OF(X509) *chain) { -- if (K_X509_STORE_CTX_init) (K_X509_STORE_CTX_init)(ctx,store,x509,chain); -+int KOpenSSLProxy::X509_LOOKUP_ctrl(X509_LOOKUP *ctx, int cmd, const char *argc, long argl, char **ret) -+{ -+ return ::X509_LOOKUP_ctrl(ctx, cmd, argc, argl, ret); - } - -- --void KOpenSSLProxy::CRYPTO_free(void *x) { -- if (K_CRYPTO_free) (K_CRYPTO_free)(x); -+void KOpenSSLProxy::X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store, X509 *x509, STACK_OF(X509) *chain) -+{ -+ ::X509_STORE_CTX_init(ctx, store, x509, chain); - } - -- --X509 *KOpenSSLProxy::X509_dup(X509 *x509) { -- if (K_X509_dup) return (K_X509_dup)(x509); -- return 0L; -+void KOpenSSLProxy::CRYPTO_free(void *x) -+{ -+ ::CRYPTO_free(x, OPENSSL_FILE, OPENSSL_LINE); - } - -- --BIO *KOpenSSLProxy::BIO_new(BIO_METHOD *type) { -- if (K_BIO_new) return (K_BIO_new)(type); -- else return 0L; -+X509 *KOpenSSLProxy::X509_dup(X509 *x509) -+{ -+ return ::X509_dup(x509); - } - -- --BIO_METHOD *KOpenSSLProxy::BIO_s_mem(void) { -- if (K_BIO_s_mem) return (K_BIO_s_mem)(); -- else return 0L; -+BIO *KOpenSSLProxy::BIO_new(BIO_METHOD *type) -+{ -+ return ::BIO_new(type); - } - -- --BIO *KOpenSSLProxy::BIO_new_fp(FILE *stream, int close_flag) { -- if (K_BIO_new_fp) return (K_BIO_new_fp)(stream, close_flag); -- return 0L; -+const BIO_METHOD *KOpenSSLProxy::BIO_s_mem(void) -+{ -+ return ::BIO_s_mem(); - } - -- --BIO *KOpenSSLProxy::BIO_new_mem_buf(void *buf, int len) { -- if (K_BIO_new_mem_buf) return (K_BIO_new_mem_buf)(buf,len); -- else return 0L; -+BIO *KOpenSSLProxy::BIO_new_fp(FILE *stream, int close_flag) -+{ -+ return ::BIO_new_fp(stream, close_flag); - } - -- --int KOpenSSLProxy::BIO_free(BIO *a) { -- if (K_BIO_free) return (K_BIO_free)(a); -- return -1; -+BIO *KOpenSSLProxy::BIO_new_mem_buf(void *buf, int len) -+{ -+ return ::BIO_new_mem_buf(buf, len); - } - -- --long KOpenSSLProxy::BIO_ctrl(BIO *bp,int cmd,long larg,void *parg) { -- if (K_BIO_ctrl) return (K_BIO_ctrl)(bp,cmd,larg,parg); -- else return 0; // failure return for BIO_ctrl is quite individual, maybe we should abort() instead -+int KOpenSSLProxy::BIO_free(BIO *a) -+{ -+ return ::BIO_free(a); - } - -- --int KOpenSSLProxy::BIO_write(BIO *b, const void *data, int len) { -- if (K_BIO_write) return (K_BIO_write)(b, data, len); -- else return -1; -+long KOpenSSLProxy::BIO_ctrl(BIO *bp, int cmd, long larg, void *parg) -+{ -+ return ::BIO_ctrl(bp, cmd, larg, parg); - } - -- --int KOpenSSLProxy::PEM_write_bio_X509(BIO *bp, X509 *x) { -- if (K_PEM_ASN1_write_bio) return (K_PEM_ASN1_write_bio) ((int (*)())K_i2d_X509, PEM_STRING_X509, bp, (char *)x, 0L, 0L, 0, 0L, 0L); -- else return -1; -+int KOpenSSLProxy::BIO_write(BIO *b, const void *data, int len) -+{ -+ return ::BIO_write(b, data, len); - } - --int KOpenSSLProxy::ASN1_item_i2d_fp(FILE *out,unsigned char *x) { -- if (K_ASN1_item_i2d_fp && K_NETSCAPE_X509_it) -- return (K_ASN1_item_i2d_fp)(K_NETSCAPE_X509_it, out, x); -- else return -1; -+int KOpenSSLProxy::PEM_write_bio_X509(BIO *bp, X509 *x) -+{ -+ return ::PEM_ASN1_write_bio(reinterpret_cast<i2d_of_void*>(::i2d_X509), PEM_STRING_X509, bp, (char *)x, 0L, 0L, 0, 0L, 0L); - } - -- --int KOpenSSLProxy::X509_print(FILE *fp, X509 *x) { -- if (K_X509_print_fp) return (K_X509_print_fp)(fp, x); -- return -1; -+int KOpenSSLProxy::X509_print(FILE *fp, X509 *x) -+{ -+ return ::X509_print_fp(fp, x); - } - -- --PKCS12 *KOpenSSLProxy::d2i_PKCS12_fp(FILE *fp, PKCS12 **p12) { -- if (K_d2i_PKCS12_fp) return (K_d2i_PKCS12_fp)(fp, p12); -- else return 0L; -+PKCS12 *KOpenSSLProxy::d2i_PKCS12_fp(FILE *fp, PKCS12 **p12) -+{ -+ return ::d2i_PKCS12_fp(fp, p12); - } - -- --int KOpenSSLProxy::PKCS12_newpass(PKCS12 *p12, char *oldpass, char *newpass) { -- if (K_PKCS12_newpass) return (K_PKCS12_newpass)(p12, oldpass, newpass); -- else return -1; -+int KOpenSSLProxy::PKCS12_newpass(PKCS12 *p12, char *oldpass, char *newpass) -+{ -+ return ::PKCS12_newpass(p12, oldpass, newpass); - } - -- --int KOpenSSLProxy::i2d_PKCS12(PKCS12 *p12, unsigned char **p) { -- if (K_i2d_PKCS12) return (K_i2d_PKCS12)(p12, p); -- else return -1; -+int KOpenSSLProxy::i2d_PKCS12(PKCS12 *p12, unsigned char **p) -+{ -+ return ::i2d_PKCS12(p12, p); - } - -- --int KOpenSSLProxy::i2d_PKCS12_fp(FILE *fp, PKCS12 *p12) { -- if (K_i2d_PKCS12_fp) return (K_i2d_PKCS12_fp)(fp, p12); -- else return -1; -+int KOpenSSLProxy::i2d_PKCS12_fp(FILE *fp, PKCS12 *p12) -+{ -+ return ::i2d_PKCS12_fp(fp, p12); - } - -- --PKCS12 *KOpenSSLProxy::PKCS12_new(void) { -- if (K_PKCS12_new) return (K_PKCS12_new)(); -- else return 0L; -+PKCS12 *KOpenSSLProxy::PKCS12_new(void) -+{ -+ return ::PKCS12_new(); - } - -- --void KOpenSSLProxy::PKCS12_free(PKCS12 *a) { -- if (K_PKCS12_free) (K_PKCS12_free)(a); -+void KOpenSSLProxy::PKCS12_free(PKCS12 *a) -+{ -+ ::PKCS12_free(a); - } - -- - int KOpenSSLProxy::PKCS12_parse(PKCS12 *p12, const char *pass, EVP_PKEY **pkey, -- X509 **cert, STACK_OF(X509) **ca) { -- if (K_PKCS12_parse) return (K_PKCS12_parse) (p12, pass, pkey, cert, ca); -- else return -1; -+ X509 **cert, STACK_OF(X509) **ca) -+{ -+ return ::PKCS12_parse(p12, pass, pkey, cert, ca); - } - -- --void KOpenSSLProxy::EVP_PKEY_free(EVP_PKEY *x) { -- if (K_EVP_PKEY_free) (K_EVP_PKEY_free)(x); -+void KOpenSSLProxy::EVP_PKEY_free(EVP_PKEY *x) -+{ -+ ::EVP_PKEY_free(x); - } - -- --EVP_PKEY* KOpenSSLProxy::EVP_PKEY_new() { -- if (K_EVP_PKEY_new) return (K_EVP_PKEY_new)(); -- else return 0L; -+EVP_PKEY *KOpenSSLProxy::EVP_PKEY_new() -+{ -+ return ::EVP_PKEY_new(); - } - -- --void KOpenSSLProxy::X509_REQ_free(X509_REQ *x) { -- if (K_X509_REQ_free) (K_X509_REQ_free)(x); -+void KOpenSSLProxy::X509_REQ_free(X509_REQ *x) -+{ -+ ::X509_REQ_free(x); - } - -- --X509_REQ* KOpenSSLProxy::X509_REQ_new() { -- if (K_X509_REQ_new) return (K_X509_REQ_new)(); -- else return 0L; -+X509_REQ *KOpenSSLProxy::X509_REQ_new() -+{ -+ return ::X509_REQ_new(); - } - -- --int KOpenSSLProxy::SSL_CTX_use_PrivateKey(SSL_CTX *ctx, EVP_PKEY *pkey) { -- if (K_SSL_CTX_use_PrivateKey) return (K_SSL_CTX_use_PrivateKey)(ctx,pkey); -- else return -1; -+int KOpenSSLProxy::SSL_CTX_use_PrivateKey(SSL_CTX *ctx, EVP_PKEY *pkey) -+{ -+ return ::SSL_CTX_use_PrivateKey(ctx, pkey); - } - -- --int KOpenSSLProxy::SSL_CTX_use_certificate(SSL_CTX *ctx, X509 *x) { -- if (K_SSL_CTX_use_certificate) return (K_SSL_CTX_use_certificate)(ctx,x); -- else return -1; -+int KOpenSSLProxy::SSL_CTX_use_certificate(SSL_CTX *ctx, X509 *x) -+{ -+ return ::SSL_CTX_use_certificate(ctx, x); - } - -- --int KOpenSSLProxy::SSL_get_error(SSL *ssl, int rc) { -- if (K_SSL_get_error) return (K_SSL_get_error)(ssl,rc); -- else return -1; -+int KOpenSSLProxy::SSL_get_error(SSL *ssl, int rc) -+{ -+ return ::SSL_get_error(ssl, rc); - } - -- --STACK_OF(X509) *KOpenSSLProxy::SSL_get_peer_cert_chain(SSL *s) { -- if (K_SSL_get_peer_cert_chain) return (K_SSL_get_peer_cert_chain)(s); -- else return 0L; -+STACK_OF(X509) *KOpenSSLProxy::SSL_get_peer_cert_chain(SSL *s) -+{ -+ return ::SSL_get_peer_cert_chain(s); - } - -- --void KOpenSSLProxy::sk_free(STACK *s) { -- if (K_sk_free) (K_sk_free)(s); -+void KOpenSSLProxy::sk_free(STACK *s) -+{ -+ ::OPENSSL_sk_free(s); - } - -- --int KOpenSSLProxy::sk_num(STACK *s) { -- if (K_sk_num) return (K_sk_num)(s); -- else return -1; -+int KOpenSSLProxy::sk_num(STACK *s) -+{ -+ return ::OPENSSL_sk_num(s); - } - -- --char *KOpenSSLProxy::sk_pop(STACK *s) { -- if (K_sk_pop) return (K_sk_pop)(s); -- else return 0L; -+char *KOpenSSLProxy::sk_pop(STACK *s) -+{ -+ return static_cast<char*>(::OPENSSL_sk_pop(s)); - } - -- --char *KOpenSSLProxy::sk_value(STACK *s, int n) { -- if (K_sk_value) return (K_sk_value)(s, n); -- else return 0L; -+char *KOpenSSLProxy::sk_value(STACK *s, int n) -+{ -+ return static_cast<char*>(::sk_value(s, n)); - } - -- --void KOpenSSLProxy::X509_STORE_CTX_set_chain(X509_STORE_CTX *v, STACK_OF(X509)* x) { -- if (K_X509_STORE_CTX_set_chain) (K_X509_STORE_CTX_set_chain)(v,x); -+void KOpenSSLProxy::X509_STORE_CTX_set_chain(X509_STORE_CTX *v, STACK_OF(X509)* x) -+{ -+ ::X509_STORE_CTX_set_chain(v, x); - } - --void KOpenSSLProxy::X509_STORE_CTX_set_purpose(X509_STORE_CTX *v, int purpose) { -- if (K_X509_STORE_CTX_set_purpose) (K_X509_STORE_CTX_set_purpose)(v,purpose); -+void KOpenSSLProxy::X509_STORE_CTX_set_purpose(X509_STORE_CTX *v, int purpose) -+{ -+ ::X509_STORE_CTX_set_purpose(v, purpose); - } - -- --STACK* KOpenSSLProxy::sk_dup(STACK *s) { -- if (K_sk_dup) return (K_sk_dup)(s); -- else return 0L; -+STACK *KOpenSSLProxy::sk_dup(STACK *s) -+{ -+ return ::sk_dup(s); - } - -- --STACK* KOpenSSLProxy::sk_new(int (*cmp)()) { -- if (K_sk_new) return (K_sk_new)(cmp); -- else return 0L; -+STACK *KOpenSSLProxy::sk_new(OPENSSL_sk_compfunc cmp) -+{ -+ return ::sk_new(cmp); - } - -- --int KOpenSSLProxy::sk_push(STACK* s, char* d) { -- if (K_sk_push) return (K_sk_push)(s,d); -- else return -1; -+int KOpenSSLProxy::sk_push(STACK *s, char *d) -+{ -+ return ::sk_push(s, d); - } - -- --char *KOpenSSLProxy::i2s_ASN1_INTEGER(X509V3_EXT_METHOD *meth, ASN1_INTEGER *aint) { -- if (K_i2s_ASN1_INTEGER) return (K_i2s_ASN1_INTEGER)(meth, aint); -- else return 0L; -+char *KOpenSSLProxy::i2s_ASN1_INTEGER(X509V3_EXT_METHOD *meth, ASN1_INTEGER *aint) -+{ -+ return ::i2s_ASN1_INTEGER(meth, aint); - } - -- --ASN1_INTEGER *KOpenSSLProxy::X509_get_serialNumber(X509 *x) { -- if (K_X509_get_serialNumber) return (K_X509_get_serialNumber)(x); -- else return 0L; -+ASN1_INTEGER *KOpenSSLProxy::X509_get_serialNumber(X509 *x) -+{ -+ return ::X509_get_serialNumber(x); - } - -- --EVP_PKEY *KOpenSSLProxy::X509_get_pubkey(X509 *x) { -- if (K_X509_get_pubkey) return (K_X509_get_pubkey)(x); -- else return 0L; -+EVP_PKEY *KOpenSSLProxy::X509_get_pubkey(X509 *x) -+{ -+ return ::X509_get_pubkey(x); - } - -- --int KOpenSSLProxy::i2d_PublicKey(EVP_PKEY *a, unsigned char **pp) { -- if (K_i2d_PublicKey) return (K_i2d_PublicKey)(a,pp); -- else return 0; -+int KOpenSSLProxy::i2d_PublicKey(EVP_PKEY *a, unsigned char **pp) -+{ -+ return ::i2d_PublicKey(a, pp); - } - -- --int KOpenSSLProxy::X509_check_private_key(X509 *x, EVP_PKEY *p) { -- if (K_X509_check_private_key) return (K_X509_check_private_key)(x,p); -- return -1; -+int KOpenSSLProxy::X509_check_private_key(X509 *x, EVP_PKEY *p) -+{ -+ return ::X509_check_private_key(x, p); - } - -- --char *KOpenSSLProxy::BN_bn2hex(const BIGNUM *a) { -- if (K_BN_bn2hex) return (K_BN_bn2hex)(a); -- else return 0L; -+char *KOpenSSLProxy::BN_bn2hex(const BIGNUM *a) -+{ -+ return ::BN_bn2hex(a); - } - -- --int KOpenSSLProxy::X509_digest(const X509 *x,const EVP_MD *t, unsigned char *md, unsigned int *len) { -- if (K_X509_digest) return (K_X509_digest)(x, t, md, len); -- else return -1; -+int KOpenSSLProxy::X509_digest(const X509 *x, const EVP_MD *t, unsigned char *md, unsigned int *len) -+{ -+ return ::X509_digest(x, t, md, len); - } - -- --EVP_MD *KOpenSSLProxy::EVP_md5() { -- if (K_EVP_md5) return (K_EVP_md5)(); -- return 0L; -+const EVP_MD *KOpenSSLProxy::EVP_md5() -+{ -+ return ::EVP_md5(); - } - -- --void KOpenSSLProxy::ASN1_INTEGER_free(ASN1_INTEGER *a) { -- if (K_ASN1_INTEGER_free) (K_ASN1_INTEGER_free)(a); -+void KOpenSSLProxy::ASN1_INTEGER_free(ASN1_INTEGER *a) -+{ -+ ::ASN1_INTEGER_free(a); - } - -- --int KOpenSSLProxy::OBJ_obj2nid(ASN1_OBJECT *o) { -- if (K_OBJ_obj2nid) return (K_OBJ_obj2nid)(o); -- else return -1; -+int KOpenSSLProxy::OBJ_obj2nid(ASN1_OBJECT *o) -+{ -+ return ::OBJ_obj2nid(o); - } - -- --const char * KOpenSSLProxy::OBJ_nid2ln(int n) { -- if (K_OBJ_nid2ln) return (K_OBJ_nid2ln)(n); -- else return 0L; -+const char *KOpenSSLProxy::OBJ_nid2ln(int n) -+{ -+ return ::OBJ_nid2ln(n); - } - -- --int KOpenSSLProxy::X509_get_ext_count(X509 *x) { -- if (K_X509_get_ext_count) return (K_X509_get_ext_count)(x); -- else return -1; -+int KOpenSSLProxy::X509_get_ext_count(X509 *x) -+{ -+ return ::X509_get_ext_count(x); - } - -- --int KOpenSSLProxy::X509_get_ext_by_NID(X509 *x, int nid, int lastpos) { -- if (K_X509_get_ext_by_NID) return (K_X509_get_ext_by_NID)(x,nid,lastpos); -- else return -1; -+int KOpenSSLProxy::X509_get_ext_by_NID(X509 *x, int nid, int lastpos) -+{ -+ return ::X509_get_ext_by_NID(x, nid, lastpos); - } - -- --int KOpenSSLProxy::X509_get_ext_by_OBJ(X509 *x,ASN1_OBJECT *obj,int lastpos) { -- if (K_X509_get_ext_by_OBJ) return (K_X509_get_ext_by_OBJ)(x,obj,lastpos); -- else return -1; -+int KOpenSSLProxy::X509_get_ext_by_OBJ(X509 *x, ASN1_OBJECT *obj, int lastpos) -+{ -+ return ::X509_get_ext_by_OBJ(x, obj, lastpos); - } - -- --X509_EXTENSION *KOpenSSLProxy::X509_get_ext(X509 *x, int loc) { -- if (K_X509_get_ext) return (K_X509_get_ext)(x,loc); -- else return 0L; -+X509_EXTENSION *KOpenSSLProxy::X509_get_ext(X509 *x, int loc) -+{ -+ return ::X509_get_ext(x, loc); - } - -- --X509_EXTENSION *KOpenSSLProxy::X509_delete_ext(X509 *x, int loc) { -- if (K_X509_delete_ext) return (K_X509_delete_ext)(x,loc); -- else return 0L; -+X509_EXTENSION *KOpenSSLProxy::X509_delete_ext(X509 *x, int loc) -+{ -+ return ::X509_delete_ext(x, loc); - } - -- --int KOpenSSLProxy::X509_add_ext(X509 *x, X509_EXTENSION *ex, int loc) { -- if (K_X509_add_ext) return (K_X509_add_ext)(x,ex,loc); -- else return -1; -+int KOpenSSLProxy::X509_add_ext(X509 *x, X509_EXTENSION *ex, int loc) -+{ -+ return ::X509_add_ext(x, ex, loc); - } - -- --void *KOpenSSLProxy::X509_get_ext_d2i(X509 *x, int nid, int *crit, int *idx) { -- if (K_X509_get_ext_d2i) return (K_X509_get_ext_d2i)(x,nid,crit,idx); -- else return 0L; -+void *KOpenSSLProxy::X509_get_ext_d2i(X509 *x, int nid, int *crit, int *idx) -+{ -+ return ::X509_get_ext_d2i(x, nid, crit, idx); - } - -- --char *KOpenSSLProxy::i2s_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method, ASN1_OCTET_STRING *ia5) { -- if (K_i2s_ASN1_OCTET_STRING) return (K_i2s_ASN1_OCTET_STRING)(method,ia5); -- else return 0L; -+char *KOpenSSLProxy::i2s_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method, ASN1_OCTET_STRING *ia5) -+{ -+ return ::i2s_ASN1_OCTET_STRING(method, ia5); - } - -- --int KOpenSSLProxy::ASN1_BIT_STRING_get_bit(ASN1_BIT_STRING *a, int n) { -- if (K_ASN1_BIT_STRING_get_bit) return (K_ASN1_BIT_STRING_get_bit)(a,n); -- else return -1; -+int KOpenSSLProxy::ASN1_BIT_STRING_get_bit(ASN1_BIT_STRING *a, int n) -+{ -+ return ::ASN1_BIT_STRING_get_bit(a, n); - } - -- --PKCS7 *KOpenSSLProxy::PKCS7_new(void) { -- if (K_PKCS7_new) return (K_PKCS7_new)(); -- else return 0L; -+PKCS7 *KOpenSSLProxy::PKCS7_new(void) -+{ -+ return ::PKCS7_new(); - } - -- --void KOpenSSLProxy::PKCS7_free(PKCS7 *a) { -- if (K_PKCS7_free) (K_PKCS7_free)(a); -+void KOpenSSLProxy::PKCS7_free(PKCS7 *a) -+{ -+ ::PKCS7_free(a); - } - -- --void KOpenSSLProxy::PKCS7_content_free(PKCS7 *a) { -- if (K_PKCS7_content_free) (K_PKCS7_content_free)(a); -+void KOpenSSLProxy::PKCS7_content_free(PKCS7 *a) -+{ -+ CRYPTO_free(a); - } - -- --int KOpenSSLProxy::i2d_PKCS7(PKCS7 *a, unsigned char **pp) { -- if (K_i2d_PKCS7) return (K_i2d_PKCS7)(a,pp); -- else return -1; -+int KOpenSSLProxy::i2d_PKCS7(PKCS7 *a, unsigned char **pp) -+{ -+ return ::i2d_PKCS7(a, pp); - } - -- --PKCS7 *KOpenSSLProxy::d2i_PKCS7(PKCS7 **a, unsigned char **pp,long length) { -- if (K_d2i_PKCS7) return (K_d2i_PKCS7)(a,pp,length); -- else return 0L; -+PKCS7 *KOpenSSLProxy::d2i_PKCS7(PKCS7 **a, const unsigned char **pp, long length) -+{ -+ return ::d2i_PKCS7(a, pp, length); - } - -- --int KOpenSSLProxy::i2d_PKCS7_fp(FILE *fp,PKCS7 *p7) { -- if (K_i2d_PKCS7_fp) return (K_i2d_PKCS7_fp)(fp,p7); -- else return -1; -+int KOpenSSLProxy::i2d_PKCS7_fp(FILE *fp, PKCS7 *p7) -+{ -+ return ::i2d_PKCS7_fp(fp, p7); - } - -- --PKCS7 *KOpenSSLProxy::d2i_PKCS7_fp(FILE *fp,PKCS7 **p7) { -- if (K_d2i_PKCS7_fp) return (K_d2i_PKCS7_fp)(fp,p7); -- else return 0L; -+PKCS7 *KOpenSSLProxy::d2i_PKCS7_fp(FILE *fp, PKCS7 **p7) -+{ -+ return ::d2i_PKCS7_fp(fp, p7); - } - -- --int KOpenSSLProxy::i2d_PKCS7_bio(BIO *bp,PKCS7 *p7) { -- if (K_i2d_PKCS7_bio) return (K_i2d_PKCS7_bio)(bp, p7); -- else return -1; -+int KOpenSSLProxy::i2d_PKCS7_bio(BIO *bp, PKCS7 *p7) -+{ -+ return ::i2d_PKCS7_bio(bp, p7); - } - -- --PKCS7 *KOpenSSLProxy::d2i_PKCS7_bio(BIO *bp,PKCS7 **p7) { -- if (K_d2i_PKCS7_bio) return (K_d2i_PKCS7_bio)(bp, p7); -- else return 0L; -+PKCS7 *KOpenSSLProxy::d2i_PKCS7_bio(BIO *bp, PKCS7 **p7) -+{ -+ return ::d2i_PKCS7_bio(bp, p7); - } - -- --PKCS7 *KOpenSSLProxy::PKCS7_dup(PKCS7 *p7) { -- if (K_PKCS7_dup) return (K_PKCS7_dup)(p7); -- else return 0L; -+PKCS7 *KOpenSSLProxy::PKCS7_dup(PKCS7 *p7) -+{ -+ return ::PKCS7_dup(p7); - } - -- - PKCS7 *KOpenSSLProxy::PKCS7_sign(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs, -- BIO *data, int flags) { -- if (K_PKCS7_sign) return (K_PKCS7_sign)(signcert,pkey,certs,data,flags); -- else return 0L; -+ BIO *data, int flags) -+{ -+ return ::PKCS7_sign(signcert, pkey, certs, data, flags); - } - -- --int KOpenSSLProxy::PKCS7_verify(PKCS7* p, STACK_OF(X509)* st, X509_STORE* s, BIO* in, BIO *out, int flags) { -- if (K_PKCS7_verify) return (K_PKCS7_verify)(p,st,s,in,out,flags); -- else return 0; -+int KOpenSSLProxy::PKCS7_verify(PKCS7 *p, STACK_OF(X509)* st, X509_STORE *s, BIO *in, BIO *out, int flags) -+{ -+ return ::PKCS7_verify(p, st, s, in, out, flags); - } - -- --STACK_OF(X509) *KOpenSSLProxy::PKCS7_get0_signers(PKCS7 *p7, STACK_OF(X509) *certs, int flags) { -- if (K_PKCS7_get0_signers) return (K_PKCS7_get0_signers)(p7,certs,flags); -- else return 0L; -+STACK_OF(X509) *KOpenSSLProxy::PKCS7_get0_signers(PKCS7 *p7, STACK_OF(X509) *certs, int flags) -+{ -+ return ::PKCS7_get0_signers(p7, certs, flags); - } - -- - PKCS7 *KOpenSSLProxy::PKCS7_encrypt(STACK_OF(X509) *certs, BIO *in, EVP_CIPHER *cipher, -- int flags) { -- if (K_PKCS7_encrypt) return (K_PKCS7_encrypt)(certs,in,cipher,flags); -- else return 0L; -+ int flags) -+{ -+ return ::PKCS7_encrypt(certs, in, cipher, flags); - } - -- --int KOpenSSLProxy::PKCS7_decrypt(PKCS7 *p7, EVP_PKEY *pkey, X509 *cert, BIO *data, int flags) { -- if (K_PKCS7_decrypt) return (K_PKCS7_decrypt)(p7,pkey,cert,data,flags); -- else return 0; -+int KOpenSSLProxy::PKCS7_decrypt(PKCS7 *p7, EVP_PKEY *pkey, X509 *cert, BIO *data, int flags) -+{ -+ return ::PKCS7_decrypt(p7, pkey, cert, data, flags); - } - -- --STACK_OF(X509_NAME) *KOpenSSLProxy::SSL_load_client_CA_file(const char *file) { -- if (K_SSL_load_client_CA_file) return (K_SSL_load_client_CA_file)(file); -- else return 0L; -+STACK_OF(X509_NAME) *KOpenSSLProxy::SSL_load_client_CA_file(const char *file) -+{ -+ return ::SSL_load_client_CA_file(file); - } - -- --STACK_OF(X509_INFO) *KOpenSSLProxy::PEM_X509_INFO_read(FILE *fp, STACK_OF(X509_INFO) *sk, pem_password_cb *cb, void *u) { -- if (K_PEM_X509_INFO_read) return (K_PEM_X509_INFO_read)(fp,sk,cb,u); -- else return 0L; -+STACK_OF(X509_INFO) *KOpenSSLProxy::PEM_X509_INFO_read(FILE *fp, STACK_OF(X509_INFO) *sk, pem_password_cb *cb, void *u) -+{ -+ return ::PEM_X509_INFO_read(fp, sk, cb, u); - } - -- --X509 *KOpenSSLProxy::X509_d2i_fp(FILE *out, X509** buf) { -- if (K_ASN1_d2i_fp) return reinterpret_cast<X509 *>((K_ASN1_d2i_fp)(reinterpret_cast<char *(*)()>(K_X509_new), reinterpret_cast<char *(*)()>(K_d2i_X509), out, reinterpret_cast<unsigned char **>(buf))); -- else return 0L; -+X509 *KOpenSSLProxy::X509_d2i_fp(FILE *out, X509 **buf) -+{ -+ return reinterpret_cast<X509 *>(::ASN1_d2i_fp(reinterpret_cast<void *(*)()>(::X509_new), reinterpret_cast<d2i_of_void*>(::d2i_X509), out, reinterpret_cast<void **>(buf))); - } - -- --int KOpenSSLProxy::SSL_peek(SSL *ssl,void *buf,int num) { -- if (K_SSL_peek) return (K_SSL_peek)(ssl,buf,num); -- else return -1; -+int KOpenSSLProxy::SSL_peek(SSL *ssl, void *buf, int num) -+{ -+ return ::SSL_peek(ssl, buf, num); - } - -- --const char *KOpenSSLProxy::RAND_file_name(char *buf, size_t num) { -- if (K_RAND_file_name) return (K_RAND_file_name)(buf, num); -- else return 0L; -+const char *KOpenSSLProxy::RAND_file_name(char *buf, size_t num) -+{ -+ return ::RAND_file_name(buf, num); - } - -- --int KOpenSSLProxy::RAND_load_file(const char *filename, long max_bytes) { -- if (K_RAND_load_file) return (K_RAND_load_file)(filename, max_bytes); -- else return -1; -+int KOpenSSLProxy::RAND_load_file(const char *filename, long max_bytes) -+{ -+ return ::RAND_load_file(filename, max_bytes); - } - -- --int KOpenSSLProxy::RAND_write_file(const char *filename) { -- if (K_RAND_write_file) return (K_RAND_write_file)(filename); -- else return -1; -+int KOpenSSLProxy::RAND_write_file(const char *filename) -+{ -+ return ::RAND_write_file(filename); - } - -- --int KOpenSSLProxy::X509_PURPOSE_get_count() { -- if (K_X509_PURPOSE_get_count) return (K_X509_PURPOSE_get_count)(); -- else return -1; -+int KOpenSSLProxy::X509_PURPOSE_get_count() -+{ -+ return ::X509_PURPOSE_get_count(); - } - -- --int KOpenSSLProxy::X509_PURPOSE_get_id(X509_PURPOSE *p) { -- if (K_X509_PURPOSE_get_id) return (K_X509_PURPOSE_get_id)(p); -- else return -1; -+int KOpenSSLProxy::X509_PURPOSE_get_id(X509_PURPOSE *p) -+{ -+ return ::X509_PURPOSE_get_id(p); - } - -- --int KOpenSSLProxy::X509_check_purpose(X509 *x, int id, int ca) { -- if (K_X509_check_purpose) return (K_X509_check_purpose)(x, id, ca); -- else return -1; -+int KOpenSSLProxy::X509_check_purpose(X509 *x, int id, int ca) -+{ -+ return ::X509_check_purpose(x, id, ca); - } - -- --X509_PURPOSE *KOpenSSLProxy::X509_PURPOSE_get0(int idx) { -- if (K_X509_PURPOSE_get0) return (K_X509_PURPOSE_get0)(idx); -- else return 0L; -+X509_PURPOSE *KOpenSSLProxy::X509_PURPOSE_get0(int idx) -+{ -+ return ::X509_PURPOSE_get0(idx); - } - -- --int KOpenSSLProxy::EVP_PKEY_assign(EVP_PKEY *pkey, int type, char *key) { -- if (K_EVP_PKEY_assign) return (K_EVP_PKEY_assign)(pkey, type, key); -- else return -1; -+int KOpenSSLProxy::EVP_PKEY_assign(EVP_PKEY *pkey, int type, char *key) -+{ -+ return ::EVP_PKEY_assign(pkey, type, key); - } - -- --int KOpenSSLProxy::X509_REQ_set_pubkey(X509_REQ *x, EVP_PKEY *pkey) { -- if (K_X509_REQ_set_pubkey) return (K_X509_REQ_set_pubkey)(x, pkey); -- else return -1; -+int KOpenSSLProxy::X509_REQ_set_pubkey(X509_REQ *x, EVP_PKEY *pkey) -+{ -+ return ::X509_REQ_set_pubkey(x, pkey); - } - -- --RSA* KOpenSSLProxy::RSA_generate_key(int bits, unsigned long e, void -- (*callback)(int,int,void *), void *cb_arg) { -- if (K_RSA_generate_key) return (K_RSA_generate_key)(bits, e, callback, cb_arg); -- else return 0L; -+RSA *KOpenSSLProxy::RSA_generate_key(int bits, unsigned long e, void -+ (*callback)(int, int, void *), void *cb_arg) -+{ -+ return ::RSA_generate_key(bits, e, callback, cb_arg); - } - --STACK *KOpenSSLProxy::X509_get1_email(X509 *x) { -- if (K_X509_get1_email) return (K_X509_get1_email)(x); -- else return 0L; -+STACK *KOpenSSLProxy::X509_get1_email(X509 *x) -+{ -+ return reinterpret_cast<STACK*>(::X509_get1_email(x)); - } - --void KOpenSSLProxy::X509_email_free(STACK *sk) { -- if (K_X509_email_free) (K_X509_email_free)(sk); -+void KOpenSSLProxy::X509_email_free(STACK *sk) -+{ -+ ::X509_email_free(reinterpret_cast<STACK_OF(OPENSSL_STRING)*>(sk)); - } - --EVP_CIPHER *KOpenSSLProxy::EVP_des_ede3_cbc() { -- if (K_EVP_des_ede3_cbc) return (K_EVP_des_ede3_cbc)(); -- else return 0L; -+const EVP_CIPHER *KOpenSSLProxy::EVP_des_ede3_cbc() -+{ -+ return ::EVP_des_ede3_cbc(); - } - --EVP_CIPHER *KOpenSSLProxy::EVP_des_cbc() { -- if (K_EVP_des_cbc) return (K_EVP_des_cbc)(); -- else return 0L; -+const EVP_CIPHER *KOpenSSLProxy::EVP_des_cbc() -+{ -+ return ::EVP_des_cbc(); - } - --EVP_CIPHER *KOpenSSLProxy::EVP_rc2_cbc() { -- if (K_EVP_rc2_cbc) return (K_EVP_rc2_cbc)(); -- else return 0L; -+const EVP_CIPHER *KOpenSSLProxy::EVP_rc2_cbc() -+{ -+ return ::EVP_rc2_cbc(); - } - --EVP_CIPHER *KOpenSSLProxy::EVP_rc2_64_cbc() { -- if (K_EVP_rc2_64_cbc) return (K_EVP_rc2_64_cbc)(); -- else return 0L; -+const EVP_CIPHER *KOpenSSLProxy::EVP_rc2_64_cbc() -+{ -+ return ::EVP_rc2_64_cbc(); - } - --EVP_CIPHER *KOpenSSLProxy::EVP_rc2_40_cbc() { -- if (K_EVP_rc2_40_cbc) return (K_EVP_rc2_40_cbc)(); -- else return 0L; -+const EVP_CIPHER *KOpenSSLProxy::EVP_rc2_40_cbc() -+{ -+ return ::EVP_rc2_40_cbc(); - } - --int KOpenSSLProxy::i2d_X509_REQ_fp(FILE *fp, X509_REQ *x) { -- if (K_i2d_X509_REQ_fp) return (K_i2d_X509_REQ_fp)(fp,x); -- else return -1; -+int KOpenSSLProxy::i2d_X509_REQ_fp(FILE *fp, X509_REQ *x) -+{ -+ return ::i2d_X509_REQ_fp(fp, x); - } - -- --void KOpenSSLProxy::ERR_clear_error() { -- if (K_ERR_clear_error) (K_ERR_clear_error)(); -+void KOpenSSLProxy::ERR_clear_error() -+{ -+ return ::ERR_clear_error(); - } - -- --unsigned long KOpenSSLProxy::ERR_get_error() { -- if (K_ERR_get_error) return (K_ERR_get_error)(); -- else return 0xffffffff; -+unsigned long KOpenSSLProxy::ERR_get_error() -+{ -+ return ::ERR_get_error(); - } - -- --void KOpenSSLProxy::ERR_print_errors_fp(FILE* fp) { -- if (K_ERR_print_errors_fp) (K_ERR_print_errors_fp)(fp); -+void KOpenSSLProxy::ERR_print_errors_fp(FILE *fp) -+{ -+ return ::ERR_print_errors_fp(fp); - } - -- --SSL_SESSION *KOpenSSLProxy::SSL_get1_session(SSL *ssl) { -- if (K_SSL_get1_session) return (K_SSL_get1_session)(ssl); -- else return 0L; -+SSL_SESSION *KOpenSSLProxy::SSL_get1_session(SSL *ssl) -+{ -+ return ::SSL_get1_session(ssl); - } - -- --void KOpenSSLProxy::SSL_SESSION_free(SSL_SESSION *session) { -- if (K_SSL_SESSION_free) (K_SSL_SESSION_free)(session); -+void KOpenSSLProxy::SSL_SESSION_free(SSL_SESSION *session) -+{ -+ return ::SSL_SESSION_free(session); - } - -- --int KOpenSSLProxy::SSL_set_session(SSL *ssl, SSL_SESSION *session) { -- if (K_SSL_set_session) return (K_SSL_set_session)(ssl, session); -- else return -1; -+int KOpenSSLProxy::SSL_set_session(SSL *ssl, SSL_SESSION *session) -+{ -+ return ::SSL_set_session(ssl, session); - } - -- --SSL_SESSION *KOpenSSLProxy::d2i_SSL_SESSION(SSL_SESSION **a, unsigned char **pp, long length) { -- if (K_d2i_SSL_SESSION) return (K_d2i_SSL_SESSION)(a, pp, length); -- else return 0L; -+SSL_SESSION *KOpenSSLProxy::d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp, long length) -+{ -+ return ::d2i_SSL_SESSION(a, pp, length); - } - -- --int KOpenSSLProxy::i2d_SSL_SESSION(SSL_SESSION *in, unsigned char **pp) { -- if (K_i2d_SSL_SESSION) return (K_i2d_SSL_SESSION)(in, pp); -- else return -1; -+int KOpenSSLProxy::i2d_SSL_SESSION(SSL_SESSION *in, unsigned char **pp) -+{ -+ return ::i2d_SSL_SESSION(in, pp); - } - -- --int KOpenSSLProxy::i2d_PrivateKey_fp(FILE *fp, EVP_PKEY *p) { -- if (K_i2d_PrivateKey_fp) return (K_i2d_PrivateKey_fp)(fp, p); -- else return -1; -+int KOpenSSLProxy::i2d_PrivateKey_fp(FILE *fp, EVP_PKEY *p) -+{ -+ return ::i2d_PrivateKey_fp(fp, p); - } - -- --int KOpenSSLProxy::i2d_PKCS8PrivateKey_fp(FILE *fp, EVP_PKEY *p, const EVP_CIPHER *c, char *k, int klen, pem_password_cb *cb, void *u) { -- if (K_i2d_PKCS8PrivateKey_fp) return (K_i2d_PKCS8PrivateKey_fp)(fp, p, c, k, klen, cb, u); -- else return -1; -+int KOpenSSLProxy::i2d_PKCS8PrivateKey_fp(FILE *fp, EVP_PKEY *p, const EVP_CIPHER *c, char *k, int klen, pem_password_cb *cb, void *u) -+{ -+ return ::i2d_PKCS8PrivateKey_fp(fp, p, c, k, klen, cb, u); - } - -- --void KOpenSSLProxy::RSA_free(RSA *rsa) { -- if (K_RSA_free) (K_RSA_free)(rsa); -+void KOpenSSLProxy::RSA_free(RSA *rsa) -+{ -+ return ::RSA_free(rsa); - } - -- --EVP_CIPHER *KOpenSSLProxy::EVP_bf_cbc() { -- if (K_EVP_bf_cbc) return (K_EVP_bf_cbc)(); -- return 0L; -+const EVP_CIPHER *KOpenSSLProxy::EVP_bf_cbc() -+{ -+ return ::EVP_bf_cbc(); - } - -- --int KOpenSSLProxy::X509_REQ_sign(X509_REQ *x, EVP_PKEY *pkey, const EVP_MD *md) { -- if (K_X509_REQ_sign) return (K_X509_REQ_sign)(x, pkey, md); -- return -1; -+int KOpenSSLProxy::X509_REQ_sign(X509_REQ *x, EVP_PKEY *pkey, const EVP_MD *md) -+{ -+ return ::X509_REQ_sign(x, pkey, md); - } - -- - int KOpenSSLProxy::X509_NAME_add_entry_by_txt(X509_NAME *name, char *field, -- int type, unsigned char *bytes, int len, int loc, int set) { -- if (K_X509_NAME_add_entry_by_txt) return (K_X509_NAME_add_entry_by_txt)(name, field, type, bytes, len, loc, set); -- return -1; -+ int type, unsigned char *bytes, int len, int loc, int set) -+{ -+ return ::X509_NAME_add_entry_by_txt(name, field, type, bytes, len, loc, set); - } - -- --X509_NAME *KOpenSSLProxy::X509_NAME_new() { -- if (K_X509_NAME_new) return (K_X509_NAME_new)(); -- return 0L; -+X509_NAME *KOpenSSLProxy::X509_NAME_new() -+{ -+ return ::X509_NAME_new(); - } - -- --int KOpenSSLProxy::X509_REQ_set_subject_name(X509_REQ *req,X509_NAME *name) { -- if (K_X509_REQ_set_subject_name) return (K_X509_REQ_set_subject_name)(req, name); -- return -1; -+int KOpenSSLProxy::X509_REQ_set_subject_name(X509_REQ *req, X509_NAME *name) -+{ -+ return ::X509_REQ_set_subject_name(req, name); - } - -- --unsigned char *KOpenSSLProxy::ASN1_STRING_data(ASN1_STRING *x) { -- if (K_ASN1_STRING_data) return (K_ASN1_STRING_data)(x); -- return 0L; -+unsigned char *KOpenSSLProxy::ASN1_STRING_data(ASN1_STRING *x) -+{ -+ return ::ASN1_STRING_data(x); - } - -- --int KOpenSSLProxy::ASN1_STRING_length(ASN1_STRING *x) { -- if (K_ASN1_STRING_length) return (K_ASN1_STRING_length)(x); -- return 0L; -+int KOpenSSLProxy::ASN1_STRING_length(ASN1_STRING *x) -+{ -+ return ::ASN1_STRING_length(x); - } - -- --STACK_OF(SSL_CIPHER) *KOpenSSLProxy::SSL_get_ciphers(const SSL* ssl) { -- if (K_SSL_get_ciphers) return (K_SSL_get_ciphers)(ssl); -- return 0L; -+STACK_OF(SSL_CIPHER) *KOpenSSLProxy::SSL_get_ciphers(const SSL *ssl) -+{ -+ return ::SSL_get_ciphers(ssl); - } - - #endif -- ---- kdelibs-4.14.26/kio/kssl/kopenssl.h.omv~ 2016-11-14 21:58:51.376629071 +0100 -+++ kdelibs-4.14.26/kio/kssl/kopenssl.h 2016-11-14 22:11:08.549870329 +0100 -@@ -16,7 +16,6 @@ - Boston, MA 02110-1301, USA. - */ - -- - // IF YOU ARE USING THIS CLASS, YOU ARE MAKING A MISTAKE. - - #ifndef __KOPENSSLPROXY_H -@@ -25,11 +24,9 @@ - #define KOSSL KOpenSSLProxy - class KOpenSSLProxyPrivate; - --#include <kio/kio_export.h> -- - #include <ksslconfig.h> - --#ifdef KSSL_HAVE_SSL -+#if KSSL_HAVE_SSL - #define crypt _openssl_crypt - #include <openssl/ssl.h> - #include <openssl/x509.h> -@@ -62,833 +59,773 @@ class KOpenSSLProxyPrivate; - * @short KDE OpenSSL Wrapper - * @internal - */ --class KOpenSSLProxy { -+class KOpenSSLProxy -+{ - public: - -- /** -- * Return an instance of class KOpenSSLProxy * -- * You cannot delete this object. It is a singleton class. -- */ -- static KOpenSSLProxy *self(); -- -- /** -- * Return true of libcrypto was found and loaded -- */ -- bool hasLibCrypto() const; -- -- /** -- * Return true of libssl was found and loaded -- */ -- bool hasLibSSL() const; -- -- /** -- * Destroy the class and start over - don't use this unless you know -- * what you are doing. -- */ -- void destroy(); -- -- // Here are the symbols that we need. --#ifdef KSSL_HAVE_SSL -- -- /* -- * SSL_connect - initiate the TLS/SSL handshake with an TLS/SSL server -- */ -- int SSL_connect(SSL *ssl); -- -- /* -- * SSL_accept - initiate the TLS/SSL handshake with an TLS/SSL server -- */ -- int SSL_accept(SSL *ssl); -- -- /* -- * SSL_get_error - get the error code -- */ -- int SSL_get_error(SSL *ssl, int rc); -- -- /* -- * SSL_read - read bytes from a TLS/SSL connection. -- */ -- int SSL_read(SSL *ssl, void *buf, int num); -- -- /* -- * SSL_write - write bytes to a TLS/SSL connection. -- */ -- int SSL_write(SSL *ssl, const void *buf, int num); -- -- /* -- * SSL_new - create a new SSL structure for a connection -- */ -- SSL *SSL_new(SSL_CTX *ctx); -- -- /* -- * SSL_free - free an allocated SSL structure -- */ -- void SSL_free(SSL *ssl); -- -- /* -- * SSL_shutdown - shutdown an allocated SSL connection -- */ -- int SSL_shutdown(SSL *ssl); -- -- /* -- * SSL_CTX_new - create a new SSL_CTX object as framework for TLS/SSL enabled functions -- */ -- SSL_CTX *SSL_CTX_new(SSL_METHOD *method); -- -- /* -- * SSL_CTX_free - free an allocated SSL_CTX object -- */ -- void SSL_CTX_free(SSL_CTX *ctx); -- -- /* -- * SSL_set_fd - connect the SSL object with a file descriptor -- */ -- int SSL_set_fd(SSL *ssl, int fd); -- -- /* -- * SSL_pending - obtain number of readable bytes buffered in an SSL object -- */ -- int SSL_pending(SSL *ssl); -- -- /* -- * SSL_peek - obtain bytes buffered in an SSL object -- */ -- int SSL_peek(SSL *ssl, void *buf, int num); -- -- /* -- * SSL_CTX_set_cipher_list - choose list of available SSL_CIPHERs -- */ -- int SSL_CTX_set_cipher_list(SSL_CTX *ctx, const char *str); -- -- /* -- * SSL_CTX_set_verify - set peer certificate verification parameters -- */ -- void SSL_CTX_set_verify(SSL_CTX *ctx, int mode, -- int (*verify_callback)(int, X509_STORE_CTX *)); -- -- /* -- * SSL_use_certificate - load certificate -- */ -- int SSL_use_certificate(SSL *ssl, X509 *x); -- -- /* -- * SSL_get_current_cipher - get SSL_CIPHER of a connection -- */ -- SSL_CIPHER *SSL_get_current_cipher(SSL *ssl); -- -- /* -- * SSL_set_options - manipulate SSL engine options -- * Note: These are all mapped to SSL_ctrl so call them as the comment -- * specifies but know that they use SSL_ctrl. They are #define -- * so they will map to the one in this class if called as a -- * member function of this class. -- */ -- /* long SSL_set_options(SSL *ssl, long options); */ -- /* Returns 0 if not reused, 1 if session id is reused */ -- /* int SSL_session_reused(SSL *ssl); */ -- long SSL_ctrl(SSL *ssl,int cmd, long larg, char *parg); -- -- /* -- * RAND_egd - set the path to the EGD -- */ -- int RAND_egd(const char *path); -- -- -- /* -- * RAND_file_name -- */ -- const char *RAND_file_name(char *buf, size_t num); -- -- -- /* -- * RAND_load_file -- */ -- int RAND_load_file(const char *filename, long max_bytes); -- -- -- /* -- * RAND_write_file -- */ -- int RAND_write_file(const char *filename); -- -- -- /* -- * TLSv1_client_method - return a TLSv1 client method object -- */ -- SSL_METHOD *TLSv1_client_method(); -- -- -- /* -- * SSLv23_client_method - return a SSLv23 client method object -- */ -- SSL_METHOD *SSLv23_client_method(); -- -- -- /* -- * SSL_get_peer_certificate - return the peer's certificate -- */ -- X509 *SSL_get_peer_certificate(SSL *s); -- -- -- /* -- * SSL_get_peer_cert_chain - get the peer's certificate chain -- */ -- STACK_OF(X509) *SSL_get_peer_cert_chain(SSL *s); -- -- /* -- * SSL_CIPHER_get_bits - get the number of bits in this cipher -- */ -- int SSL_CIPHER_get_bits(SSL_CIPHER *c,int *alg_bits); -- -- -- /* -- * SSL_CIPHER_get_version - get the version of this cipher -- */ -- char *SSL_CIPHER_get_version(SSL_CIPHER *c); -- -- -- /* -- * SSL_CIPHER_get_name - get the name of this cipher -- */ -- const char *SSL_CIPHER_get_name(SSL_CIPHER *c); -- -- -- /* -- * SSL_CIPHER_description - get the description of this cipher -- */ -- char *SSL_CIPHER_description(SSL_CIPHER *,char *buf,int size); -- -- -- /* -- * SSL_CTX_use_PrivateKey - set the private key for the session. -- * - for use with client certificates -- */ -- int SSL_CTX_use_PrivateKey(SSL_CTX *ctx, EVP_PKEY *pkey); -- -- -- /* -- * SSL_CTX_use_certificate - set the client certificate for the session. -- */ -- int SSL_CTX_use_certificate(SSL_CTX *ctx, X509 *x); -- -- -- /* -- * d2i_X509 - Convert a text representation of X509 to an X509 object -- */ -- X509 * d2i_X509(X509 **a,unsigned char **pp,long length); -- -- -- /* -- * i2d_X509 - Convert an X509 object into a text representation -- */ -- int i2d_X509(X509 *a,unsigned char **pp); -- -- -- /* -- * X509_cmp - compare two X509 objects -- */ -- int X509_cmp(X509 *a, X509 *b); -- -- -- /* -- * X509_dup - duplicate an X509 object -- */ -- X509 *X509_dup(X509 *x509); -- -- -- /* -- * X509_STORE_CTX_new - create an X509 store context -- */ -- X509_STORE_CTX *X509_STORE_CTX_new(void); -- -- -- /* -- * X509_STORE_CTX_free - free up an X509 store context -- */ -- void X509_STORE_CTX_free(X509_STORE_CTX *v); -- -- -- /* -- * X509_STORE_CTX_set_chain - set the certificate chain -- */ -- void X509_STORE_CTX_set_chain(X509_STORE_CTX *v, STACK_OF(X509)* x); -- -- /* -- * X509_STORE_CTX_set_purpose - set the purpose of the certificate -- */ -- void X509_STORE_CTX_set_purpose(X509_STORE_CTX *v, int purpose); -- -- /* -- * X509_verify_cert - verify the certificate -- */ -- int X509_verify_cert(X509_STORE_CTX *v); -- -- -- /* -- * X509_STORE_new - create an X509 store -- */ -- X509_STORE *X509_STORE_new(void); -- -- -- /* -- * X509_STORE_free - free up an X509 store -- */ -- void X509_STORE_free(X509_STORE *v); -- -- -- /* -- * X509_free - free up an X509 -- */ -- void X509_free(X509 *v); -- -- -- /* -- * X509_NAME_oneline - return the X509 data in a string -- */ -- char *X509_NAME_oneline(X509_NAME *a, char *buf, int size); -- -- -- /* -- * X509_get_subject_name - return the X509_NAME for the subject field -- */ -- X509_NAME *X509_get_subject_name(X509 *a); -- -- -- /* -- * X509_get_issuer_name - return the X509_NAME for the issuer field -- */ -- X509_NAME *X509_get_issuer_name(X509 *a); -- -- -- /* -- * X509_STORE_add_lookup - add a lookup file/method to an X509 store -- */ -- X509_LOOKUP *X509_STORE_add_lookup(X509_STORE *v, X509_LOOKUP_METHOD *m); -- -- -- /* -- * X509_LOOKUP_file - Definition of the LOOKUP_file method -- */ -- X509_LOOKUP_METHOD *X509_LOOKUP_file(void); -- -- -- /* -- * X509_LOOKUP_free - Free an X509_LOOKUP -- */ -- void X509_LOOKUP_free(X509_LOOKUP *x); -- -- -- /* -- * X509_LOOKUP_ctrl - This is not normally called directly (use macros) -- */ -- int X509_LOOKUP_ctrl(X509_LOOKUP *ctx, int cmd, const char *argc, long argl, char **ret); -- -- -- /* -- * X509_STORE_CTX_init - initialize an X509 STORE context -- */ -- void X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store, X509 *x509, STACK_OF(X509) *chain); -- -- -- /* -- * CRYPTO_free - free up an internally allocated object -- */ -- void CRYPTO_free(void *x); -- -- /* -- * BIO_new - create new BIO -- */ -- BIO *BIO_new(BIO_METHOD *type); -- -- /* -- * BIO methods - only one defined here yet -- */ -- BIO_METHOD *BIO_s_mem(void); -- -- /* -- * BIO_new_fp - nastiness called BIO - used to create BIO* from FILE* -- */ -- BIO *BIO_new_fp(FILE *stream, int close_flag); -- -- /* -- * BIO_new_mem_buf - read only BIO from memory region -- */ -- BIO *BIO_new_mem_buf(void *buf, int len); -- -- /* -- * BIO_free - nastiness called BIO - used to destroy BIO* -- */ -- int BIO_free(BIO *a); -- -- /* -- * BIO_ctrl - BIO control method -- */ -- long BIO_ctrl(BIO *bp,int cmd,long larg,void *parg); -- -- /* -- * BIO_write - equivalent to ::write for BIO -- */ -- int BIO_write(BIO *b, const void *data, int len); -- -- /* -- * PEM_write_bio_X509 - write a PEM encoded cert to a BIO* -- */ -- int PEM_write_bio_X509(BIO *bp, X509 *x); -- -- /* -- * ASN1_item_i2d_fp - used for netscape output -- */ -- int ASN1_item_i2d_fp(FILE *out, unsigned char *x); -- -- -- /* -- * ASN1_d2i_fp - read an X509 from a DER encoded file (buf can be NULL) -- */ -- X509 *X509_d2i_fp(FILE *out, X509** buf); -- -- -- /* -- * X509_print - print the text form of an X509 -- */ -- int X509_print(FILE *fp, X509 *x); -- -- -- /* -- * Read a PKCS#12 cert from fp -- */ -- PKCS12 *d2i_PKCS12_fp(FILE *fp, PKCS12 **p12); -- -- -- /* -- * Change the password on a PKCS#12 cert -- */ -- int PKCS12_newpass(PKCS12 *p12, char *oldpass, char *newpass); -- -- -- /* -- * Write a PKCS#12 to mem -- */ -- int i2d_PKCS12(PKCS12 *p12, unsigned char **p); -- -- -- /* -- * Write a PKCS#12 to FILE* -- */ -- int i2d_PKCS12_fp(FILE *fp, PKCS12 *p12); -- -- -- /* -- * Create a new PKCS#12 object -- */ -- PKCS12 *PKCS12_new(void); -- -- -- /* -- * Destroy that PKCS#12 that you created! -- */ -- void PKCS12_free(PKCS12 *a); -- -- -- /* -- * Parse the PKCS#12 -- */ -- int PKCS12_parse(PKCS12 *p12, const char *pass, EVP_PKEY **pkey, -- X509 **cert, STACK_OF(X509) **ca); -- -- -- /* -- * Free the Private Key -- */ -- void EVP_PKEY_free(EVP_PKEY *x); -- -- -- /* -- * Pop off the stack -- */ -- char *sk_pop(STACK *s); -- -- -- /* -- * Free the stack -- */ -- void sk_free(STACK *s); -+ /** -+ * Return an instance of class KOpenSSLProxy * -+ * You cannot delete this object. It is a singleton class. -+ */ -+ static KOpenSSLProxy *self(); -+ -+ /** -+ * Return true of libcrypto was found and loaded -+ */ -+ bool hasLibCrypto() const; -+ -+ /** -+ * Return true of libssl was found and loaded -+ */ -+ bool hasLibSSL() const; -+ -+ /** -+ * Destroy the class and start over - don't use this unless you know -+ * what you are doing. -+ */ -+ void destroy(); -+ -+ // Here are the symbols that we need. -+#if KSSL_HAVE_SSL -+ -+ /* -+ * SSL_connect - initiate the TLS/SSL handshake with an TLS/SSL server -+ */ -+ int SSL_connect(SSL *ssl); -+ -+ /* -+ * SSL_accept - initiate the TLS/SSL handshake with an TLS/SSL server -+ */ -+ int SSL_accept(SSL *ssl); -+ -+ /* -+ * SSL_get_error - get the error code -+ */ -+ int SSL_get_error(SSL *ssl, int rc); -+ -+ /* -+ * SSL_read - read bytes from a TLS/SSL connection. -+ */ -+ int SSL_read(SSL *ssl, void *buf, int num); -+ -+ /* -+ * SSL_write - write bytes to a TLS/SSL connection. -+ */ -+ int SSL_write(SSL *ssl, const void *buf, int num); -+ -+ /* -+ * SSL_new - create a new SSL structure for a connection -+ */ -+ SSL *SSL_new(SSL_CTX *ctx); -+ -+ /* -+ * SSL_free - free an allocated SSL structure -+ */ -+ void SSL_free(SSL *ssl); -+ -+ /* -+ * SSL_shutdown - shutdown an allocated SSL connection -+ */ -+ int SSL_shutdown(SSL *ssl); -+ -+ /* -+ * SSL_CTX_new - create a new SSL_CTX object as framework for TLS/SSL enabled functions -+ */ -+ SSL_CTX *SSL_CTX_new(const SSL_METHOD *method); -+ -+ /* -+ * SSL_CTX_free - free an allocated SSL_CTX object -+ */ -+ void SSL_CTX_free(SSL_CTX *ctx); -+ -+ /* -+ * SSL_set_fd - connect the SSL object with a file descriptor -+ */ -+ int SSL_set_fd(SSL *ssl, int fd); -+ -+ /* -+ * SSL_pending - obtain number of readable bytes buffered in an SSL object -+ */ -+ int SSL_pending(SSL *ssl); -+ -+ /* -+ * SSL_peek - obtain bytes buffered in an SSL object -+ */ -+ int SSL_peek(SSL *ssl, void *buf, int num); -+ -+ /* -+ * SSL_CTX_set_cipher_list - choose list of available SSL_CIPHERs -+ */ -+ int SSL_CTX_set_cipher_list(SSL_CTX *ctx, const char *str); -+ -+ /* -+ * SSL_CTX_set_verify - set peer certificate verification parameters -+ */ -+ void SSL_CTX_set_verify(SSL_CTX *ctx, int mode, -+ int (*verify_callback)(int, X509_STORE_CTX *)); -+ -+ /* -+ * SSL_use_certificate - load certificate -+ */ -+ int SSL_use_certificate(SSL *ssl, X509 *x); -+ -+ /* -+ * SSL_get_current_cipher - get SSL_CIPHER of a connection -+ */ -+ const SSL_CIPHER *SSL_get_current_cipher(SSL *ssl); -+ -+ /* -+ * SSL_set_options - manipulate SSL engine options -+ * Note: These are all mapped to SSL_ctrl so call them as the comment -+ * specifies but know that they use SSL_ctrl. They are #define -+ * so they will map to the one in this class if called as a -+ * member function of this class. -+ */ -+ /* long SSL_set_options(SSL *ssl, long options); */ -+ /* Returns 0 if not reused, 1 if session id is reused */ -+ /* int SSL_session_reused(SSL *ssl); */ -+ long SSL_ctrl(SSL *ssl, int cmd, long larg, char *parg); -+ -+ /* -+ * RAND_egd - set the path to the EGD -+ */ -+ int RAND_egd(const char *path); -+ -+ /* -+ * RAND_file_name -+ */ -+ const char *RAND_file_name(char *buf, size_t num); -+ -+ /* -+ * RAND_load_file -+ */ -+ int RAND_load_file(const char *filename, long max_bytes); -+ -+ /* -+ * RAND_write_file -+ */ -+ int RAND_write_file(const char *filename); -+ -+ /* -+ * TLSv1_client_method - return a TLSv1 client method object -+ */ -+ const SSL_METHOD *TLSv1_client_method(); -+ -+ /* -+ * SSLv23_client_method - return a SSLv23 client method object -+ */ -+ const SSL_METHOD *SSLv23_client_method(); -+ -+ /* -+ * SSL_get_peer_certificate - return the peer's certificate -+ */ -+ X509 *SSL_get_peer_certificate(SSL *s); -+ -+ /* -+ * SSL_get_peer_cert_chain - get the peer's certificate chain -+ */ -+ STACK_OF(X509) *SSL_get_peer_cert_chain(SSL *s); -+ -+ /* -+ * SSL_CIPHER_get_bits - get the number of bits in this cipher -+ */ -+ int SSL_CIPHER_get_bits(SSL_CIPHER *c, int *alg_bits); -+ -+ /* -+ * SSL_CIPHER_get_version - get the version of this cipher -+ */ -+ const char *SSL_CIPHER_get_version(SSL_CIPHER *c); -+ -+ /* -+ * SSL_CIPHER_get_name - get the name of this cipher -+ */ -+ const char *SSL_CIPHER_get_name(SSL_CIPHER *c); -+ -+ /* -+ * SSL_CIPHER_description - get the description of this cipher -+ */ -+ char *SSL_CIPHER_description(SSL_CIPHER *, char *buf, int size); -+ -+ /* -+ * SSL_CTX_use_PrivateKey - set the private key for the session. -+ * - for use with client certificates -+ */ -+ int SSL_CTX_use_PrivateKey(SSL_CTX *ctx, EVP_PKEY *pkey); -+ -+ /* -+ * SSL_CTX_use_certificate - set the client certificate for the session. -+ */ -+ int SSL_CTX_use_certificate(SSL_CTX *ctx, X509 *x); -+ -+ /* -+ * d2i_X509 - Convert a text representation of X509 to an X509 object -+ */ -+ X509 *d2i_X509(X509 **a, const unsigned char **pp, long length); -+ -+ /* -+ * i2d_X509 - Convert an X509 object into a text representation -+ */ -+ int i2d_X509(X509 *a, unsigned char **pp); -+ -+ /* -+ * X509_cmp - compare two X509 objects -+ */ -+ int X509_cmp(X509 *a, X509 *b); -+ -+ /* -+ * X509_dup - duplicate an X509 object -+ */ -+ X509 *X509_dup(X509 *x509); -+ -+ /* -+ * X509_STORE_CTX_new - create an X509 store context -+ */ -+ X509_STORE_CTX *X509_STORE_CTX_new(void); -+ -+ /* -+ * X509_STORE_CTX_free - free up an X509 store context -+ */ -+ void X509_STORE_CTX_free(X509_STORE_CTX *v); -+ -+ /* -+ * X509_STORE_CTX_set_chain - set the certificate chain -+ */ -+ void X509_STORE_CTX_set_chain(X509_STORE_CTX *v, STACK_OF(X509)* x); -+ -+ /* -+ * X509_STORE_CTX_set_purpose - set the purpose of the certificate -+ */ -+ void X509_STORE_CTX_set_purpose(X509_STORE_CTX *v, int purpose); -+ -+ /* -+ * X509_verify_cert - verify the certificate -+ */ -+ int X509_verify_cert(X509_STORE_CTX *v); -+ -+ /* -+ * X509_STORE_new - create an X509 store -+ */ -+ X509_STORE *X509_STORE_new(void); -+ -+ /* -+ * X509_STORE_free - free up an X509 store -+ */ -+ void X509_STORE_free(X509_STORE *v); -+ -+ /* -+ * X509_free - free up an X509 -+ */ -+ void X509_free(X509 *v); -+ -+ /* -+ * X509_NAME_oneline - return the X509 data in a string -+ */ -+ char *X509_NAME_oneline(X509_NAME *a, char *buf, int size); -+ -+ /* -+ * X509_get_subject_name - return the X509_NAME for the subject field -+ */ -+ X509_NAME *X509_get_subject_name(X509 *a); -+ -+ /* -+ * X509_get_issuer_name - return the X509_NAME for the issuer field -+ */ -+ X509_NAME *X509_get_issuer_name(X509 *a); -+ -+ /* -+ * X509_STORE_add_lookup - add a lookup file/method to an X509 store -+ */ -+ X509_LOOKUP *X509_STORE_add_lookup(X509_STORE *v, X509_LOOKUP_METHOD *m); -+ -+ /* -+ * X509_LOOKUP_file - Definition of the LOOKUP_file method -+ */ -+ X509_LOOKUP_METHOD *X509_LOOKUP_file(void); -+ -+ /* -+ * X509_LOOKUP_free - Free an X509_LOOKUP -+ */ -+ void X509_LOOKUP_free(X509_LOOKUP *x); -+ -+ /* -+ * X509_LOOKUP_ctrl - This is not normally called directly (use macros) -+ */ -+ int X509_LOOKUP_ctrl(X509_LOOKUP *ctx, int cmd, const char *argc, long argl, char **ret); -+ -+ /* -+ * X509_STORE_CTX_init - initialize an X509 STORE context -+ */ -+ void X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store, X509 *x509, STACK_OF(X509) *chain); -+ -+ /* -+ * CRYPTO_free - free up an internally allocated object -+ */ -+ void CRYPTO_free(void *x); -+ -+ /* -+ * BIO_new - create new BIO -+ */ -+ BIO *BIO_new(BIO_METHOD *type); -+ -+ /* -+ * BIO methods - only one defined here yet -+ */ -+ const BIO_METHOD *BIO_s_mem(void); -+ -+ /* -+ * BIO_new_fp - nastiness called BIO - used to create BIO* from FILE* -+ */ -+ BIO *BIO_new_fp(FILE *stream, int close_flag); -+ -+ /* -+ * BIO_new_mem_buf - read only BIO from memory region -+ */ -+ BIO *BIO_new_mem_buf(void *buf, int len); -+ -+ /* -+ * BIO_free - nastiness called BIO - used to destroy BIO* -+ */ -+ int BIO_free(BIO *a); -+ -+ /* -+ * BIO_ctrl - BIO control method -+ */ -+ long BIO_ctrl(BIO *bp, int cmd, long larg, void *parg); -+ -+ /* -+ * BIO_write - equivalent to ::write for BIO -+ */ -+ int BIO_write(BIO *b, const void *data, int len); -+ -+ /* -+ * PEM_write_bio_X509 - write a PEM encoded cert to a BIO* -+ */ -+ int PEM_write_bio_X509(BIO *bp, X509 *x); -+ -+ /* -+ * ASN1_d2i_fp - read an X509 from a DER encoded file (buf can be NULL) -+ */ -+ X509 *X509_d2i_fp(FILE *out, X509 **buf); -+ -+ /* -+ * X509_print - print the text form of an X509 -+ */ -+ int X509_print(FILE *fp, X509 *x); -+ -+ /* -+ * Read a PKCS#12 cert from fp -+ */ -+ PKCS12 *d2i_PKCS12_fp(FILE *fp, PKCS12 **p12); -+ -+ /* -+ * Change the password on a PKCS#12 cert -+ */ -+ int PKCS12_newpass(PKCS12 *p12, char *oldpass, char *newpass); -+ -+ /* -+ * Write a PKCS#12 to mem -+ */ -+ int i2d_PKCS12(PKCS12 *p12, unsigned char **p); -+ -+ /* -+ * Write a PKCS#12 to FILE* -+ */ -+ int i2d_PKCS12_fp(FILE *fp, PKCS12 *p12); -+ -+ /* -+ * Create a new PKCS#12 object -+ */ -+ PKCS12 *PKCS12_new(void); -+ -+ /* -+ * Destroy that PKCS#12 that you created! -+ */ -+ void PKCS12_free(PKCS12 *a); -+ -+ /* -+ * Parse the PKCS#12 -+ */ -+ int PKCS12_parse(PKCS12 *p12, const char *pass, EVP_PKEY **pkey, -+ X509 **cert, STACK_OF(X509) **ca); -+ -+ /* -+ * Free the Private Key -+ */ -+ void EVP_PKEY_free(EVP_PKEY *x); -+ -+ /* -+ * Pop off the stack -+ */ -+ char *sk_pop(STACK *s); -+ -+ /* -+ * Free the stack -+ */ -+ void sk_free(STACK *s); - - #if OPENSSL_VERSION_NUMBER >= 0x10000000L -- void sk_free(void *s) { return sk_free(reinterpret_cast<STACK*>(s)); } -+ void sk_free(void *s) -+ { -+ return sk_free(reinterpret_cast<STACK *>(s)); -+ } - #endif - -- /* -- * Number of elements in the stack -- */ -- int sk_num(STACK *s); -- -- -- /* -- * Value of element n in the stack -- */ -- char *sk_value(STACK *s, int n); -+ /* -+ * Number of elements in the stack -+ */ -+ int sk_num(STACK *s); -+ -+ /* -+ * Value of element n in the stack -+ */ -+ char *sk_value(STACK *s, int n); - - #if OPENSSL_VERSION_NUMBER >= 0x10000000L -- char *sk_value(void *s, int n) { return sk_value(reinterpret_cast<STACK*>(s), n); } -+ char *sk_value(void *s, int n) -+ { -+ return sk_value(reinterpret_cast<STACK *>(s), n); -+ } - #endif - -- /* -- * Create a new stack -- */ -- STACK *sk_new(int (*cmp)()); -- -- -- /* -- * Add an element to the stack -- */ -- int sk_push(STACK *s, char *d); -+ /* -+ * Create a new stack -+ */ -+ STACK *sk_new(OPENSSL_sk_compfunc cmp); -+ -+ /* -+ * Add an element to the stack -+ */ -+ int sk_push(STACK *s, char *d); - - #if OPENSSL_VERSION_NUMBER >= 0x10000000L -- int sk_push(void *s, void *d) { return sk_push(reinterpret_cast<STACK*>(s), reinterpret_cast<char*>(d)); } -+ int sk_push(void *s, void *d) -+ { -+ return sk_push(reinterpret_cast<STACK *>(s), reinterpret_cast<char *>(d)); -+ } - #endif - -+ /* -+ * Duplicate the stack -+ */ -+ STACK *sk_dup(STACK *s); -+ -+ /* -+ * Convert an ASN1_INTEGER to its text form -+ */ -+ char *i2s_ASN1_INTEGER(X509V3_EXT_METHOD *meth, ASN1_INTEGER *aint); -+ -+ /* -+ * Get the certificate's serial number -+ */ -+ ASN1_INTEGER *X509_get_serialNumber(X509 *x); -+ -+ /* -+ * Get the certificate's public key -+ */ -+ EVP_PKEY *X509_get_pubkey(X509 *x); -+ -+ /* -+ * Convert the public key to a decimal form -+ */ -+ int i2d_PublicKey(EVP_PKEY *a, unsigned char **pp); -+ -+ /* -+ * Check the private key of a PKCS bundle against the X509 -+ */ -+ int X509_check_private_key(X509 *x, EVP_PKEY *p); -+ -+ /* -+ * Convert a BIGNUM to a hex string -+ */ -+ char *BN_bn2hex(const BIGNUM *a); -+ -+ /* -+ * Compute the digest of an X.509 -+ */ -+ int X509_digest(const X509 *x, const EVP_MD *t, unsigned char *md, unsigned int *len); -+ -+ /* -+ * EVP_md5 -+ */ -+ const EVP_MD *EVP_md5(); -+ -+ /* -+ * ASN1_INTEGER free -+ */ -+ void ASN1_INTEGER_free(ASN1_INTEGER *x); -+ -+ /* -+ * ASN1_STRING_data -+ */ -+ unsigned char *ASN1_STRING_data(ASN1_STRING *x); -+ -+ /* -+ * ASN1_STRING_length -+ */ -+ int ASN1_STRING_length(ASN1_STRING *x); -+ -+ /* -+ * -+ */ -+ int OBJ_obj2nid(ASN1_OBJECT *o); -+ -+ /* -+ * -+ */ -+ const char *OBJ_nid2ln(int n); -+ -+ /* -+ * get the number of extensions -+ */ -+ int X509_get_ext_count(X509 *x); -+ -+ /* -+ * -+ */ -+ int X509_get_ext_by_NID(X509 *x, int nid, int lastpos); -+ -+ /* -+ * -+ */ -+ int X509_get_ext_by_OBJ(X509 *x, ASN1_OBJECT *obj, int lastpos); -+ -+ /* -+ * -+ */ -+ X509_EXTENSION *X509_get_ext(X509 *x, int loc); -+ -+ /* -+ * -+ */ -+ X509_EXTENSION *X509_delete_ext(X509 *x, int loc); -+ -+ /* -+ * -+ */ -+ int X509_add_ext(X509 *x, X509_EXTENSION *ex, int loc); -+ -+ /* -+ * -+ */ -+ void *X509_get_ext_d2i(X509 *x, int nid, int *crit, int *idx); -+ -+ /* -+ * -+ */ -+ char *i2s_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method, ASN1_OCTET_STRING *ia5); -+ -+ /* -+ * -+ */ -+ int ASN1_BIT_STRING_get_bit(ASN1_BIT_STRING *a, int n); -+ -+ /* -+ * -+ */ -+ PKCS7 *PKCS7_new(void); -+ -+ /* -+ * -+ */ -+ void PKCS7_free(PKCS7 *a); -+ -+ /* -+ * -+ */ -+ void PKCS7_content_free(PKCS7 *a); -+ -+ /* -+ * -+ */ -+ int i2d_PKCS7(PKCS7 *a, unsigned char **pp); -+ -+ /* -+ * -+ */ -+ PKCS7 *d2i_PKCS7(PKCS7 **a, const unsigned char **pp, long length); -+ -+ /* -+ * -+ */ -+ int i2d_PKCS7_fp(FILE *fp, PKCS7 *p7); -+ -+ /* -+ * -+ */ -+ PKCS7 *d2i_PKCS7_fp(FILE *fp, PKCS7 **p7); -+ -+ /* -+ * -+ */ -+ int i2d_PKCS7_bio(BIO *bp, PKCS7 *p7); -+ -+ /* -+ * -+ */ -+ PKCS7 *d2i_PKCS7_bio(BIO *bp, PKCS7 **p7); -+ -+ /* -+ * -+ */ -+ PKCS7 *PKCS7_dup(PKCS7 *p7); -+ -+ /* -+ * Create a PKCS7 signature / signed message -+ */ -+ PKCS7 *PKCS7_sign(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs, -+ BIO *data, int flags); -+ -+ /* -+ * Verify a PKCS7 signature. -+ */ -+ int PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store, -+ BIO *indata, BIO *out, int flags); -+ -+ /* -+ * Get signers of a verified PKCS7 signature -+ */ -+ STACK_OF(X509) *PKCS7_get0_signers(PKCS7 *p7, STACK_OF(X509) *certs, int flags); -+ -+ /* -+ * PKCS7 encrypt message -+ */ -+ PKCS7 *PKCS7_encrypt(STACK_OF(X509) *certs, BIO *in, EVP_CIPHER *cipher, -+ int flags); -+ -+ /* -+ * decrypt PKCS7 message -+ */ -+ int PKCS7_decrypt(PKCS7 *p7, EVP_PKEY *pkey, X509 *cert, BIO *data, int flags); -+ -+ /* -+ * Load a CA list file. -+ */ -+ STACK_OF(X509_NAME) *SSL_load_client_CA_file(const char *file); -+ -+ /* -+ * Load a file of PEM encoded objects. -+ */ -+ STACK_OF(X509_INFO) *PEM_X509_INFO_read(FILE *fp, STACK_OF(X509_INFO) *sk, -+ pem_password_cb *cb, void *u); -+ -+ /* -+ * Get the number of purposes available -+ */ -+ int X509_PURPOSE_get_count(); -+ -+ /* -+ * Get the ID of a purpose -+ */ -+ int X509_PURPOSE_get_id(X509_PURPOSE *); -+ -+ /* -+ * Check the existence of purpose id "id" in x. for CA, set ca = 1, else 0 -+ */ -+ int X509_check_purpose(X509 *x, int id, int ca); -+ -+ /* -+ * Get the purpose with index #idx -+ */ -+ X509_PURPOSE *X509_PURPOSE_get0(int idx); -+ -+ /* -+ * Create a new Private KEY -+ */ -+ EVP_PKEY *EVP_PKEY_new(); -+ -+ /* -+ * Assign a private key -+ */ -+ int EVP_PKEY_assign(EVP_PKEY *pkey, int type, char *key); -+ -+ /* -+ * Generate a RSA key -+ */ -+ RSA *RSA_generate_key(int bits, unsigned long e, void -+ (*callback)(int, int, void *), void *cb_arg); -+ -+ /* -+ * Create/destroy a certificate request -+ */ -+ X509_REQ *X509_REQ_new(); -+ void X509_REQ_free(X509_REQ *a); -+ -+ /* -+ * Set the public key in the REQ object -+ */ -+ int X509_REQ_set_pubkey(X509_REQ *x, EVP_PKEY *pkey); -+ -+ /* for testing */ -+ int i2d_X509_REQ_fp(FILE *fp, X509_REQ *x); -+ -+ /* SMime support */ -+ STACK *X509_get1_email(X509 *x); -+ void X509_email_free(STACK *sk); -+ -+ /* Ciphers needed for SMime */ -+ const EVP_CIPHER *EVP_des_ede3_cbc(); -+ const EVP_CIPHER *EVP_des_cbc(); -+ const EVP_CIPHER *EVP_rc2_cbc(); -+ const EVP_CIPHER *EVP_rc2_64_cbc(); -+ const EVP_CIPHER *EVP_rc2_40_cbc(); -+ -+ /* clear the current error - use this often*/ -+ void ERR_clear_error(); -+ -+ /* retrieve the latest error */ -+ unsigned long ERR_get_error(); -+ -+ /* Print the errors to this stream */ -+ void ERR_print_errors_fp(FILE *fp); -+ -+ /* Get a pointer to the SSL session id (reference counted) */ -+ SSL_SESSION *SSL_get1_session(SSL *ssl); -+ -+ /* Frees a pointer to the SSL session id (reference decremented if needed) */ -+ void SSL_SESSION_free(SSL_SESSION *session); -+ -+ /* Set the SSL session to reuse. */ -+ int SSL_set_session(SSL *ssl, SSL_SESSION *session); -+ -+ /* Decode ASN.1 to SSL_SESSION */ -+ SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp, long length); -+ /* Encode SSL_SESSION to ASN.1 */ -+ int i2d_SSL_SESSION(SSL_SESSION *in, unsigned char **pp); -+ -+ /* Write privatekey to FILE stream */ -+ int i2d_PrivateKey_fp(FILE *, EVP_PKEY *); -+ -+ /* Write PKCS#8privatekey to FILE stream */ -+ int i2d_PKCS8PrivateKey_fp(FILE *, EVP_PKEY *, const EVP_CIPHER *, char *, int, pem_password_cb *, void *); -+ -+ /* Free RSA structure */ -+ void RSA_free(RSA *); -+ -+ /* Get a blowfish CBC pointer */ -+ const EVP_CIPHER *EVP_bf_cbc(); -+ -+ /* Sign a CSR */ -+ int X509_REQ_sign(X509_REQ *, EVP_PKEY *, const EVP_MD *); -+ -+ /* add a name entry */ -+ int X509_NAME_add_entry_by_txt(X509_NAME *, char *, int, unsigned char *, int, int, int); - -- /* -- * Duplicate the stack -- */ -- STACK *sk_dup(STACK *s); -- -- -- /* -- * Convert an ASN1_INTEGER to its text form -- */ -- char *i2s_ASN1_INTEGER(X509V3_EXT_METHOD *meth, ASN1_INTEGER *aint); -- -- -- /* -- * Get the certificate's serial number -- */ -- ASN1_INTEGER *X509_get_serialNumber(X509 *x); -- -- -- /* -- * Get the certificate's public key -- */ -- EVP_PKEY *X509_get_pubkey(X509 *x); -- -- -- /* -- * Convert the public key to a decimal form -- */ -- int i2d_PublicKey(EVP_PKEY *a, unsigned char **pp); -- -- -- /* -- * Check the private key of a PKCS bundle against the X509 -- */ -- int X509_check_private_key(X509 *x, EVP_PKEY *p); -- -- -- /* -- * Convert a BIGNUM to a hex string -- */ -- char *BN_bn2hex(const BIGNUM *a); -- -- -- /* -- * Compute the digest of an X.509 -- */ -- int X509_digest(const X509 *x,const EVP_MD *t, unsigned char *md, unsigned int *len); -- -- -- /* -- * EVP_md5 -- */ -- EVP_MD *EVP_md5(); -- -- -- /* -- * ASN1_INTEGER free -- */ -- void ASN1_INTEGER_free(ASN1_INTEGER *x); -- -- -- /* -- * ASN1_STRING_data -- */ -- unsigned char *ASN1_STRING_data(ASN1_STRING *x); -- -- /* -- * ASN1_STRING_length -- */ -- int ASN1_STRING_length(ASN1_STRING *x); -- -- /* -- * -- */ -- int OBJ_obj2nid(ASN1_OBJECT *o); -- -- /* -- * -- */ -- const char * OBJ_nid2ln(int n); -- -- /* -- * get the number of extensions -- */ -- int X509_get_ext_count(X509 *x); -- -- /* -- * -- */ -- int X509_get_ext_by_NID(X509 *x, int nid, int lastpos); -- -- /* -- * -- */ -- int X509_get_ext_by_OBJ(X509 *x,ASN1_OBJECT *obj,int lastpos); -- -- /* -- * -- */ -- X509_EXTENSION *X509_get_ext(X509 *x, int loc); -- -- /* -- * -- */ -- X509_EXTENSION *X509_delete_ext(X509 *x, int loc); -- -- /* -- * -- */ -- int X509_add_ext(X509 *x, X509_EXTENSION *ex, int loc); -- -- /* -- * -- */ -- void *X509_get_ext_d2i(X509 *x, int nid, int *crit, int *idx); -- -- /* -- * -- */ -- char *i2s_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method, ASN1_OCTET_STRING *ia5); -- -- /* -- * -- */ -- int ASN1_BIT_STRING_get_bit(ASN1_BIT_STRING *a, int n); -- -- /* -- * -- */ -- PKCS7 *PKCS7_new(void); -- -- /* -- * -- */ -- void PKCS7_free(PKCS7 *a); -- -- /* -- * -- */ -- void PKCS7_content_free(PKCS7 *a); -- -- /* -- * -- */ -- int i2d_PKCS7(PKCS7 *a, unsigned char **pp); -- -- /* -- * -- */ -- PKCS7 *d2i_PKCS7(PKCS7 **a, unsigned char **pp,long length); -- -- /* -- * -- */ -- int i2d_PKCS7_fp(FILE *fp,PKCS7 *p7); -- -- /* -- * -- */ -- PKCS7 *d2i_PKCS7_fp(FILE *fp,PKCS7 **p7); -- -- /* -- * -- */ -- int i2d_PKCS7_bio(BIO *bp,PKCS7 *p7); -- -- /* -- * -- */ -- PKCS7 *d2i_PKCS7_bio(BIO *bp,PKCS7 **p7); -- -- /* -- * -- */ -- PKCS7 *PKCS7_dup(PKCS7 *p7); -- -- /* -- * Create a PKCS7 signature / signed message -- */ -- PKCS7 *PKCS7_sign(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs, -- BIO *data, int flags); -- -- /* -- * Verify a PKCS7 signature. -- */ -- int PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store, -- BIO *indata, BIO *out, int flags); -- -- /* -- * Get signers of a verified PKCS7 signature -- */ -- STACK_OF(X509) *PKCS7_get0_signers(PKCS7 *p7, STACK_OF(X509) *certs, int flags); -- -- /* -- * PKCS7 encrypt message -- */ -- PKCS7 *PKCS7_encrypt(STACK_OF(X509) *certs, BIO *in, EVP_CIPHER *cipher, -- int flags); -- -- /* -- * decrypt PKCS7 message -- */ -- int PKCS7_decrypt(PKCS7 *p7, EVP_PKEY *pkey, X509 *cert, BIO *data, int flags); -- -- -- /* -- * Load a CA list file. -- */ -- STACK_OF(X509_NAME) *SSL_load_client_CA_file(const char *file); -- -- /* -- * Load a file of PEM encoded objects. -- */ -- STACK_OF(X509_INFO) *PEM_X509_INFO_read(FILE *fp, STACK_OF(X509_INFO) *sk, -- pem_password_cb *cb, void *u); -- -- /* -- * Get the number of purposes available -- */ -- int X509_PURPOSE_get_count(); -- -- -- /* -- * Get the ID of a purpose -- */ -- int X509_PURPOSE_get_id(X509_PURPOSE *); -- -- -- /* -- * Check the existence of purpose id "id" in x. for CA, set ca = 1, else 0 -- */ -- int X509_check_purpose(X509 *x, int id, int ca); -- -- -- /* -- * Get the purpose with index #idx -- */ -- X509_PURPOSE * X509_PURPOSE_get0(int idx); -- -- -- /* -- * Create a new Private KEY -- */ -- EVP_PKEY* EVP_PKEY_new(); -- -- -- /* -- * Assign a private key -- */ -- int EVP_PKEY_assign(EVP_PKEY *pkey, int type, char *key); -- -- -- /* -- * Generate a RSA key -- */ -- RSA *RSA_generate_key(int bits, unsigned long e, void -- (*callback)(int,int,void *), void *cb_arg); -- -- -- /* -- * Create/destroy a certificate request -- */ -- X509_REQ *X509_REQ_new(); -- void X509_REQ_free(X509_REQ *a); -- -- -- /* -- * Set the public key in the REQ object -- */ -- int X509_REQ_set_pubkey(X509_REQ *x, EVP_PKEY *pkey); -- -- /* for testing */ -- int i2d_X509_REQ_fp(FILE *fp, X509_REQ *x); -- -- /* SMime support */ -- STACK *X509_get1_email(X509 *x); -- void X509_email_free(STACK *sk); -- -- /* Ciphers needed for SMime */ -- EVP_CIPHER *EVP_des_ede3_cbc(); -- EVP_CIPHER *EVP_des_cbc(); -- EVP_CIPHER *EVP_rc2_cbc(); -- EVP_CIPHER *EVP_rc2_64_cbc(); -- EVP_CIPHER *EVP_rc2_40_cbc(); -- -- /* clear the current error - use this often*/ -- void ERR_clear_error(); -- -- /* retrieve the latest error */ -- unsigned long ERR_get_error(); -- -- /* Print the errors to this stream */ -- void ERR_print_errors_fp(FILE *fp); -- -- /* Get a pointer to the SSL session id (reference counted) */ -- SSL_SESSION *SSL_get1_session(SSL *ssl); -- -- /* Frees a pointer to the SSL session id (reference decremented if needed) */ -- void SSL_SESSION_free(SSL_SESSION *session); -- -- /* Set the SSL session to reuse. */ -- int SSL_set_session(SSL *ssl, SSL_SESSION *session); -- -- /* Decode ASN.1 to SSL_SESSION */ -- SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a, unsigned char **pp, long length); -- /* Encode SSL_SESSION to ASN.1 */ -- int i2d_SSL_SESSION(SSL_SESSION *in, unsigned char **pp); -- -- /* Write privatekey to FILE stream */ -- int i2d_PrivateKey_fp(FILE*, EVP_PKEY*); -- -- /* Write PKCS#8privatekey to FILE stream */ -- int i2d_PKCS8PrivateKey_fp(FILE*, EVP_PKEY*, const EVP_CIPHER*, char*, int, pem_password_cb*, void*); -- -- /* Free RSA structure */ -- void RSA_free(RSA*); -- -- /* Get a blowfish CBC pointer */ -- EVP_CIPHER *EVP_bf_cbc(); -- -- /* Sign a CSR */ -- int X509_REQ_sign(X509_REQ*, EVP_PKEY*, const EVP_MD*); -- -- /* add a name entry */ -- int X509_NAME_add_entry_by_txt(X509_NAME*, char*, int, unsigned char*, int, int, int); -- -- /* Create a name */ -- X509_NAME *X509_NAME_new(); -+ /* Create a name */ -+ X509_NAME *X509_NAME_new(); - -- /* Set the subject */ -- int X509_REQ_set_subject_name(X509_REQ*,X509_NAME*); -+ /* Set the subject */ -+ int X509_REQ_set_subject_name(X509_REQ *, X509_NAME *); - -- /* get list of available SSL_CIPHER's sorted by preference */ -- STACK_OF(SSL_CIPHER) *SSL_get_ciphers(const SSL* ssl); -+ /* get list of available SSL_CIPHER's sorted by preference */ -+ STACK_OF(SSL_CIPHER) *SSL_get_ciphers(const SSL *ssl); - - #endif - - private: -- friend class KOpenSSLProxyPrivate; -- KOpenSSLProxy(); -- ~KOpenSSLProxy(); -- KOpenSSLProxyPrivate * const d; -+ friend class KOpenSSLProxyPrivate; -+ KOpenSSLProxy(); -+ ~KOpenSSLProxy(); -+ KOpenSSLProxyPrivate *const d; - }; - - #endif ---- kdelibs-4.14.26/kio/kssl/ksslcallback.c.omv~ 2016-11-14 21:58:51.376629071 +0100 -+++ kdelibs-4.14.26/kio/kssl/ksslcallback.c 2016-11-14 22:35:01.105257670 +0100 -@@ -28,7 +28,7 @@ bool KSSL_X509CallBack_ca_found; - extern "C" { - static int X509Callback(int ok, X509_STORE_CTX *ctx) { - -- kDebug(7029) << "X509Callback: ok = " << ok << " error = " << ctx->error << " depth = " << ctx->error_depth; -+ //kDebug(7029) << "X509Callback: ok = " << ok << " error = " << ctx->error << " depth = " << ctx->error_depth; - // Here is how this works. We put "ok = 1;" in any case that we - // don't consider to be an error. In that case, it will return OK - // for the certificate check as long as there are no other critical -@@ -39,14 +39,14 @@ static int X509Callback(int ok, X509_STO - - if (KSSL_X509CallBack_ca) - { -- if (KOSSL::self()->X509_cmp(ctx->current_cert, KSSL_X509CallBack_ca) != 0) -+ if (KOSSL::self()->X509_cmp(X509_STORE_CTX_get0_cert(ctx), KSSL_X509CallBack_ca) != 0) - return 1; // Ignore errors for this certificate - - KSSL_X509CallBack_ca_found = true; - } - - if (!ok) { -- switch (ctx->error) { -+ switch (X509_STORE_CTX_get_error(ctx)) { - case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT: - case X509_V_ERR_UNABLE_TO_GET_CRL: - case X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE: ---- kdelibs-4.14.26/kio/kssl/ksslcertchain.cpp.omv~ 2016-11-14 21:58:51.376629071 +0100 -+++ kdelibs-4.14.26/kio/kssl/ksslcertchain.cpp 2016-11-14 22:06:34.088906036 +0100 -@@ -44,16 +44,6 @@ - #include <kdebug.h> - #include <QtCore/QStringList> - --#ifdef KSSL_HAVE_SSL --#define sk_new d->kossl->sk_new --#define sk_push d->kossl->sk_push --#define sk_free d->kossl->sk_free --#define sk_value d->kossl->sk_value --#define sk_num d->kossl->sk_num --#define sk_dup d->kossl->sk_dup --#define sk_pop d->kossl->sk_pop --#endif -- - class KSSLCertChainPrivate { - public: - KSSLCertChainPrivate() { ---- kdelibs-4.14.26/kio/kssl/ksslcertificate.cpp.omv~ 2016-11-07 00:11:51.000000000 +0100 -+++ kdelibs-4.14.26/kio/kssl/ksslcertificate.cpp 2016-11-14 22:36:42.514225601 +0100 -@@ -150,7 +150,7 @@ KSSLCertificate *KSSLCertificate::fromSt - } - - QByteArray qba = QByteArray::fromBase64(cert); -- unsigned char *qbap = reinterpret_cast<unsigned char *>(qba.data()); -+ const unsigned char *qbap = reinterpret_cast<unsigned char *>(qba.data()); - X509 *x5c = KOSSL::self()->d2i_X509(NULL, &qbap, qba.size()); - if (!x5c) { - return NULL; -@@ -173,7 +173,7 @@ QString KSSLCertificate::getSubject() co - return rc; - } - rc = t; -- d->kossl->OPENSSL_free(t); -+ OPENSSL_free(t); - #endif - return rc; - } -@@ -200,14 +200,19 @@ QString KSSLCertificate::getSignatureTex - char *s; - int n, i; - -- i = d->kossl->OBJ_obj2nid(d->m_cert->sig_alg->algorithm); -+ i = X509_get_signature_nid(d->m_cert); - rc = i18n("Signature Algorithm: "); - rc += (i == NID_undef)?i18n("Unknown"):QString(d->kossl->OBJ_nid2ln(i)); - - rc += '\n'; - rc += i18n("Signature Contents:"); -- n = d->m_cert->signature->length; -- s = (char *)d->m_cert->signature->data; -+ -+ const ASN1_BIT_STRING *sig; -+ const X509_ALGOR *alg; -+ X509_get0_signature(&sig, &alg, d->m_cert); -+ n = sig->length; -+ s = (char*)sig->data; -+ - for (i = 0; i < n; ++i) { - if (i%20 != 0) { - rc += ':'; -@@ -234,7 +239,7 @@ void KSSLCertificate::getEmails(QStringL - - STACK *s = d->kossl->X509_get1_email(d->m_cert); - if (s) { -- for(int n=0; n < s->num; n++) { -+ for(int n=0; n < OPENSSL_sk_num(s); n++) { - to.append(d->kossl->sk_value(s,n)); - } - d->kossl->X509_email_free(s); -@@ -317,13 +322,13 @@ QString rc = ""; - EVP_PKEY *pkey = d->kossl->X509_get_pubkey(d->m_cert); - if (pkey) { - #ifndef NO_RSA -- if (pkey->type == EVP_PKEY_RSA) { -+ if (EVP_PKEY_id(pkey) == EVP_PKEY_RSA) { - rc = "RSA"; - } - else - #endif - #ifndef NO_DSA -- if (pkey->type == EVP_PKEY_DSA) { -+ if (EVP_PKEY_id(pkey) == EVP_PKEY_DSA) { - rc = "DSA"; - } - else -@@ -347,8 +352,10 @@ char *x = NULL; - if (pkey) { - rc = i18nc("Unknown", "Unknown key algorithm"); - #ifndef NO_RSA -- if (pkey->type == EVP_PKEY_RSA) { -- x = d->kossl->BN_bn2hex(pkey->pkey.rsa->n); -+ if (EVP_PKEY_id(pkey) == EVP_PKEY_RSA) { -+ const BIGNUM *n, *e; -+ RSA_get0_key(EVP_PKEY_get1_RSA(pkey), &n, &e, NULL); -+ x = d->kossl->BN_bn2hex(n); - rc = i18n("Key type: RSA (%1 bit)", strlen(x)*4) + '\n'; - - rc += i18n("Modulus: "); -@@ -362,17 +369,19 @@ char *x = NULL; - rc += x[i]; - } - rc += '\n'; -- d->kossl->OPENSSL_free(x); -+ ::OPENSSL_free(x); - -- x = d->kossl->BN_bn2hex(pkey->pkey.rsa->e); -+ x = d->kossl->BN_bn2hex(e); - rc += i18n("Exponent: 0x") + QLatin1String(x) + - QLatin1String("\n"); -- d->kossl->OPENSSL_free(x); -+ ::OPENSSL_free(x); - } - #endif - #ifndef NO_DSA -- if (pkey->type == EVP_PKEY_DSA) { -- x = d->kossl->BN_bn2hex(pkey->pkey.dsa->p); -+ if (EVP_PKEY_id(pkey) == EVP_PKEY_DSA) { -+ const BIGNUM *p, *q, *g; -+ DSA_get0_pqg(EVP_PKEY_get1_DSA(pkey), &p, &q, &g); -+ x = d->kossl->BN_bn2hex(p); - // hack - this may not be always accurate - rc = i18n("Key type: DSA (%1 bit)", strlen(x)*4) + '\n'; - -@@ -387,9 +396,9 @@ char *x = NULL; - rc += x[i]; - } - rc += '\n'; -- d->kossl->OPENSSL_free(x); -+ ::OPENSSL_free(x); - -- x = d->kossl->BN_bn2hex(pkey->pkey.dsa->q); -+ x = d->kossl->BN_bn2hex(q); - rc += i18n("160 bit prime factor: "); - for (unsigned int i = 0; i < strlen(x); i++) { - if (i%40 != 0 && i%2 == 0) { -@@ -401,9 +410,9 @@ char *x = NULL; - rc += x[i]; - } - rc += '\n'; -- d->kossl->OPENSSL_free(x); -+ ::OPENSSL_free(x); - -- x = d->kossl->BN_bn2hex(pkey->pkey.dsa->g); -+ x = d->kossl->BN_bn2hex(g); - rc += QString("g: "); - for (unsigned int i = 0; i < strlen(x); i++) { - if (i%40 != 0 && i%2 == 0) { -@@ -415,9 +424,11 @@ char *x = NULL; - rc += x[i]; - } - rc += '\n'; -- d->kossl->OPENSSL_free(x); -+ ::OPENSSL_free(x); - -- x = d->kossl->BN_bn2hex(pkey->pkey.dsa->pub_key); -+ const BIGNUM *pub; -+ DSA_get0_key(EVP_PKEY_get1_DSA(pkey), &pub, NULL); -+ x = d->kossl->BN_bn2hex(pub); - rc += i18n("Public key: "); - for (unsigned int i = 0; i < strlen(x); i++) { - if (i%40 != 0 && i%2 == 0) { -@@ -429,7 +440,7 @@ char *x = NULL; - rc += x[i]; - } - rc += '\n'; -- d->kossl->OPENSSL_free(x); -+ ::OPENSSL_free(x); - } - #endif - d->kossl->EVP_PKEY_free(pkey); -@@ -452,7 +463,7 @@ QString rc = ""; - } - - rc = t; -- d->kossl->OPENSSL_free(t); -+ OPENSSL_free(t); - #endif - - return rc; -@@ -724,9 +735,9 @@ KSSLCertificate::KSSLValidationList KSSL - KSSL_X509CallBack_ca = ca ? ca->d->m_cert : 0; - KSSL_X509CallBack_ca_found = false; - -- certStoreCTX->error = X509_V_OK; -+ X509_STORE_CTX_set_error(certStoreCTX, X509_V_OK); - rc = d->kossl->X509_verify_cert(certStoreCTX); -- int errcode = certStoreCTX->error; -+ int errcode = X509_STORE_CTX_get_error(certStoreCTX); - if (ca && !KSSL_X509CallBack_ca_found) { - ksslv = KSSLCertificate::Irrelevant; - } else { -@@ -739,9 +750,9 @@ KSSLCertificate::KSSLValidationList KSSL - d->kossl->X509_STORE_CTX_set_purpose(certStoreCTX, - X509_PURPOSE_NS_SSL_SERVER); - -- certStoreCTX->error = X509_V_OK; -+ X509_STORE_CTX_set_error(certStoreCTX, X509_V_OK); - rc = d->kossl->X509_verify_cert(certStoreCTX); -- errcode = certStoreCTX->error; -+ errcode = X509_STORE_CTX_get_error(certStoreCTX); - ksslv = processError(errcode); - } - d->kossl->X509_STORE_CTX_free(certStoreCTX); -@@ -1210,7 +1221,7 @@ typedef struct NETSCAPE_X509_st - // what a piece of crap this is - QByteArray KSSLCertificate::toNetscape() { - QByteArray qba; --#ifdef KSSL_HAVE_SSL -+#if defined(KSSL_HAVE_SSL) && OPENSSL_VERSION_NUMBER < 0x01001000L - NETSCAPE_X509 nx; - ASN1_OCTET_STRING hdr; - KTemporaryFile ktf; -@@ -1262,7 +1273,7 @@ bool KSSLCertificate::setCert(const QStr - #ifdef KSSL_HAVE_SSL - QByteArray qba, qbb = cert.toLocal8Bit(); - qba = QByteArray::fromBase64(qbb); -- unsigned char *qbap = reinterpret_cast<unsigned char *>(qba.data()); -+ const unsigned char *qbap = reinterpret_cast<const unsigned char *>(qba.data()); - X509 *x5c = KOSSL::self()->d2i_X509(NULL, &qbap, qba.size()); - if (x5c) { - setCert(x5c); -@@ -1293,7 +1304,7 @@ QStringList KSSLCertificate::subjAltName - return rc; - } - -- int cnt = d->kossl->sk_GENERAL_NAME_num(names); -+ int cnt = sk_GENERAL_NAME_num(names); - - for (int i = 0; i < cnt; i++) { - const GENERAL_NAME *val = (const GENERAL_NAME *)d->kossl->sk_value(names, i); ---- kdelibs-4.14.26/kio/kssl/kssl.cpp.omv~ 2016-11-14 21:58:51.377629047 +0100 -+++ kdelibs-4.14.26/kio/kssl/kssl.cpp 2016-11-14 22:12:02.469660694 +0100 -@@ -70,7 +70,7 @@ public: - #ifdef KSSL_HAVE_SSL - SSL *m_ssl; - SSL_CTX *m_ctx; -- SSL_METHOD *m_meth; -+ const SSL_METHOD *m_meth; - #endif - KOSSL *kossl; - }; ---- kdelibs-4.14.26/kio/kssl/ksslutils.cpp.omv~ 2016-11-14 21:58:51.377629047 +0100 -+++ kdelibs-4.14.26/kio/kssl/ksslutils.cpp 2016-11-14 22:37:20.481117236 +0100 -@@ -84,7 +84,7 @@ QString ASN1_UTCTIME_QString(ASN1_UTCTIM - QString ASN1_INTEGER_QString(ASN1_INTEGER *aint) { - char *rep = KOSSL::self()->i2s_ASN1_INTEGER(NULL, aint); - QString yy = rep; --KOSSL::self()->OPENSSL_free(rep); -+::OPENSSL_free(rep); - return yy; - } - diff --git a/source/l/mozilla-nss/mozilla-nss.SlackBuild b/source/l/mozilla-nss/mozilla-nss.SlackBuild index 37cfc795..c266cf66 100755 --- a/source/l/mozilla-nss/mozilla-nss.SlackBuild +++ b/source/l/mozilla-nss/mozilla-nss.SlackBuild @@ -26,7 +26,7 @@ cd $(dirname $0) ; CWD=$(pwd) PKGNAM=mozilla-nss SRCNAM=nss -VERSION=${VERSION:-3.58} +VERSION=${VERSION:-3.57} NSPR=${NSPR:-4.29} BUILD=${BUILD:-1} |