diff options
Diffstat (limited to 'source/kde/patch')
-rw-r--r-- | source/kde/patch/kdelibs.patch | 2 | ||||
-rw-r--r-- | source/kde/patch/kdelibs/0001-Make-kssl-compile-against-OpenSSL-1.1.0.patch | 1000 | ||||
-rw-r--r-- | source/kde/patch/kdelibs/kdelibs-openssl-1.1.patch | 4007 |
3 files changed, 1001 insertions, 4008 deletions
diff --git a/source/kde/patch/kdelibs.patch b/source/kde/patch/kdelibs.patch index e74d8bf0..f102b8a3 100644 --- a/source/kde/patch/kdelibs.patch +++ b/source/kde/patch/kdelibs.patch @@ -13,7 +13,7 @@ zcat $CWD/patch/kdelibs/coding-style-fixes.patch.gz | patch -R -p1 --verbose || zcat $CWD/patch/kdelibs/return-application-icons-properly.patch.gz | patch -R -p1 --verbose || { touch ${SLACK_KDE_BUILD_DIR}/${PKGNAME}.failed ; continue ; } # Support OpenSSL-1.1.x: -zcat $CWD/patch/kdelibs/kdelibs-openssl-1.1.patch.gz | patch -p1 --verbose || { touch ${SLACK_KDE_BUILD_DIR}/${PKGNAME}.failed ; continue ; } +zcat $CWD/patch/kdelibs/0001-Make-kssl-compile-against-OpenSSL-1.1.0.patch.gz | patch -p1 --verbose || { touch ${SLACK_KDE_BUILD_DIR}/${PKGNAME}.failed ; continue ; } # Security: remove support for $(...) in config keys with [$e] marker. (CVE-2019-14744) zcat $CWD/patch/kdelibs/kdelibs.2c3762feddf7e66cf6b64d9058f625a715694a00.patch.gz | patch -p1 --verbose || { touch ${SLACK_KDE_BUILD_DIR}/${PKGNAME}.failed ; continue ; } diff --git a/source/kde/patch/kdelibs/0001-Make-kssl-compile-against-OpenSSL-1.1.0.patch b/source/kde/patch/kdelibs/0001-Make-kssl-compile-against-OpenSSL-1.1.0.patch new file mode 100644 index 00000000..69474edd --- /dev/null +++ b/source/kde/patch/kdelibs/0001-Make-kssl-compile-against-OpenSSL-1.1.0.patch @@ -0,0 +1,1000 @@ +From a015996bb55bbd63d94b227a2c82d0d97cd86ae8 Mon Sep 17 00:00:00 2001 +From: Wolfgang Bauer <wbauer@tmo.at> +Date: Wed, 25 Oct 2017 07:49:32 +0200 +Subject: [PATCH] Make kssl compile against OpenSSL 1.1.0 + +OpenSSL 1.1.0 contains some source-incompatible changes, most notably +making most of the structures opaque and introducing new getter/setter +functions to modify the structures. This patch adds some of the newly +introduced functions to the KOpenSSL class and modifies the code to +call them. The implementation of those newly introduced methods +contains both OpenSSL < 1.1 compatible code (direct structure member +access) and calls to real functions resolved from OpenSSL>= 1.1 +library. Which implementation is used is decided at compile time. Some +of the existing methods were renamed to match the OpenSSL 1.1 naming +and to avoid conflicts with backward-compatibility names provided by +OpenSSL 1.1. + +KSSLCertificate::toNetscape() returns empty result when built against +OpenSSL 1.1 since I wasn't able to find a proper equivalent in OpenSSL +1.1 API (and there does not seem to be any). + +(Backport of commit 9a990c69c606126bcd60cd7718462aec2a92460d from +kdelibs4support) +--- + kio/kssl/kopenssl.cpp | 250 ++++++++++++++++++++++++++++++++++++++----- + kio/kssl/kopenssl.h | 80 ++++++++++++-- + kio/kssl/kssl.cpp | 4 - + kio/kssl/ksslcallback.c | 6 +- + kio/kssl/ksslcertchain.cpp | 53 +++------ + kio/kssl/ksslcertificate.cpp | 68 +++++++----- + 6 files changed, 351 insertions(+), 110 deletions(-) + +diff --git a/kio/kssl/kopenssl.cpp b/kio/kssl/kopenssl.cpp +index e3ca535b25..8f8b921159 100644 +--- a/kio/kssl/kopenssl.cpp ++++ b/kio/kssl/kopenssl.cpp +@@ -75,18 +75,26 @@ static void (*K_X509_STORE_CTX_free) (X509_STORE_CTX *) = 0L; + static int (*K_X509_verify_cert) (X509_STORE_CTX *) = 0L; + static X509_STORE_CTX *(*K_X509_STORE_CTX_new) (void) = 0L; + static void (*K_X509_STORE_free) (X509_STORE *) = 0L; ++static void (*K_X509_STORE_set_verify_cb)(X509_STORE *, int (*)(int, X509_STORE_CTX *)) = 0L; + static X509_STORE *(*K_X509_STORE_new) (void) = 0L; + static void (*K_X509_free) (X509 *) = 0L; + static char *(*K_X509_NAME_oneline) (X509_NAME *,char *,int) = 0L; + static X509_NAME *(*K_X509_get_subject_name) (X509 *) = 0L; + static X509_NAME *(*K_X509_get_issuer_name) (X509 *) = 0L; ++static void (*K_X509_get0_signature)(const ASN1_BIT_STRING **psig, const X509_ALGOR **palg, const X509 *x) = 0L; + static X509_LOOKUP *(*K_X509_STORE_add_lookup) (X509_STORE *, X509_LOOKUP_METHOD *) = 0L; + static X509_LOOKUP_METHOD *(*K_X509_LOOKUP_file)(void) = 0L; + static void (*K_X509_LOOKUP_free)(X509_LOOKUP *) = 0L; + static int (*K_X509_LOOKUP_ctrl)(X509_LOOKUP *, int, const char *, long, char **) = 0L; + static void (*K_X509_STORE_CTX_init)(X509_STORE_CTX *, X509_STORE *, X509 *, STACK_OF(X509) *) = 0L; ++#if OPENSSL_VERSION_NUMBER < 0x10100000L + static void (*K_CRYPTO_free) (void *) = 0L; ++#else ++static void (*K_CRYPTO_free)(void *, const char *, int) = 0L; ++#endif + static X509* (*K_X509_dup) (X509 *) = 0L; ++static ASN1_TIME *(*K_X509_getm_notBefore)(const X509 *) = 0L; ++static ASN1_TIME *(*K_X509_getm_notAfter)(const X509 *) = 0L; + static BIO_METHOD *(*K_BIO_s_mem) (void) = 0L; + static BIO* (*K_BIO_new) (BIO_METHOD *) = 0L; + static BIO* (*K_BIO_new_fp) (FILE *, int) = 0L; +@@ -118,13 +126,16 @@ static int (*K_SSL_get_error) (SSL*, int) = 0L; + static STACK_OF(X509)* (*K_SSL_get_peer_cert_chain) (SSL*) = 0L; + static void (*K_X509_STORE_CTX_set_chain) (X509_STORE_CTX *, STACK_OF(X509)*) = 0L; + static void (*K_X509_STORE_CTX_set_purpose) (X509_STORE_CTX *, int) = 0L; +-static void (*K_sk_free) (STACK*) = 0L; +-static int (*K_sk_num) (STACK*) = 0L; +-static char* (*K_sk_pop) (STACK*) = 0L; +-static char* (*K_sk_value) (STACK*, int) = 0L; +-static STACK* (*K_sk_new) (int (*)()) = 0L; +-static int (*K_sk_push) (STACK*, char*) = 0L; +-static STACK* (*K_sk_dup) (STACK *) = 0L; ++static X509 *(*K_X509_STORE_CTX_get_current_cert)(X509_STORE_CTX *) = 0L; ++static void (*K_X509_STORE_CTX_set_error)(X509_STORE_CTX *, int) = 0L; ++static int (*K_X509_STORE_CTX_get_error)(X509_STORE_CTX *) = 0L; ++static void (*K_OPENSSL_sk_free)(STACK *) = 0L; ++static int (*K_OPENSSL_sk_num)(STACK *) = 0L; ++static char *(*K_OPENSSL_sk_pop)(STACK *) = 0L; ++static char *(*K_OPENSSL_sk_value)(STACK *, int) = 0L; ++static STACK *(*K_OPENSSL_sk_new)(int (*)()) = 0L; ++static int (*K_OPENSSL_sk_push)(STACK *, char *) = 0L; ++static STACK *(*K_OPENSSL_sk_dup)(STACK *) = 0L; + static char * (*K_i2s_ASN1_INTEGER) (X509V3_EXT_METHOD *, ASN1_INTEGER *) =0L; + static ASN1_INTEGER * (*K_X509_get_serialNumber) (X509 *) = 0L; + static EVP_PKEY *(*K_X509_get_pubkey)(X509 *) = 0L; +@@ -164,6 +175,12 @@ static int (*K_X509_PURPOSE_get_id)(X509_PURPOSE *) = 0L; + static int (*K_X509_check_purpose)(X509*,int,int) = 0L; + static X509_PURPOSE* (*K_X509_PURPOSE_get0)(int) = 0L; + static int (*K_EVP_PKEY_assign)(EVP_PKEY*, int, char*) = 0L; ++static int (*K_EVP_PKEY_base_id)(EVP_PKEY *) = 0L; ++static RSA *(*K_EVP_PKEY_get0_RSA)(EVP_PKEY *) = 0L; ++static void (*K_RSA_get0_key)(RSA *, const BIGNUM **, const BIGNUM **, const BIGNUM **) = 0L; ++static DSA *(*K_EVP_PKEY_get0_DSA)(EVP_PKEY *) = 0L; ++static void (*K_DSA_get0_pqg)(DSA *, const BIGNUM **, const BIGNUM **, const BIGNUM **) = 0L; ++static void (*K_DSA_get0_key)(DSA *, const BIGNUM **, const BIGNUM **) = 0L; + static int (*K_X509_REQ_set_pubkey)(X509_REQ*, EVP_PKEY*) = 0L; + static RSA *(*K_RSA_generate_key)(int, unsigned long, void (*)(int,int,void *), void *) = 0L; + static int (*K_i2d_X509_REQ_fp)(FILE*, X509_REQ*) = 0L; +@@ -410,7 +427,11 @@ KOpenSSLProxy::KOpenSSLProxy() + K_RAND_load_file = (int (*)(const char *, long)) d->cryptoLib->resolveFunction("RAND_load_file"); + K_RAND_file_name = (const char* (*)(char *, size_t)) d->cryptoLib->resolveFunction("RAND_file_name"); + K_RAND_write_file = (int (*)(const char *)) d->cryptoLib->resolveFunction("RAND_write_file"); ++#if OPENSSL_VERSION_NUMBER < 0x10100000L + K_CRYPTO_free = (void (*) (void *)) d->cryptoLib->resolveFunction("CRYPTO_free"); ++#else ++ K_CRYPTO_free = (void (*)(void *, const char *, int)) d->cryptoLib->resolveFunction("CRYPTO_free"); ++#endif + K_d2i_X509 = (X509 * (*)(X509 **,unsigned char **,long)) d->cryptoLib->resolveFunction("d2i_X509"); + K_i2d_X509 = (int (*)(X509 *,unsigned char **)) d->cryptoLib->resolveFunction("i2d_X509"); + K_X509_cmp = (int (*)(X509 *, X509 *)) d->cryptoLib->resolveFunction("X509_cmp"); +@@ -419,15 +440,19 @@ KOpenSSLProxy::KOpenSSLProxy() + K_X509_verify_cert = (int (*) (X509_STORE_CTX *)) d->cryptoLib->resolveFunction("X509_verify_cert"); + K_X509_STORE_new = (X509_STORE * (*) (void)) d->cryptoLib->resolveFunction("X509_STORE_new"); + K_X509_STORE_free = (void (*) (X509_STORE *)) d->cryptoLib->resolveFunction("X509_STORE_free"); ++ K_X509_STORE_set_verify_cb = (void (*)(X509_STORE *, int (*)(int, X509_STORE_CTX *))) d->cryptoLib->resolveFunction("X509_STORE_set_verify_cb"); + K_X509_NAME_oneline = (char * (*) (X509_NAME *,char *,int)) d->cryptoLib->resolveFunction("X509_NAME_oneline"); + K_X509_get_subject_name = (X509_NAME * (*) (X509 *)) d->cryptoLib->resolveFunction("X509_get_subject_name"); + K_X509_get_issuer_name = (X509_NAME * (*) (X509 *)) d->cryptoLib->resolveFunction("X509_get_issuer_name"); ++ K_X509_get0_signature = (void (*)(const ASN1_BIT_STRING **, const X509_ALGOR **, const X509 *)) d->cryptoLib->resolveFunction("X509_get0_signature"); + K_X509_STORE_add_lookup = (X509_LOOKUP *(*) (X509_STORE *, X509_LOOKUP_METHOD *)) d->cryptoLib->resolveFunction("X509_STORE_add_lookup"); + K_X509_LOOKUP_file = (X509_LOOKUP_METHOD *(*)(void)) d->cryptoLib->resolveFunction("X509_LOOKUP_file"); + K_X509_LOOKUP_free = (void (*)(X509_LOOKUP *)) d->cryptoLib->resolveFunction("X509_LOOKUP_free"); + K_X509_LOOKUP_ctrl = (int (*)(X509_LOOKUP *, int, const char *, long, char **)) d->cryptoLib->resolveFunction("X509_LOOKUP_ctrl"); + K_X509_STORE_CTX_init = (void (*)(X509_STORE_CTX *, X509_STORE *, X509 *, STACK_OF(X509) *)) d->cryptoLib->resolveFunction("X509_STORE_CTX_init"); + K_X509_dup = (X509* (*)(X509*)) d->cryptoLib->resolveFunction("X509_dup"); ++ K_X509_getm_notBefore = (ASN1_TIME *(*)(const X509 *)) d->cryptoLib->resolveFunction("X509_getm_notBefore"); ++ K_X509_getm_notAfter = (ASN1_TIME *(*)(const X509 *)) d->cryptoLib->resolveFunction("X509_getm_notAfter"); + K_BIO_s_mem = (BIO_METHOD *(*) (void)) d->cryptoLib->resolveFunction("BIO_s_mem"); + K_BIO_new = (BIO* (*)(BIO_METHOD *)) d->cryptoLib->resolveFunction("BIO_new"); + K_BIO_new_fp = (BIO* (*)(FILE*, int)) d->cryptoLib->resolveFunction("BIO_new_fp"); +@@ -454,13 +479,26 @@ KOpenSSLProxy::KOpenSSLProxy() + K_X509_REQ_new = (X509_REQ* (*)()) d->cryptoLib->resolveFunction("X509_REQ_new"); + K_X509_STORE_CTX_set_chain = (void (*)(X509_STORE_CTX *, STACK_OF(X509)*)) d->cryptoLib->resolveFunction("X509_STORE_CTX_set_chain"); + K_X509_STORE_CTX_set_purpose = (void (*)(X509_STORE_CTX *, int)) d->cryptoLib->resolveFunction("X509_STORE_CTX_set_purpose"); +- K_sk_free = (void (*) (STACK *)) d->cryptoLib->resolveFunction("sk_free"); +- K_sk_num = (int (*) (STACK *)) d->cryptoLib->resolveFunction("sk_num"); +- K_sk_pop = (char* (*) (STACK *)) d->cryptoLib->resolveFunction("sk_pop"); +- K_sk_value = (char* (*) (STACK *, int)) d->cryptoLib->resolveFunction("sk_value"); +- K_sk_new = (STACK* (*) (int (*)())) d->cryptoLib->resolveFunction("sk_new"); +- K_sk_push = (int (*) (STACK*, char*)) d->cryptoLib->resolveFunction("sk_push"); +- K_sk_dup = (STACK* (*) (STACK *)) d->cryptoLib->resolveFunction("sk_dup"); ++ K_X509_STORE_CTX_get_current_cert = (X509 * (*)(X509_STORE_CTX *)) d->cryptoLib->resolveFunction("X509_STORE_CTX_get_current_cert"); ++ K_X509_STORE_CTX_set_error = (void (*)(X509_STORE_CTX *, int)) d->cryptoLib->resolveFunction("X509_STORE_CTX_set_error"); ++ K_X509_STORE_CTX_get_error = (int (*)(X509_STORE_CTX *)) d->cryptoLib->resolveFunction("X509_STORE_CTX_get_error"); ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++ K_OPENSSL_sk_free = (void (*)(STACK *)) d->cryptoLib->resolveFunction("OPENSSL_sk_free"); ++ K_OPENSSL_sk_num = (int (*)(STACK *)) d->cryptoLib->resolveFunction("OPENSSL_sk_num"); ++ K_OPENSSL_sk_pop = (char *(*)(STACK *)) d->cryptoLib->resolveFunction("OPENSSL_sk_pop"); ++ K_OPENSSL_sk_value = (char *(*)(STACK *, int)) d->cryptoLib->resolveFunction("OPENSSL_sk_value"); ++ K_OPENSSL_sk_new = (STACK * (*)(int (*)())) d->cryptoLib->resolveFunction("OPENSSL_sk_new"); ++ K_OPENSSL_sk_push = (int (*)(STACK *, char *)) d->cryptoLib->resolveFunction("OPENSSL_sk_push"); ++ K_OPENSSL_sk_dup = (STACK * (*)(STACK *)) d->cryptoLib->resolveFunction("OPENSSL_sk_dup"); ++#else ++ K_OPENSSL_sk_free = (void (*)(STACK *)) d->cryptoLib->resolveFunction("sk_free"); ++ K_OPENSSL_sk_num = (int (*)(STACK *)) d->cryptoLib->resolveFunction("sk_num"); ++ K_OPENSSL_sk_pop = (char *(*)(STACK *)) d->cryptoLib->resolveFunction("sk_pop"); ++ K_OPENSSL_sk_value = (char *(*)(STACK *, int)) d->cryptoLib->resolveFunction("sk_value"); ++ K_OPENSSL_sk_new = (STACK * (*)(int (*)())) d->cryptoLib->resolveFunction("sk_new"); ++ K_OPENSSL_sk_push = (int (*)(STACK *, char *)) d->cryptoLib->resolveFunction("sk_push"); ++ K_OPENSSL_sk_dup = (STACK * (*)(STACK *)) d->cryptoLib->resolveFunction("sk_dup"); ++#endif + K_i2s_ASN1_INTEGER = (char *(*) (X509V3_EXT_METHOD *, ASN1_INTEGER *)) d->cryptoLib->resolveFunction("i2s_ASN1_INTEGER"); + K_X509_get_serialNumber = (ASN1_INTEGER * (*) (X509 *)) d->cryptoLib->resolveFunction("X509_get_serialNumber"); + K_X509_get_pubkey = (EVP_PKEY *(*)(X509 *)) d->cryptoLib->resolveFunction("X509_get_pubkey"); +@@ -504,6 +542,12 @@ KOpenSSLProxy::KOpenSSLProxy() + K_X509_check_purpose = (int (*)(X509*,int,int)) d->cryptoLib->resolveFunction("X509_check_purpose"); + K_X509_PURPOSE_get0 = (X509_PURPOSE *(*)(int)) d->cryptoLib->resolveFunction("X509_PURPOSE_get0"); + K_EVP_PKEY_assign = (int (*)(EVP_PKEY*, int, char*)) d->cryptoLib->resolveFunction("EVP_PKEY_assign"); ++ K_EVP_PKEY_base_id = (int (*)(EVP_PKEY *)) d->cryptoLib->resolveFunction("EVP_PKEY_base_id"); ++ K_EVP_PKEY_get0_RSA = (RSA *(*)(EVP_PKEY *)) d->cryptoLib->resolveFunction("EVP_PKEY_get0_RSA"); ++ K_RSA_get0_key = (void (*)(RSA *, const BIGNUM **, const BIGNUM **, const BIGNUM **)) d->cryptoLib->resolveFunction("ESA_get0_key"); ++ K_EVP_PKEY_get0_DSA = (DSA *(*)(EVP_PKEY *)) d->cryptoLib->resolveFunction("EVP_PKEY_get0_DSA"); ++ K_DSA_get0_pqg = (void (*)(DSA *, const BIGNUM **, const BIGNUM **, const BIGNUM **)) d->cryptoLib->resolveFunction("DSA_get0_pqg"); ++ K_DSA_get0_key = (void (*)(DSA *, const BIGNUM **, const BIGNUM **)) d->cryptoLib->resolveFunction("DSA_get0_key"); + K_X509_REQ_set_pubkey = (int (*)(X509_REQ*, EVP_PKEY*)) d->cryptoLib->resolveFunction("X509_REQ_set_pubkey"); + K_RSA_generate_key = (RSA* (*)(int, unsigned long, void (*)(int,int,void *), void *)) d->cryptoLib->resolveFunction("RSA_generate_key"); + K_i2d_X509_REQ_fp = (int (*)(FILE *, X509_REQ *)) d->cryptoLib->resolveFunction("i2d_X509_REQ_fp"); +@@ -866,6 +910,16 @@ void KOpenSSLProxy::X509_STORE_free(X509_STORE *v) { + } + + ++void KOpenSSLProxy::X509_STORE_set_verify_cb(X509_STORE *store, int (*verify_cb)(int, X509_STORE_CTX *)) ++{ ++#if OPENSSL_VERSION_NUMBER < 0x10100000L ++ X509_STORE_set_verify_cb_func(store, verify_cb); ++#else ++ if (K_X509_STORE_set_verify_cb) (K_X509_STORE_set_verify_cb)(store, verify_cb); ++#endif ++} ++ ++ + X509_STORE_CTX *KOpenSSLProxy::X509_STORE_CTX_new(void) { + if (K_X509_STORE_CTX_new) return (K_X509_STORE_CTX_new)(); + return 0L; +@@ -906,6 +960,17 @@ X509_NAME *KOpenSSLProxy::X509_get_issuer_name(X509 *a) { + } + + ++void KOpenSSLProxy::X509_get0_signature(const ASN1_BIT_STRING **psig, const X509_ALGOR **algor, const X509 *x) ++{ ++#if OPENSSL_VERSION_NUMBER < 0x10100000L ++ if (psig) *psig = x->signature; ++ if (algor) *algor = x->sig_alg; ++#else ++ if (K_X509_get0_signature) return (K_X509_get0_signature)(psig, algor, x); ++#endif ++} ++ ++ + X509_LOOKUP *KOpenSSLProxy::X509_STORE_add_lookup(X509_STORE *v, X509_LOOKUP_METHOD *m) { + if (K_X509_STORE_add_lookup) return (K_X509_STORE_add_lookup)(v,m); + return 0L; +@@ -934,9 +999,16 @@ void KOpenSSLProxy::X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store, + } + + ++#if OPENSSL_VERSION_NUMBER < 0x10100000L + void KOpenSSLProxy::CRYPTO_free(void *x) { + if (K_CRYPTO_free) (K_CRYPTO_free)(x); + } ++#else ++void KOpenSSLProxy::CRYPTO_free(void *x, const char *file, int line) ++{ ++ if (K_CRYPTO_free) K_CRYPTO_free(x, file, line); ++} ++#endif + + + X509 *KOpenSSLProxy::X509_dup(X509 *x509) { +@@ -945,6 +1017,28 @@ X509 *KOpenSSLProxy::X509_dup(X509 *x509) { + } + + ++ASN1_TIME *KOpenSSLProxy::X509_getm_notBefore(const X509 *x) ++{ ++#if OPENSSL_VERSION_NUMBER < 0x10100000L ++ return X509_get_notBefore(x); ++#else ++ if (K_X509_getm_notBefore) return (K_X509_getm_notBefore)(x); ++ else return 0L; ++#endif ++} ++ ++ ++ASN1_TIME *KOpenSSLProxy::X509_getm_notAfter(const X509 *x) ++{ ++#if OPENSSL_VERSION_NUMBER < 0x10100000L ++ return X509_get_notAfter(x); ++#else ++ if (K_X509_getm_notAfter) return (K_X509_getm_notAfter)(x); ++ else return 0L; ++#endif ++} ++ ++ + BIO *KOpenSSLProxy::BIO_new(BIO_METHOD *type) { + if (K_BIO_new) return (K_BIO_new)(type); + else return 0L; +@@ -1093,25 +1187,25 @@ STACK_OF(X509) *KOpenSSLProxy::SSL_get_peer_cert_chain(SSL *s) { + } + + +-void KOpenSSLProxy::sk_free(STACK *s) { +- if (K_sk_free) (K_sk_free)(s); ++void KOpenSSLProxy::OPENSSL_sk_free(STACK *s) { ++ if (K_OPENSSL_sk_free) (K_OPENSSL_sk_free)(s); + } + + +-int KOpenSSLProxy::sk_num(STACK *s) { +- if (K_sk_num) return (K_sk_num)(s); ++int KOpenSSLProxy::OPENSSL_sk_num(STACK *s) { ++ if (K_OPENSSL_sk_num) return (K_OPENSSL_sk_num)(s); + else return -1; + } + + +-char *KOpenSSLProxy::sk_pop(STACK *s) { +- if (K_sk_pop) return (K_sk_pop)(s); ++char *KOpenSSLProxy::OPENSSL_sk_pop(STACK *s) { ++ if (K_OPENSSL_sk_pop) return (K_OPENSSL_sk_pop)(s); + else return 0L; + } + + +-char *KOpenSSLProxy::sk_value(STACK *s, int n) { +- if (K_sk_value) return (K_sk_value)(s, n); ++char *KOpenSSLProxy::OPENSSL_sk_value(STACK *s, int n) { ++ if (K_OPENSSL_sk_value) return (K_OPENSSL_sk_value)(s, n); + else return 0L; + } + +@@ -1125,20 +1219,52 @@ void KOpenSSLProxy::X509_STORE_CTX_set_purpose(X509_STORE_CTX *v, int purpose) { + } + + +-STACK* KOpenSSLProxy::sk_dup(STACK *s) { +- if (K_sk_dup) return (K_sk_dup)(s); ++X509 *KOpenSSLProxy::X509_STORE_CTX_get_current_cert(X509_STORE_CTX *v) ++{ ++#if OPENSSL_VERSION_NUMBER < 0x10100000L ++ return v->current_cert; ++#else ++ if (K_X509_STORE_CTX_get_current_cert) return (K_X509_STORE_CTX_get_current_cert)(v); ++ else return 0L; ++#endif ++} ++ ++ ++void KOpenSSLProxy::X509_STORE_CTX_set_error(X509_STORE_CTX *v, int error) ++{ ++#if OPENSSL_VERSION_NUMBER < 0x10100000L ++ v->error = error; ++#else ++ if (K_X509_STORE_CTX_set_error) (K_X509_STORE_CTX_set_error)(v, error); ++#endif ++} ++ ++ ++int KOpenSSLProxy::X509_STORE_CTX_get_error(X509_STORE_CTX *v) ++{ ++#if OPENSSL_VERSION_NUMBER < 0x10100000L ++ return v->error; ++#else ++ if (K_X509_STORE_CTX_get_error) return (K_X509_STORE_CTX_get_error)(v); ++ else return 0; ++#endif ++} ++ ++ ++STACK* KOpenSSLProxy::OPENSSL_sk_dup(STACK *s) { ++ if (K_OPENSSL_sk_dup) return (K_OPENSSL_sk_dup)(s); + else return 0L; + } + + +-STACK* KOpenSSLProxy::sk_new(int (*cmp)()) { +- if (K_sk_new) return (K_sk_new)(cmp); ++STACK* KOpenSSLProxy::OPENSSL_sk_new(int (*cmp)()) { ++ if (K_OPENSSL_sk_new) return (K_OPENSSL_sk_new)(cmp); + else return 0L; + } + + +-int KOpenSSLProxy::sk_push(STACK* s, char* d) { +- if (K_sk_push) return (K_sk_push)(s,d); ++int KOpenSSLProxy::OPENSSL_sk_push(STACK* s, char* d) { ++ if (K_OPENSSL_sk_push) return (K_OPENSSL_sk_push)(s,d); + else return -1; + } + +@@ -1423,6 +1549,74 @@ int KOpenSSLProxy::EVP_PKEY_assign(EVP_PKEY *pkey, int type, char *key) { + else return -1; + } + ++ ++int KOpenSSLProxy::EVP_PKEY_base_id(EVP_PKEY *pkey) ++{ ++#if OPENSSL_VERSION_NUMBER < 0x10100000L ++ return pkey->type; ++#else ++ if (K_EVP_PKEY_base_id) return (K_EVP_PKEY_base_id)(pkey); ++ else return 0; ++#endif ++} ++ ++ ++RSA *KOpenSSLProxy::EVP_PKEY_get0_RSA(EVP_PKEY *pkey) ++{ ++#if OPENSSL_VERSION_NUMBER < 0x10100000L ++ return pkey->pkey.rsa; ++#else ++ if (K_EVP_PKEY_get0_RSA) return (K_EVP_PKEY_get0_RSA)(pkey); ++ else return 0L; ++#endif ++} ++ ++ ++void KOpenSSLProxy::RSA_get0_key(RSA *rsa, const BIGNUM **n, const BIGNUM **e, const BIGNUM **d) ++{ ++#if OPENSSL_VERSION_NUMBER < 0x10100000L ++ if (n) *n = rsa->n; ++ if (e) *e = rsa->e; ++ if (d) *d = rsa->d; ++#else ++ if (K_RSA_get0_key) (K_RSA_get0_key)(rsa, n, e, d); ++#endif ++} ++ ++ ++DSA *KOpenSSLProxy::EVP_PKEY_get0_DSA(EVP_PKEY *pkey) ++{ ++#if OPENSSL_VERSION_NUMBER < 0x10100000L ++ return pkey->pkey.dsa; ++#else ++ if (K_EVP_PKEY_get0_DSA) return (K_EVP_PKEY_get0_DSA)(pkey); ++ else return 0L; ++#endif ++} ++ ++ ++void KOpenSSLProxy::DSA_get0_pqg(DSA *dsa, const BIGNUM **p, const BIGNUM **q, const BIGNUM **g) ++{ ++#if OPENSSL_VERSION_NUMBER < 0x10100000L ++ if (p) *p = dsa->p; ++ if (q) *q = dsa->q; ++ if (g) *g = dsa->g; ++#else ++ if (K_DSA_get0_pqg) (K_DSA_get0_pqg)(dsa, p, q, g); ++#endif ++} ++ ++ ++void KOpenSSLProxy::DSA_get0_key(DSA *dsa, const BIGNUM **pub_key, const BIGNUM **priv_key) ++{ ++#if OPENSSL_VERSION_NUMBER < 0x10100000L ++ if (pub_key) *pub_key = dsa->pub_key; ++ if (priv_key) *priv_key = dsa->priv_key; ++#else ++ if (K_DSA_get0_key) (K_DSA_get0_key)(dsa, pub_key, priv_key); ++#endif ++} ++ + + int KOpenSSLProxy::X509_REQ_set_pubkey(X509_REQ *x, EVP_PKEY *pkey) { + if (K_X509_REQ_set_pubkey) return (K_X509_REQ_set_pubkey)(x, pkey); +diff --git a/kio/kssl/kopenssl.h b/kio/kssl/kopenssl.h +index ab05486336..ae3398fbef 100644 +--- a/kio/kssl/kopenssl.h ++++ b/kio/kssl/kopenssl.h +@@ -297,6 +297,18 @@ public: + + + /* ++ * X509_getm_notBefore - get validity start ++ */ ++ ASN1_TIME *X509_getm_notBefore(const X509 *x); ++ ++ ++ /* ++ * X509_getm_notAfter - get validity end ++ */ ++ ASN1_TIME *X509_getm_notAfter(const X509 *x); ++ ++ ++ /* + * X509_STORE_CTX_new - create an X509 store context + */ + X509_STORE_CTX *X509_STORE_CTX_new(void); +@@ -313,11 +325,31 @@ public: + */ + void X509_STORE_CTX_set_chain(X509_STORE_CTX *v, STACK_OF(X509)* x); + ++ + /* + * X509_STORE_CTX_set_purpose - set the purpose of the certificate + */ + void X509_STORE_CTX_set_purpose(X509_STORE_CTX *v, int purpose); + ++ ++ /* ++ * X509_STORE_CTX_get_current_cert - get the current certificate ++ */ ++ X509 *X509_STORE_CTX_get_current_cert(X509_STORE_CTX *v); ++ ++ ++ /* ++ * X509_STORE_CTX_set_error - set certificate error ++ */ ++ void X509_STORE_CTX_set_error(X509_STORE_CTX *v, int error); ++ ++ ++ /* ++ * X509_STORE_CTX_get_error - get certificate error ++ */ ++ int X509_STORE_CTX_get_error(X509_STORE_CTX *v); ++ ++ + /* + * X509_verify_cert - verify the certificate + */ +@@ -337,6 +369,12 @@ public: + + + /* ++ * X509_STORE_set_verify_cb - set verify callback ++ */ ++ void X509_STORE_set_verify_cb(X509_STORE *v, int (*verify_cb)(int, X509_STORE_CTX *)); ++ ++ ++ /* + * X509_free - free up an X509 + */ + void X509_free(X509 *v); +@@ -361,6 +399,12 @@ public: + + + /* ++ * X509_get0_signature - return X509 signature and signature algorithm ++ */ ++ void X509_get0_signature(const ASN1_BIT_STRING **psig, const X509_ALGOR **palg, const X509 *x); ++ ++ ++ /* + * X509_STORE_add_lookup - add a lookup file/method to an X509 store + */ + X509_LOOKUP *X509_STORE_add_lookup(X509_STORE *v, X509_LOOKUP_METHOD *m); +@@ -393,7 +437,11 @@ public: + /* + * CRYPTO_free - free up an internally allocated object + */ ++#if OPENSSL_VERSION_NUMBER < 0x10100000L + void CRYPTO_free(void *x); ++#else ++ void CRYPTO_free(void *x, const char *file, int line); ++#endif + + /* + * BIO_new - create new BIO +@@ -505,53 +553,53 @@ public: + /* + * Pop off the stack + */ +- char *sk_pop(STACK *s); ++ char *OPENSSL_sk_pop(STACK *s); + + + /* + * Free the stack + */ +- void sk_free(STACK *s); ++ void OPENSSL_sk_free(STACK *s); + + #if OPENSSL_VERSION_NUMBER >= 0x10000000L +- void sk_free(void *s) { return sk_free(reinterpret_cast<STACK*>(s)); } ++ void OPENSSL_sk_free(void *s) { return OPENSSL_sk_free(reinterpret_cast<STACK*>(s)); } + #endif + + /* + * Number of elements in the stack + */ +- int sk_num(STACK *s); ++ int OPENSSL_sk_num(STACK *s); + + + /* + * Value of element n in the stack + */ +- char *sk_value(STACK *s, int n); ++ char *OPENSSL_sk_value(STACK *s, int n); + + #if OPENSSL_VERSION_NUMBER >= 0x10000000L +- char *sk_value(void *s, int n) { return sk_value(reinterpret_cast<STACK*>(s), n); } ++ char *OPENSSL_sk_value(void *s, int n) { return OPENSSL_sk_value(reinterpret_cast<STACK*>(s), n); } + #endif + + /* + * Create a new stack + */ +- STACK *sk_new(int (*cmp)()); ++ STACK *OPENSSL_sk_new(int (*cmp)()); + + + /* + * Add an element to the stack + */ +- int sk_push(STACK *s, char *d); ++ int OPENSSL_sk_push(STACK *s, char *d); + + #if OPENSSL_VERSION_NUMBER >= 0x10000000L +- int sk_push(void *s, void *d) { return sk_push(reinterpret_cast<STACK*>(s), reinterpret_cast<char*>(d)); } ++ int OPENSSL_sk_push(void *s, void *d) { return OPENSSL_sk_push(reinterpret_cast<STACK*>(s), reinterpret_cast<char*>(d)); } + #endif + + + /* + * Duplicate the stack + */ +- STACK *sk_dup(STACK *s); ++ STACK *OPENSSL_sk_dup(STACK *s); + + + /* +@@ -800,6 +848,18 @@ public: + + + /* ++ * Get key type ++ */ ++ int EVP_PKEY_base_id(EVP_PKEY *pkey); ++ ++ RSA *EVP_PKEY_get0_RSA(EVP_PKEY *pkey); ++ void RSA_get0_key(RSA *rsa, const BIGNUM **n, const BIGNUM **e, const BIGNUM **d); ++ DSA *EVP_PKEY_get0_DSA(EVP_PKEY *pkey); ++ void DSA_get0_pqg(DSA *dsa, const BIGNUM **p, const BIGNUM **q, const BIGNUM **g); ++ void DSA_get0_key(DSA *dsa, const BIGNUM **pub_key, const BIGNUM **priv_key); ++ ++ ++ /* + * Generate a RSA key + */ + RSA *RSA_generate_key(int bits, unsigned long e, void +diff --git a/kio/kssl/kssl.cpp b/kio/kssl/kssl.cpp +index c36db55a42..faba1bb5ab 100644 +--- a/kio/kssl/kssl.cpp ++++ b/kio/kssl/kssl.cpp +@@ -55,8 +55,6 @@ + #warning "kssl.cc needs to be ported to QSslSocket" + #endif + +-#define sk_dup d->kossl->sk_dup +- + class KSSLPrivate { + public: + KSSLPrivate() { +@@ -212,5 +210,3 @@ bool KSSL::doesSSLWork() { + return m_bSSLWorks; + } + +-#undef sk_dup +- +diff --git a/kio/kssl/ksslcallback.c b/kio/kssl/ksslcallback.c +index 516b916337..38e94356e8 100644 +--- a/kio/kssl/ksslcallback.c ++++ b/kio/kssl/ksslcallback.c +@@ -28,7 +28,7 @@ bool KSSL_X509CallBack_ca_found; + extern "C" { + static int X509Callback(int ok, X509_STORE_CTX *ctx) { + +- kDebug(7029) << "X509Callback: ok = " << ok << " error = " << ctx->error << " depth = " << ctx->error_depth; ++ //kDebug(7029) << "X509Callback: ok = " << ok << " error = " << ctx->error << " depth = " << ctx->error_depth; + // Here is how this works. We put "ok = 1;" in any case that we + // don't consider to be an error. In that case, it will return OK + // for the certificate check as long as there are no other critical +@@ -39,14 +39,14 @@ static int X509Callback(int ok, X509_STORE_CTX *ctx) { + + if (KSSL_X509CallBack_ca) + { +- if (KOSSL::self()->X509_cmp(ctx->current_cert, KSSL_X509CallBack_ca) != 0) ++ if (KOSSL::self()->X509_cmp(KOSSL::self()->X509_STORE_CTX_get_current_cert(ctx), KSSL_X509CallBack_ca) != 0) + return 1; // Ignore errors for this certificate + + KSSL_X509CallBack_ca_found = true; + } + + if (!ok) { +- switch (ctx->error) { ++ switch (KOSSL::self()->X509_STORE_CTX_get_error(ctx)) { + case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT: + case X509_V_ERR_UNABLE_TO_GET_CRL: + case X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE: +diff --git a/kio/kssl/ksslcertchain.cpp b/kio/kssl/ksslcertchain.cpp +index 2be7995bf8..cdfab2b5ae 100644 +--- a/kio/kssl/ksslcertchain.cpp ++++ b/kio/kssl/ksslcertchain.cpp +@@ -44,16 +44,6 @@ + #include <kdebug.h> + #include <QtCore/QStringList> + +-#ifdef KSSL_HAVE_SSL +-#define sk_new d->kossl->sk_new +-#define sk_push d->kossl->sk_push +-#define sk_free d->kossl->sk_free +-#define sk_value d->kossl->sk_value +-#define sk_num d->kossl->sk_num +-#define sk_dup d->kossl->sk_dup +-#define sk_pop d->kossl->sk_pop +-#endif +- + class KSSLCertChainPrivate { + public: + KSSLCertChainPrivate() { +@@ -79,11 +69,11 @@ KSSLCertChain::~KSSLCertChain() { + STACK_OF(X509) *x = (STACK_OF(X509) *)_chain; + + for (;;) { +- X509* x5 = sk_X509_pop(x); ++ X509 *x5 = reinterpret_cast<X509*>(d->kossl->OPENSSL_sk_pop(reinterpret_cast<STACK *>(x))); + if (!x5) break; + d->kossl->X509_free(x5); + } +- sk_X509_free(x); ++ d->kossl->OPENSSL_sk_free(reinterpret_cast<STACK *>(x)); + } + #endif + delete d; +@@ -106,7 +96,7 @@ KSSLCertChain *KSSLCertChain::replicate() { + + int KSSLCertChain::depth() { + #ifdef KSSL_HAVE_SSL +- return sk_X509_num((STACK_OF(X509)*)_chain); ++ return d->kossl->OPENSSL_sk_num(static_cast<STACK *>(_chain)); + #endif + return 0; + } +@@ -123,8 +113,8 @@ QList<KSSLCertificate *> KSSLCertChain::getChain() const { + #ifdef KSSL_HAVE_SSL + STACK_OF(X509) *x = (STACK_OF(X509) *)_chain; + +- for (int i = 0; i < sk_X509_num(x); i++) { +- X509* x5 = sk_X509_value(x, i); ++ for (int i = 0; i < d->kossl->OPENSSL_sk_num(reinterpret_cast<STACK *>(x)); i++) { ++ X509 *x5 = reinterpret_cast<X509*>(d->kossl->OPENSSL_sk_value(reinterpret_cast<STACK *>(x), i)); + if (!x5) continue; + KSSLCertificate *nc = new KSSLCertificate; + nc->setCert(d->kossl->X509_dup(x5)); +@@ -142,18 +132,18 @@ void KSSLCertChain::setChain(const QList<KSSLCertificate *>& chain) { + STACK_OF(X509) *x = (STACK_OF(X509) *)_chain; + + for (;;) { +- X509* x5 = sk_X509_pop(x); ++ X509 *x5 = reinterpret_cast<X509*>(d->kossl->OPENSSL_sk_pop(reinterpret_cast<STACK*>(x))); + if (!x5) break; + d->kossl->X509_free(x5); + } +- sk_X509_free(x); +- _chain = NULL; ++ d->kossl->OPENSSL_sk_free(reinterpret_cast<STACK*>(x)); ++ _chain = NULL; + } + + if (chain.isEmpty()) return; +- _chain = (void *)sk_new(NULL); ++ _chain = (void *)d->kossl->OPENSSL_sk_new(NULL); + foreach (KSSLCertificate *x, chain) { +- sk_X509_push((STACK_OF(X509)*)_chain, d->kossl->X509_dup(x->getCert())); ++ d->kossl->OPENSSL_sk_push(static_cast<STACK*>(_chain), d->kossl->X509_dup(x->getCert())); + } + + #endif +@@ -166,23 +156,23 @@ if (_chain) { + STACK_OF(X509) *x = (STACK_OF(X509) *)_chain; + + for (;;) { +- X509* x5 = sk_X509_pop(x); ++ X509 *x5 = reinterpret_cast<X509 *>(d->kossl->OPENSSL_sk_pop(reinterpret_cast<STACK *>(x))); + if (!x5) break; + d->kossl->X509_free(x5); + } +- sk_X509_free(x); ++ d->kossl->OPENSSL_sk_free(reinterpret_cast<STACK *>(x)); + _chain = NULL; + } + + if (!stack_of_x509) return; + +-_chain = (void *)sk_new(NULL); ++_chain = (void *)d->kossl->OPENSSL_sk_new(NULL); + STACK_OF(X509) *x = (STACK_OF(X509) *)stack_of_x509; + +- for (int i = 0; i < sk_X509_num(x); i++) { +- X509* x5 = sk_X509_value(x, i); ++ for (int i = 0; i < d->kossl->OPENSSL_sk_num(reinterpret_cast<STACK *>(x)); i++) { ++ X509 *x5 = reinterpret_cast<X509*>(d->kossl->OPENSSL_sk_value(reinterpret_cast<STACK *>(x), i)); + if (!x5) continue; +- sk_X509_push((STACK_OF(X509)*)_chain,d->kossl->X509_dup(x5)); ++ d->kossl->OPENSSL_sk_push(reinterpret_cast<STACK *>(_chain), d->kossl->X509_dup(x5)); + } + + #else +@@ -202,14 +192,3 @@ void KSSLCertChain::setCertChain(const QStringList& chain) { + setChain(cl); + } + +- +-#ifdef KSSL_HAVE_SSL +-#undef sk_new +-#undef sk_push +-#undef sk_free +-#undef sk_value +-#undef sk_num +-#undef sk_dup +-#undef sk_pop +-#endif +- +diff --git a/kio/kssl/ksslcertificate.cpp b/kio/kssl/ksslcertificate.cpp +index 0d4fbd9cdc..c93d5c5b22 100644 +--- a/kio/kssl/ksslcertificate.cpp ++++ b/kio/kssl/ksslcertificate.cpp +@@ -200,14 +200,17 @@ QString KSSLCertificate::getSignatureText() const { + char *s; + int n, i; + +- i = d->kossl->OBJ_obj2nid(d->m_cert->sig_alg->algorithm); ++ const X509_ALGOR *algor; ++ const ASN1_BIT_STRING *sig; ++ d->kossl->X509_get0_signature(&sig, &algor, d->m_cert); ++ i = d->kossl->OBJ_obj2nid(algor->algorithm); + rc = i18n("Signature Algorithm: "); + rc += (i == NID_undef)?i18n("Unknown"):QString(d->kossl->OBJ_nid2ln(i)); + + rc += '\n'; + rc += i18n("Signature Contents:"); +- n = d->m_cert->signature->length; +- s = (char *)d->m_cert->signature->data; ++ n = sig->length; ++ s = (char *)sig->data; + for (i = 0; i < n; ++i) { + if (i%20 != 0) { + rc += ':'; +@@ -233,9 +236,10 @@ void KSSLCertificate::getEmails(QStringList &to) const { + } + + STACK *s = d->kossl->X509_get1_email(d->m_cert); ++ const int size = d->kossl->OPENSSL_sk_num(s); + if (s) { +- for(int n=0; n < s->num; n++) { +- to.append(d->kossl->sk_value(s,n)); ++ for(int n=0; n < size; n++) { ++ to.append(d->kossl->OPENSSL_sk_value(s,n)); + } + d->kossl->X509_email_free(s); + } +@@ -317,13 +321,13 @@ QString rc = ""; + EVP_PKEY *pkey = d->kossl->X509_get_pubkey(d->m_cert); + if (pkey) { + #ifndef NO_RSA +- if (pkey->type == EVP_PKEY_RSA) { ++ if (d->kossl->EVP_PKEY_base_id(pkey) == EVP_PKEY_RSA) { + rc = "RSA"; + } + else + #endif + #ifndef NO_DSA +- if (pkey->type == EVP_PKEY_DSA) { ++ if (d->kossl->EVP_PKEY_base_id(pkey) == EVP_PKEY_DSA) { + rc = "DSA"; + } + else +@@ -347,8 +351,10 @@ char *x = NULL; + if (pkey) { + rc = i18nc("Unknown", "Unknown key algorithm"); + #ifndef NO_RSA +- if (pkey->type == EVP_PKEY_RSA) { +- x = d->kossl->BN_bn2hex(pkey->pkey.rsa->n); ++ if (d->kossl->EVP_PKEY_base_id(pkey) == EVP_PKEY_RSA) { ++ const BIGNUM *n, *e; ++ d->kossl->RSA_get0_key(d->kossl->EVP_PKEY_get0_RSA(pkey), &n, &e, NULL); ++ x = d->kossl->BN_bn2hex(n); + rc = i18n("Key type: RSA (%1 bit)", strlen(x)*4) + '\n'; + + rc += i18n("Modulus: "); +@@ -364,15 +370,18 @@ char *x = NULL; + rc += '\n'; + d->kossl->OPENSSL_free(x); + +- x = d->kossl->BN_bn2hex(pkey->pkey.rsa->e); ++ x = d->kossl->BN_bn2hex(e); + rc += i18n("Exponent: 0x") + QLatin1String(x) + + QLatin1String("\n"); + d->kossl->OPENSSL_free(x); + } + #endif + #ifndef NO_DSA +- if (pkey->type == EVP_PKEY_DSA) { +- x = d->kossl->BN_bn2hex(pkey->pkey.dsa->p); ++ if (d->kossl->EVP_PKEY_base_id(pkey) == EVP_PKEY_DSA) { ++ DSA *dsa = d->kossl->EVP_PKEY_get0_DSA(pkey); ++ const BIGNUM *p, *q, *g; ++ d->kossl->DSA_get0_pqg(dsa, &p, &q, &g); ++ x = d->kossl->BN_bn2hex(p); + // hack - this may not be always accurate + rc = i18n("Key type: DSA (%1 bit)", strlen(x)*4) + '\n'; + +@@ -389,7 +398,7 @@ char *x = NULL; + rc += '\n'; + d->kossl->OPENSSL_free(x); + +- x = d->kossl->BN_bn2hex(pkey->pkey.dsa->q); ++ x = d->kossl->BN_bn2hex(q); + rc += i18n("160 bit prime factor: "); + for (unsigned int i = 0; i < strlen(x); i++) { + if (i%40 != 0 && i%2 == 0) { +@@ -403,7 +412,7 @@ char *x = NULL; + rc += '\n'; + d->kossl->OPENSSL_free(x); + +- x = d->kossl->BN_bn2hex(pkey->pkey.dsa->g); ++ x = d->kossl->BN_bn2hex(g); + rc += QString("g: "); + for (unsigned int i = 0; i < strlen(x); i++) { + if (i%40 != 0 && i%2 == 0) { +@@ -417,7 +426,9 @@ char *x = NULL; + rc += '\n'; + d->kossl->OPENSSL_free(x); + +- x = d->kossl->BN_bn2hex(pkey->pkey.dsa->pub_key); ++ const BIGNUM *pub_key; ++ d->kossl->DSA_get0_key(dsa, &pub_key, NULL); ++ x = d->kossl->BN_bn2hex(pub_key); + rc += i18n("Public key: "); + for (unsigned int i = 0; i < strlen(x); i++) { + if (i%40 != 0 && i%2 == 0) { +@@ -682,7 +693,7 @@ KSSLCertificate::KSSLValidationList KSSLCertificate::validateVerbose(KSSLCertifi + return errors; + } + +- X509_STORE_set_verify_cb_func(certStore, X509Callback); ++ d->kossl->X509_STORE_set_verify_cb(certStore, X509Callback); + + certLookup = d->kossl->X509_STORE_add_lookup(certStore, d->kossl->X509_LOOKUP_file()); + if (!certLookup) { +@@ -724,9 +735,9 @@ KSSLCertificate::KSSLValidationList KSSLCertificate::validateVerbose(KSSLCertifi + KSSL_X509CallBack_ca = ca ? ca->d->m_cert : 0; + KSSL_X509CallBack_ca_found = false; + +- certStoreCTX->error = X509_V_OK; ++ d->kossl->X509_STORE_CTX_set_error(certStoreCTX, X509_V_OK); + rc = d->kossl->X509_verify_cert(certStoreCTX); +- int errcode = certStoreCTX->error; ++ int errcode = d->kossl->X509_STORE_CTX_get_error(certStoreCTX); + if (ca && !KSSL_X509CallBack_ca_found) { + ksslv = KSSLCertificate::Irrelevant; + } else { +@@ -739,9 +750,9 @@ KSSLCertificate::KSSLValidationList KSSLCertificate::validateVerbose(KSSLCertifi + d->kossl->X509_STORE_CTX_set_purpose(certStoreCTX, + X509_PURPOSE_NS_SSL_SERVER); + +- certStoreCTX->error = X509_V_OK; ++ d->kossl->X509_STORE_CTX_set_error(certStoreCTX, X509_V_OK); + rc = d->kossl->X509_verify_cert(certStoreCTX); +- errcode = certStoreCTX->error; ++ errcode = d->kossl->X509_STORE_CTX_get_error(certStoreCTX); + ksslv = processError(errcode); + } + d->kossl->X509_STORE_CTX_free(certStoreCTX); +@@ -978,7 +989,7 @@ KSSLCertificate::KSSLValidation KSSLCertificate::processError(int ec) { + + QString KSSLCertificate::getNotBefore() const { + #ifdef KSSL_HAVE_SSL +- return ASN1_UTCTIME_QString(X509_get_notBefore(d->m_cert)); ++ return ASN1_UTCTIME_QString(d->kossl->X509_getm_notBefore(d->m_cert)); + #else + return QString(); + #endif +@@ -987,7 +998,7 @@ QString KSSLCertificate::getNotBefore() const { + + QString KSSLCertificate::getNotAfter() const { + #ifdef KSSL_HAVE_SSL +- return ASN1_UTCTIME_QString(X509_get_notAfter(d->m_cert)); ++ return ASN1_UTCTIME_QString(d->kossl->X509_getm_notAfter(d->m_cert)); + #else + return QString(); + #endif +@@ -996,7 +1007,7 @@ QString KSSLCertificate::getNotAfter() const { + + QDateTime KSSLCertificate::getQDTNotBefore() const { + #ifdef KSSL_HAVE_SSL +- return ASN1_UTCTIME_QDateTime(X509_get_notBefore(d->m_cert), NULL); ++ return ASN1_UTCTIME_QDateTime(d->kossl->X509_getm_notBefore(d->m_cert), NULL); + #else + return QDateTime::currentDateTime(); + #endif +@@ -1005,7 +1016,7 @@ QDateTime KSSLCertificate::getQDTNotBefore() const { + + QDateTime KSSLCertificate::getQDTNotAfter() const { + #ifdef KSSL_HAVE_SSL +- return ASN1_UTCTIME_QDateTime(X509_get_notAfter(d->m_cert), NULL); ++ return ASN1_UTCTIME_QDateTime(d->kossl->X509_getm_notAfter(d->m_cert), NULL); + #else + return QDateTime::currentDateTime(); + #endif +@@ -1210,7 +1221,8 @@ typedef struct NETSCAPE_X509_st + // what a piece of crap this is + QByteArray KSSLCertificate::toNetscape() { + QByteArray qba; +-#ifdef KSSL_HAVE_SSL ++ // no equivalent in OpenSSL 1.1.0 (?), so behave as if we had no OpenSSL at all ++#if KSSL_HAVE_SSL && OPENSSL_VERSION_NUMBER < 0x10100000L + NETSCAPE_X509 nx; + ASN1_OCTET_STRING hdr; + KTemporaryFile ktf; +@@ -1293,10 +1305,10 @@ QStringList KSSLCertificate::subjAltNames() const { + return rc; + } + +- int cnt = d->kossl->sk_GENERAL_NAME_num(names); ++ int cnt = d->kossl->OPENSSL_sk_num((STACK *)names); + + for (int i = 0; i < cnt; i++) { +- const GENERAL_NAME *val = (const GENERAL_NAME *)d->kossl->sk_value(names, i); ++ const GENERAL_NAME *val = (const GENERAL_NAME *)d->kossl->OPENSSL_sk_value(names, i); + if (val->type != GEN_DNS) { + continue; + } +@@ -1308,7 +1320,7 @@ QStringList KSSLCertificate::subjAltNames() const { + rc += s; + } + } +- d->kossl->sk_free(names); ++ d->kossl->OPENSSL_sk_free(names); + #endif + return rc; + } +-- +2.13.6 + + diff --git a/source/kde/patch/kdelibs/kdelibs-openssl-1.1.patch b/source/kde/patch/kdelibs/kdelibs-openssl-1.1.patch deleted file mode 100644 index 1f6b7fcb..00000000 --- a/source/kde/patch/kdelibs/kdelibs-openssl-1.1.patch +++ /dev/null @@ -1,4007 +0,0 @@ ---- kdelibs-4.14.26/kio/CMakeLists.txt.omv~ 2016-11-14 22:38:29.427137096 +0100 -+++ kdelibs-4.14.26/kio/CMakeLists.txt 2016-11-14 22:39:21.476667341 +0100 -@@ -325,6 +325,7 @@ install(FILES kssl/ksslcertificatemanage - DESTINATION ${DATA_INSTALL_DIR}/kconf_update) - - kde4_add_library(kio ${LIBRARY_TYPE} ${kio_LIB_SRCS}) -+target_link_libraries(kio -lssl -lcrypto) - - if(NOT KIO_NO_NEPOMUK) - kde4_add_executable(kfilemetadatareader ${kfilemetadatareaderprocess_SRCS}) ---- kdelibs-4.14.26/kio/kssl/kopenssl.cpp.omv~ 2016-11-07 00:11:51.000000000 +0100 -+++ kdelibs-4.14.26/kio/kssl/kopenssl.cpp 2016-11-14 22:11:02.355008887 +0100 -@@ -18,223 +18,52 @@ - - #include "kopenssl.h" - --#include <config.h> - #include <ksslconfig.h> - --#ifdef KSSL_HAVE_SSL -+#if KSSL_HAVE_SSL - #include <openssl/opensslv.h> -+#include <openssl/err.h> - #endif - --#include <kdebug.h> - #include <kconfig.h> - #include <kconfiggroup.h> --#include <klibrary.h> - #include <QtCore/QCoreApplication> - #include <QtCore/QFile> -+#include <QtCore/QLibrary> - #include <QtCore/QRegExp> - -- --#include <stdio.h> --#include <unistd.h> -- --extern "C" { --#ifdef KSSL_HAVE_SSL --static int (*K_SSL_connect) (SSL *) = 0L; --static int (*K_SSL_accept) (SSL *) = 0L; --static int (*K_SSL_read) (SSL *, void *, int) = 0L; --static int (*K_SSL_write) (SSL *, const void *, int) = 0L; --static SSL *(*K_SSL_new) (SSL_CTX *) = 0L; --static void (*K_SSL_free) (SSL *) = 0L; --static int (*K_SSL_shutdown) (SSL *) = 0L; --static SSL_CTX *(*K_SSL_CTX_new)(SSL_METHOD *) = 0L; --static void (*K_SSL_CTX_free) (SSL_CTX *) = 0L; --static int (*K_SSL_set_fd) (SSL *, int) = 0L; --static int (*K_SSL_pending) (SSL *) = 0L; --static int (*K_SSL_peek) (SSL *, void *, int) = 0L; --static int (*K_SSL_CTX_set_cipher_list)(SSL_CTX *, const char *) = 0L; --static void (*K_SSL_CTX_set_verify)(SSL_CTX *, int, -- int (*)(int, X509_STORE_CTX *)) = 0L; --static int (*K_SSL_use_certificate)(SSL *, X509 *) = 0L; --static SSL_CIPHER *(*K_SSL_get_current_cipher)(SSL *) = 0L; --static long (*K_SSL_ctrl) (SSL *,int, long, char *) = 0L; --static int (*K_RAND_egd) (const char *) = 0L; --static const char* (*K_RAND_file_name) (char *, size_t) = 0L; --static int (*K_RAND_load_file) (const char *, long) = 0L; --static int (*K_RAND_write_file) (const char *) = 0L; --static SSL_METHOD * (*K_TLSv1_client_method) () = 0L; --static SSL_METHOD * (*K_SSLv23_client_method) () = 0L; --static X509 * (*K_SSL_get_peer_certificate) (SSL *) = 0L; --static int (*K_SSL_CIPHER_get_bits) (SSL_CIPHER *,int *) = 0L; --static char * (*K_SSL_CIPHER_get_version) (SSL_CIPHER *) = 0L; --static const char * (*K_SSL_CIPHER_get_name) (SSL_CIPHER *) = 0L; --static char * (*K_SSL_CIPHER_description) (SSL_CIPHER *, char *, int) = 0L; --static X509 * (*K_d2i_X509) (X509 **,unsigned char **,long) = 0L; --static int (*K_i2d_X509) (X509 *,unsigned char **) = 0L; --static int (*K_X509_cmp) (X509 *, X509 *) = 0L; --static void (*K_X509_STORE_CTX_free) (X509_STORE_CTX *) = 0L; --static int (*K_X509_verify_cert) (X509_STORE_CTX *) = 0L; --static X509_STORE_CTX *(*K_X509_STORE_CTX_new) (void) = 0L; --static void (*K_X509_STORE_free) (X509_STORE *) = 0L; --static X509_STORE *(*K_X509_STORE_new) (void) = 0L; --static void (*K_X509_free) (X509 *) = 0L; --static char *(*K_X509_NAME_oneline) (X509_NAME *,char *,int) = 0L; --static X509_NAME *(*K_X509_get_subject_name) (X509 *) = 0L; --static X509_NAME *(*K_X509_get_issuer_name) (X509 *) = 0L; --static X509_LOOKUP *(*K_X509_STORE_add_lookup) (X509_STORE *, X509_LOOKUP_METHOD *) = 0L; --static X509_LOOKUP_METHOD *(*K_X509_LOOKUP_file)(void) = 0L; --static void (*K_X509_LOOKUP_free)(X509_LOOKUP *) = 0L; --static int (*K_X509_LOOKUP_ctrl)(X509_LOOKUP *, int, const char *, long, char **) = 0L; --static void (*K_X509_STORE_CTX_init)(X509_STORE_CTX *, X509_STORE *, X509 *, STACK_OF(X509) *) = 0L; --static void (*K_CRYPTO_free) (void *) = 0L; --static X509* (*K_X509_dup) (X509 *) = 0L; --static BIO_METHOD *(*K_BIO_s_mem) (void) = 0L; --static BIO* (*K_BIO_new) (BIO_METHOD *) = 0L; --static BIO* (*K_BIO_new_fp) (FILE *, int) = 0L; --static BIO* (*K_BIO_new_mem_buf) (void *, int) = 0L; --static int (*K_BIO_free) (BIO *) = 0L; --static long (*K_BIO_ctrl) (BIO *,int,long,void *) = 0L; --static int (*K_BIO_write) (BIO *b, const void *data, int len) = 0L; --static int (*K_PEM_ASN1_write_bio) (int (*)(),const char *,BIO *,char *, -- const EVP_CIPHER *,unsigned char *,int , -- pem_password_cb *, void *) = 0L; --static int (*K_ASN1_item_i2d_fp)(ASN1_ITEM *,FILE *,unsigned char *) = 0L; --static ASN1_ITEM *K_NETSCAPE_X509_it = 0L; --static int (*K_X509_print_fp) (FILE *, X509*) = 0L; --static int (*K_i2d_PKCS12) (PKCS12*, unsigned char**) = 0L; --static int (*K_i2d_PKCS12_fp) (FILE *, PKCS12*) = 0L; --static int (*K_PKCS12_newpass) (PKCS12*, char*, char*) = 0L; --static PKCS12* (*K_d2i_PKCS12_fp) (FILE*, PKCS12**) = 0L; --static PKCS12* (*K_PKCS12_new) (void) = 0L; --static void (*K_PKCS12_free) (PKCS12 *) = 0L; --static int (*K_PKCS12_parse) (PKCS12*, const char *, EVP_PKEY**, -- X509**, STACK_OF(X509)**) = 0L; --static void (*K_EVP_PKEY_free) (EVP_PKEY *) = 0L; --static EVP_PKEY* (*K_EVP_PKEY_new) () = 0L; --static void (*K_X509_REQ_free) (X509_REQ *) = 0L; --static X509_REQ* (*K_X509_REQ_new) () = 0L; --static int (*K_SSL_CTX_use_PrivateKey) (SSL_CTX*, EVP_PKEY*) = 0L; --static int (*K_SSL_CTX_use_certificate) (SSL_CTX*, X509*) = 0L; --static int (*K_SSL_get_error) (SSL*, int) = 0L; --static STACK_OF(X509)* (*K_SSL_get_peer_cert_chain) (SSL*) = 0L; --static void (*K_X509_STORE_CTX_set_chain) (X509_STORE_CTX *, STACK_OF(X509)*) = 0L; --static void (*K_X509_STORE_CTX_set_purpose) (X509_STORE_CTX *, int) = 0L; --static void (*K_sk_free) (STACK*) = 0L; --static int (*K_sk_num) (STACK*) = 0L; --static char* (*K_sk_pop) (STACK*) = 0L; --static char* (*K_sk_value) (STACK*, int) = 0L; --static STACK* (*K_sk_new) (int (*)()) = 0L; --static int (*K_sk_push) (STACK*, char*) = 0L; --static STACK* (*K_sk_dup) (STACK *) = 0L; --static char * (*K_i2s_ASN1_INTEGER) (X509V3_EXT_METHOD *, ASN1_INTEGER *) =0L; --static ASN1_INTEGER * (*K_X509_get_serialNumber) (X509 *) = 0L; --static EVP_PKEY *(*K_X509_get_pubkey)(X509 *) = 0L; --static int (*K_i2d_PublicKey)(EVP_PKEY *, unsigned char **) = 0L; --static int (*K_X509_check_private_key)(X509 *, EVP_PKEY *) = 0L; --static char * (*K_BN_bn2hex)(const BIGNUM *) = 0L; --static int (*K_X509_digest)(const X509 *,const EVP_MD *, unsigned char *, unsigned int *) = 0L; --static EVP_MD* (*K_EVP_md5)() = 0L; --static void (*K_ASN1_INTEGER_free)(ASN1_INTEGER *) = 0L; --static int (*K_OBJ_obj2nid)(ASN1_OBJECT *) = 0L; --static const char * (*K_OBJ_nid2ln)(int) = 0L; --static int (*K_X509_get_ext_count)(X509*) = 0L; --static int (*K_X509_get_ext_by_NID)(X509*, int, int) = 0L; --static int (*K_X509_get_ext_by_OBJ)(X509*,ASN1_OBJECT*,int) = 0L; --static X509_EXTENSION *(*K_X509_get_ext)(X509*, int loc) = 0L; --static X509_EXTENSION *(*K_X509_delete_ext)(X509*, int) = 0L; --static int (*K_X509_add_ext)(X509*, X509_EXTENSION*, int) = 0L; --static void *(*K_X509_get_ext_d2i)(X509*, int, int*, int*) = 0L; --static char *(*K_i2s_ASN1_OCTET_STRING)(X509V3_EXT_METHOD*, ASN1_OCTET_STRING*) = 0L; --static int (*K_ASN1_BIT_STRING_get_bit)(ASN1_BIT_STRING*, int) = 0L; --static PKCS7 *(*K_PKCS7_new)() = 0L; --static void (*K_PKCS7_free)(PKCS7*) = 0L; --static void (*K_PKCS7_content_free)(PKCS7*) = 0L; --static int (*K_i2d_PKCS7)(PKCS7*, unsigned char**) = 0L; --static PKCS7 *(*K_d2i_PKCS7)(PKCS7**, unsigned char**,long) = 0L; --static int (*K_i2d_PKCS7_fp)(FILE*,PKCS7*) = 0L; --static PKCS7* (*K_d2i_PKCS7_fp)(FILE*,PKCS7**) = 0L; --static int (*K_i2d_PKCS7_bio)(BIO *bp,PKCS7 *p7) = 0L; --static PKCS7 *(*K_d2i_PKCS7_bio)(BIO *bp,PKCS7 **p7) = 0L; --static PKCS7* (*K_PKCS7_dup)(PKCS7*) = 0L; --static STACK_OF(X509_NAME) *(*K_SSL_load_client_CA_file)(const char*) = 0L; --static STACK_OF(X509_INFO) *(*K_PEM_X509_INFO_read)(FILE*, STACK_OF(X509_INFO)*, pem_password_cb*, void*) = 0L; --static char *(*K_ASN1_d2i_fp)(char *(*)(),char *(*)(),FILE*,unsigned char**) = 0L; --static X509 *(*K_X509_new)() = 0L; --static int (*K_X509_PURPOSE_get_count)() = 0L; --static int (*K_X509_PURPOSE_get_id)(X509_PURPOSE *) = 0L; --static int (*K_X509_check_purpose)(X509*,int,int) = 0L; --static X509_PURPOSE* (*K_X509_PURPOSE_get0)(int) = 0L; --static int (*K_EVP_PKEY_assign)(EVP_PKEY*, int, char*) = 0L; --static int (*K_X509_REQ_set_pubkey)(X509_REQ*, EVP_PKEY*) = 0L; --static RSA *(*K_RSA_generate_key)(int, unsigned long, void (*)(int,int,void *), void *) = 0L; --static int (*K_i2d_X509_REQ_fp)(FILE*, X509_REQ*) = 0L; --static void (*K_ERR_clear_error)() = 0L; --static unsigned long (*K_ERR_get_error)() = 0L; --static void (*K_ERR_print_errors_fp)(FILE*) = 0L; --static PKCS7 *(*K_PKCS7_sign)(X509*, EVP_PKEY*, STACK_OF(X509)*, BIO*, int) = 0L; --static int (*K_PKCS7_verify)(PKCS7*,STACK_OF(X509)*,X509_STORE*,BIO*,BIO*,int) = 0L; --static STACK_OF(X509) *(*K_PKCS7_get0_signers)(PKCS7 *, STACK_OF(X509) *, int) = 0L; --static PKCS7 *(*K_PKCS7_encrypt)(STACK_OF(X509) *, BIO *, EVP_CIPHER *, int) = 0L; --static int (*K_PKCS7_decrypt)(PKCS7 *, EVP_PKEY *, X509 *, BIO *, int) = 0L; --static SSL_SESSION* (*K_SSL_get1_session)(SSL*) = 0L; --static void (*K_SSL_SESSION_free)(SSL_SESSION*) = 0L; --static int (*K_SSL_set_session)(SSL*,SSL_SESSION*) = 0L; --static SSL_SESSION* (*K_d2i_SSL_SESSION)(SSL_SESSION**,unsigned char**, long) = 0L; --static int (*K_i2d_SSL_SESSION)(SSL_SESSION*,unsigned char**) = 0L; --static STACK *(*K_X509_get1_email)(X509 *x) = 0L; --static void (*K_X509_email_free)(STACK *sk) = 0L; --static EVP_CIPHER *(*K_EVP_des_ede3_cbc)() = 0L; --static EVP_CIPHER *(*K_EVP_des_cbc)() = 0L; --static EVP_CIPHER *(*K_EVP_rc2_cbc)() = 0L; --static EVP_CIPHER *(*K_EVP_rc2_64_cbc)() = 0L; --static EVP_CIPHER *(*K_EVP_rc2_40_cbc)() = 0L; --static int (*K_i2d_PrivateKey_fp)(FILE*,EVP_PKEY*) = 0L; --static int (*K_i2d_PKCS8PrivateKey_fp)(FILE*, EVP_PKEY*, const EVP_CIPHER*, char*, int, pem_password_cb*, void*) = 0L; --static void (*K_RSA_free)(RSA*) = 0L; --static EVP_CIPHER *(*K_EVP_bf_cbc)() = 0L; --static int (*K_X509_REQ_sign)(X509_REQ*, EVP_PKEY*, const EVP_MD*) = 0L; --static int (*K_X509_NAME_add_entry_by_txt)(X509_NAME*, char*, int, unsigned char*, int, int, int) = 0L; --static X509_NAME *(*K_X509_NAME_new)() = 0L; --static int (*K_X509_REQ_set_subject_name)(X509_REQ*,X509_NAME*) = 0L; --static unsigned char *(*K_ASN1_STRING_data)(ASN1_STRING*) = 0L; --static int (*K_ASN1_STRING_length)(ASN1_STRING*) = 0L; --static STACK_OF(SSL_CIPHER) *(*K_SSL_get_ciphers)(const SSL *ssl) = 0L; -- --#endif --} -- -- - class KOpenSSLProxyPrivate - { - public: -- KOpenSSLProxyPrivate() -- : sslLib(0), cryptoLib(0), ok(false) -- {} -- -- KLibrary *sslLib; -- KLibrary *cryptoLib; -- bool ok; -- -- static KOpenSSLProxy *sSelf; -- static void cleanupKOpenSSLProxy() { -- delete KOpenSSLProxyPrivate::sSelf; -- } -+ KOpenSSLProxyPrivate() -+ : ok(true) -+ {} -+ -+ bool ok; -+ -+ static KOpenSSLProxy *sSelf; -+ static void cleanupKOpenSSLProxy() -+ { -+ delete KOpenSSLProxyPrivate::sSelf; -+ } - }; - KOpenSSLProxy *KOpenSSLProxyPrivate::sSelf = 0; - --bool KOpenSSLProxy::hasLibSSL() const { -- return d->sslLib != 0L; -+bool KOpenSSLProxy::hasLibSSL() const -+{ -+ return true; - } - -- --bool KOpenSSLProxy::hasLibCrypto() const { -- return d->cryptoLib != 0L; -+bool KOpenSSLProxy::hasLibCrypto() const -+{ -+ return true; - } - -- --void KOpenSSLProxy::destroy() { -- KOpenSSLProxy *x = KOpenSSLProxyPrivate::sSelf; -- KOpenSSLProxyPrivate::sSelf = 0; -- delete x; -+void KOpenSSLProxy::destroy() -+{ -+ KOpenSSLProxy *x = KOpenSSLProxyPrivate::sSelf; -+ KOpenSSLProxyPrivate::sSelf = 0; -+ delete x; - } - - #ifdef __OpenBSD__ -@@ -244,1347 +73,842 @@ void KOpenSSLProxy::destroy() { - - static QString findMostRecentLib(QString dir, QString name) - { -- // Grab all shared libraries in the directory -- QString filter = "lib"+name+".so.*"; -- QDir d(dir, filter); -- if (!d.exists()) -- return 0L; -- QStringList l = d.entryList(); -- -- // Find the best one -- int bestmaj = -1; -- int bestmin = -1; -- QString best = 0L; -- // where do we start -- uint s = filter.length()-1; -- for (QStringList::const_iterator it = l.begin(); it != l.end(); ++it) { -- QString numberpart = (*it).mid(s); -- uint endmaj = numberpart.indexOf('.'); -- if (endmaj == -1) -- continue; -- bool ok; -- int maj = numberpart.left(endmaj).toInt(&ok); -- if (!ok) -- continue; -- int min = numberpart.mid(endmaj+1).toInt(&ok); -- if (!ok) -- continue; -- if (maj > bestmaj || (maj == bestmaj && min > bestmin)) { -- bestmaj = maj; -- bestmin = min; -- best = (*it); -- } -- } -- if (best.isNull()) -- return 0L; -- else -- return dir+'/'+best; -+ // Grab all shared libraries in the directory -+ QString filter = "lib" + name + ".so.*"; -+ QDir d(dir, filter); -+ if (!d.exists()) { -+ return 0L; -+ } -+ QStringList l = d.entryList(); -+ -+ // Find the best one -+ int bestmaj = -1; -+ int bestmin = -1; -+ QString best = 0L; -+ // where do we start -+ uint s = filter.length() - 1; -+ for (QStringList::const_iterator it = l.begin(); it != l.end(); ++it) { -+ QString numberpart = (*it).mid(s); -+ uint endmaj = numberpart.indexOf('.'); -+ if (endmaj == -1) { -+ continue; -+ } -+ bool ok; -+ int maj = numberpart.left(endmaj).toInt(&ok); -+ if (!ok) { -+ continue; -+ } -+ int min = numberpart.mid(endmaj + 1).toInt(&ok); -+ if (!ok) { -+ continue; -+ } -+ if (maj > bestmaj || (maj == bestmaj && min > bestmin)) { -+ bestmaj = maj; -+ bestmin = min; -+ best = (*it); -+ } -+ } -+ if (best.isNull()) { -+ return 0L; -+ } else { -+ return dir + '/' + best; -+ } - } - #endif - - KOpenSSLProxy::KOpenSSLProxy() - : d(new KOpenSSLProxyPrivate()) - { -- QStringList libpaths, libnamesc, libnamess; -- -- d->cryptoLib = 0L; -- d->sslLib = 0L; -- -- KConfig cfg("cryptodefaults", KConfig::NoGlobals ); -- KConfigGroup cg(&cfg, "OpenSSL"); -- QString upath = cg.readPathEntry("Path", QString()); -- if (!upath.isEmpty()) -- libpaths << upath; -- --#ifdef Q_OS_WIN -- d->cryptoLib = new KLibrary("libeay32.dll"); -- if (!d->cryptoLib->load()) { -- delete d->cryptoLib; -- d->cryptoLib = 0; -- } --#elif defined(__OpenBSD__) -- { -- QString libname = findMostRecentLib("/usr/lib" KDELIBSUFF, "crypto"); -- if (!libname.isNull()) { -- d->cryptoLib = new KLibrary(libname); -- d->cryptoLib->setLoadHints(QLibrary::ExportExternalSymbolsHint); -- if (!d->cryptoLib->load()) { -- delete d->cryptoLib; -- d->cryptoLib = 0; -- } -- } -- } --#elif defined(__CYGWIN__) -- libpaths << "/usr/bin/" -- << ""; -- -- libnamess << "cygssl-0.9.8.dll" -- << "cygssl-0.9.7.dll" -- << ""; -- -- libnamesc << "cygcrypto-0.9.8.dll" -- << "cygcrypto-0.9.7.dll" -- << ""; --#else -- libpaths -- #ifdef _AIX -- << "/opt/freeware/lib/" -- #endif -- << "/usr/lib" KDELIBSUFF "/" -- << "/usr/ssl/lib" KDELIBSUFF "/" -- << "/usr/local/lib" KDELIBSUFF "/" -- << "/usr/local/openssl/lib" KDELIBSUFF "/" -- << "/usr/local/ssl/lib" KDELIBSUFF "/" -- << "/opt/openssl/lib" KDELIBSUFF "/" -- << "/lib" KDELIBSUFF "/" -- << ""; -- --// FIXME: #define here for the various OS types to optimize -- libnamess -- #ifdef hpux -- << "libssl.sl" -- #elif defined(_AIX) -- << "libssl.a(libssl.so.0)" -- #elif defined(__APPLE__) -- << "libssl.dylib" -- << "libssl.0.9.dylib" -- #else -- #ifdef SHLIB_VERSION_NUMBER -- << "libssl.so." SHLIB_VERSION_NUMBER -- #endif -- << "libssl.so" -- << "libssl.so.0" -- #endif -- ; -- -- libnamesc -- #ifdef hpux -- << "libcrypto.sl" -- #elif defined(_AIX) -- << "libcrypto.a(libcrypto.so.0)" -- #elif defined(__APPLE__) -- << "libcrypto.dylib" -- << "libcrypto.0.9.dylib" -- #else -- #ifdef SHLIB_VERSION_NUMBER -- << "libcrypto.so." SHLIB_VERSION_NUMBER -- #endif -- << "libcrypto.so" -- << "libcrypto.so.0" -- #endif -- ; --#endif -- -- for (QStringList::const_iterator it = libpaths.constBegin(); -- it != libpaths.constEnd(); -- ++it) { -- for (QStringList::const_iterator shit = libnamesc.constBegin(); -- shit != libnamesc.constEnd(); -- ++shit) { -- QString alib = *it; -- if (!alib.isEmpty() && !alib.endsWith('/')) -- alib += '/'; -- alib += *shit; -- // someone knows why this is needed? -- QString tmpStr(alib.toLatin1().constData()); -- tmpStr.remove(QRegExp("\\(.*\\)")); -- if (!access(tmpStr.toLatin1(), R_OK)) { -- d->cryptoLib = new KLibrary(alib); -- d->cryptoLib->setLoadHints(QLibrary::ExportExternalSymbolsHint); -- } -- if (d->cryptoLib && d->cryptoLib->load()) { -- break; -- } -- else { -- delete d->cryptoLib; -- d->cryptoLib = 0; -- } -- } -- if (d->cryptoLib) break; -- } -- -- if (d->cryptoLib) { --#ifdef KSSL_HAVE_SSL -- K_X509_free = (void (*) (X509 *)) d->cryptoLib->resolveFunction("X509_free"); -- K_RAND_egd = (int (*)(const char *)) d->cryptoLib->resolveFunction("RAND_egd"); -- K_RAND_load_file = (int (*)(const char *, long)) d->cryptoLib->resolveFunction("RAND_load_file"); -- K_RAND_file_name = (const char* (*)(char *, size_t)) d->cryptoLib->resolveFunction("RAND_file_name"); -- K_RAND_write_file = (int (*)(const char *)) d->cryptoLib->resolveFunction("RAND_write_file"); -- K_CRYPTO_free = (void (*) (void *)) d->cryptoLib->resolveFunction("CRYPTO_free"); -- K_d2i_X509 = (X509 * (*)(X509 **,unsigned char **,long)) d->cryptoLib->resolveFunction("d2i_X509"); -- K_i2d_X509 = (int (*)(X509 *,unsigned char **)) d->cryptoLib->resolveFunction("i2d_X509"); -- K_X509_cmp = (int (*)(X509 *, X509 *)) d->cryptoLib->resolveFunction("X509_cmp"); -- K_X509_STORE_CTX_new = (X509_STORE_CTX * (*) (void)) d->cryptoLib->resolveFunction("X509_STORE_CTX_new"); -- K_X509_STORE_CTX_free = (void (*) (X509_STORE_CTX *)) d->cryptoLib->resolveFunction("X509_STORE_CTX_free"); -- K_X509_verify_cert = (int (*) (X509_STORE_CTX *)) d->cryptoLib->resolveFunction("X509_verify_cert"); -- K_X509_STORE_new = (X509_STORE * (*) (void)) d->cryptoLib->resolveFunction("X509_STORE_new"); -- K_X509_STORE_free = (void (*) (X509_STORE *)) d->cryptoLib->resolveFunction("X509_STORE_free"); -- K_X509_NAME_oneline = (char * (*) (X509_NAME *,char *,int)) d->cryptoLib->resolveFunction("X509_NAME_oneline"); -- K_X509_get_subject_name = (X509_NAME * (*) (X509 *)) d->cryptoLib->resolveFunction("X509_get_subject_name"); -- K_X509_get_issuer_name = (X509_NAME * (*) (X509 *)) d->cryptoLib->resolveFunction("X509_get_issuer_name"); -- K_X509_STORE_add_lookup = (X509_LOOKUP *(*) (X509_STORE *, X509_LOOKUP_METHOD *)) d->cryptoLib->resolveFunction("X509_STORE_add_lookup"); -- K_X509_LOOKUP_file = (X509_LOOKUP_METHOD *(*)(void)) d->cryptoLib->resolveFunction("X509_LOOKUP_file"); -- K_X509_LOOKUP_free = (void (*)(X509_LOOKUP *)) d->cryptoLib->resolveFunction("X509_LOOKUP_free"); -- K_X509_LOOKUP_ctrl = (int (*)(X509_LOOKUP *, int, const char *, long, char **)) d->cryptoLib->resolveFunction("X509_LOOKUP_ctrl"); -- K_X509_STORE_CTX_init = (void (*)(X509_STORE_CTX *, X509_STORE *, X509 *, STACK_OF(X509) *)) d->cryptoLib->resolveFunction("X509_STORE_CTX_init"); -- K_X509_dup = (X509* (*)(X509*)) d->cryptoLib->resolveFunction("X509_dup"); -- K_BIO_s_mem = (BIO_METHOD *(*) (void)) d->cryptoLib->resolveFunction("BIO_s_mem"); -- K_BIO_new = (BIO* (*)(BIO_METHOD *)) d->cryptoLib->resolveFunction("BIO_new"); -- K_BIO_new_fp = (BIO* (*)(FILE*, int)) d->cryptoLib->resolveFunction("BIO_new_fp"); -- K_BIO_new_mem_buf = (BIO* (*)(void *, int)) d->cryptoLib->resolveFunction("BIO_new_mem_buf"); -- K_BIO_free = (int (*)(BIO*)) d->cryptoLib->resolveFunction("BIO_free"); -- K_BIO_ctrl = (long (*) (BIO *,int,long,void *)) d->cryptoLib->resolveFunction("BIO_ctrl"); -- K_BIO_write = (int (*) (BIO *b, const void *data, int len)) d->cryptoLib->resolveFunction("BIO_write"); -- K_PEM_ASN1_write_bio = (int (*)(int (*)(), const char *,BIO*, char*, const EVP_CIPHER *, unsigned char *, int, pem_password_cb *, void *)) d->cryptoLib->resolveFunction("PEM_ASN1_write_bio"); -- K_ASN1_item_i2d_fp = (int (*)(ASN1_ITEM *, FILE*, unsigned char *)) -- d->cryptoLib->resolveFunction("ASN1_item_i2d_fp"); -- K_NETSCAPE_X509_it = (ASN1_ITEM *) d->cryptoLib->resolveFunction("NETSCAPE_X509_it"); -- K_X509_print_fp = (int (*)(FILE*, X509*)) d->cryptoLib->resolveFunction("X509_print_fp"); -- K_i2d_PKCS12 = (int (*)(PKCS12*, unsigned char**)) d->cryptoLib->resolveFunction("i2d_PKCS12"); -- K_i2d_PKCS12_fp = (int (*)(FILE *, PKCS12*)) d->cryptoLib->resolveFunction("i2d_PKCS12_fp"); -- K_PKCS12_newpass = (int (*)(PKCS12*, char*, char*)) d->cryptoLib->resolveFunction("PKCS12_newpass"); -- K_d2i_PKCS12_fp = (PKCS12* (*)(FILE*, PKCS12**)) d->cryptoLib->resolveFunction("d2i_PKCS12_fp"); -- K_PKCS12_new = (PKCS12* (*)()) d->cryptoLib->resolveFunction("PKCS12_new"); -- K_PKCS12_free = (void (*)(PKCS12 *)) d->cryptoLib->resolveFunction("PKCS12_free"); -- K_PKCS12_parse = (int (*)(PKCS12*, const char *, EVP_PKEY**, -- X509**, STACK_OF(X509)**)) d->cryptoLib->resolveFunction("PKCS12_parse"); -- K_EVP_PKEY_free = (void (*) (EVP_PKEY *)) d->cryptoLib->resolveFunction("EVP_PKEY_free"); -- K_EVP_PKEY_new = (EVP_PKEY* (*)()) d->cryptoLib->resolveFunction("EVP_PKEY_new"); -- K_X509_REQ_free = (void (*)(X509_REQ*)) d->cryptoLib->resolveFunction("X509_REQ_free"); -- K_X509_REQ_new = (X509_REQ* (*)()) d->cryptoLib->resolveFunction("X509_REQ_new"); -- K_X509_STORE_CTX_set_chain = (void (*)(X509_STORE_CTX *, STACK_OF(X509)*)) d->cryptoLib->resolveFunction("X509_STORE_CTX_set_chain"); -- K_X509_STORE_CTX_set_purpose = (void (*)(X509_STORE_CTX *, int)) d->cryptoLib->resolveFunction("X509_STORE_CTX_set_purpose"); -- K_sk_free = (void (*) (STACK *)) d->cryptoLib->resolveFunction("sk_free"); -- K_sk_num = (int (*) (STACK *)) d->cryptoLib->resolveFunction("sk_num"); -- K_sk_pop = (char* (*) (STACK *)) d->cryptoLib->resolveFunction("sk_pop"); -- K_sk_value = (char* (*) (STACK *, int)) d->cryptoLib->resolveFunction("sk_value"); -- K_sk_new = (STACK* (*) (int (*)())) d->cryptoLib->resolveFunction("sk_new"); -- K_sk_push = (int (*) (STACK*, char*)) d->cryptoLib->resolveFunction("sk_push"); -- K_sk_dup = (STACK* (*) (STACK *)) d->cryptoLib->resolveFunction("sk_dup"); -- K_i2s_ASN1_INTEGER = (char *(*) (X509V3_EXT_METHOD *, ASN1_INTEGER *)) d->cryptoLib->resolveFunction("i2s_ASN1_INTEGER"); -- K_X509_get_serialNumber = (ASN1_INTEGER * (*) (X509 *)) d->cryptoLib->resolveFunction("X509_get_serialNumber"); -- K_X509_get_pubkey = (EVP_PKEY *(*)(X509 *)) d->cryptoLib->resolveFunction("X509_get_pubkey"); -- K_i2d_PublicKey = (int (*)(EVP_PKEY *, unsigned char **)) d->cryptoLib->resolveFunction("i2d_PublicKey"); -- K_X509_check_private_key = (int (*)(X509 *, EVP_PKEY *)) d->cryptoLib->resolveFunction("X509_check_private_key"); -- K_BN_bn2hex = (char *(*)(const BIGNUM *)) d->cryptoLib->resolveFunction("BN_bn2hex"); -- K_X509_digest = (int (*)(const X509 *,const EVP_MD *, unsigned char *, unsigned int *)) d->cryptoLib->resolveFunction("X509_digest"); -- K_EVP_md5 = (EVP_MD *(*)()) d->cryptoLib->resolveFunction("EVP_md5"); -- K_ASN1_INTEGER_free = (void (*)(ASN1_INTEGER *)) d->cryptoLib->resolveFunction("ASN1_INTEGER_free"); -- K_OBJ_obj2nid = (int (*)(ASN1_OBJECT *)) d->cryptoLib->resolveFunction("OBJ_obj2nid"); -- K_OBJ_nid2ln = (const char *(*)(int)) d->cryptoLib->resolveFunction("OBJ_nid2ln"); -- K_X509_get_ext_count = (int (*)(X509*)) d->cryptoLib->resolveFunction("X509_get_ext_count"); -- K_X509_get_ext_by_NID = (int (*)(X509*,int,int)) d->cryptoLib->resolveFunction("X509_get_ext_by_NID"); -- K_X509_get_ext_by_OBJ = (int (*)(X509*,ASN1_OBJECT*,int)) d->cryptoLib->resolveFunction("X509_get_ext_by_OBJ"); -- K_X509_get_ext = (X509_EXTENSION* (*)(X509*,int)) d->cryptoLib->resolveFunction("X509_get_ext"); -- K_X509_delete_ext = (X509_EXTENSION* (*)(X509*,int)) d->cryptoLib->resolveFunction("X509_delete_ext"); -- K_X509_add_ext = (int (*)(X509*,X509_EXTENSION*,int)) d->cryptoLib->resolveFunction("X509_add_ext"); -- K_X509_get_ext_d2i = (void* (*)(X509*,int,int*,int*)) d->cryptoLib->resolveFunction("X509_get_ext_d2i"); -- K_i2s_ASN1_OCTET_STRING = (char *(*)(X509V3_EXT_METHOD*,ASN1_OCTET_STRING*)) d->cryptoLib->resolveFunction("i2s_ASN1_OCTET_STRING"); -- K_ASN1_BIT_STRING_get_bit = (int (*)(ASN1_BIT_STRING*,int)) d->cryptoLib->resolveFunction("ASN1_BIT_STRING_get_bit"); -- K_PKCS7_new = (PKCS7 *(*)()) d->cryptoLib->resolveFunction("PKCS7_new"); -- K_PKCS7_free = (void (*)(PKCS7*)) d->cryptoLib->resolveFunction("PKCS7_free"); -- K_PKCS7_content_free = (void (*)(PKCS7*)) d->cryptoLib->resolveFunction("PKCS7_content_free"); -- K_i2d_PKCS7 = (int (*)(PKCS7*, unsigned char**)) d->cryptoLib->resolveFunction("i2d_PKCS7"); -- K_i2d_PKCS7_fp = (int (*)(FILE*,PKCS7*)) d->cryptoLib->resolveFunction("i2d_PKCS7_fp"); -- K_i2d_PKCS7_bio = (int (*)(BIO *bp,PKCS7 *p7)) d->cryptoLib->resolveFunction("i2d_PKCS7_bio"); -- K_d2i_PKCS7 = (PKCS7* (*)(PKCS7**,unsigned char**,long)) d->cryptoLib->resolveFunction("d2i_PKCS7"); -- K_d2i_PKCS7_fp = (PKCS7 *(*)(FILE *,PKCS7**)) d->cryptoLib->resolveFunction("d2i_PKCS7_fp"); -- K_d2i_PKCS7_bio = (PKCS7 *(*)(BIO *bp,PKCS7 **p7)) d->cryptoLib->resolveFunction("d2i_PKCS7_bio"); -- K_PKCS7_dup = (PKCS7* (*)(PKCS7*)) d->cryptoLib->resolveFunction("PKCS7_dup"); -- K_PKCS7_sign = (PKCS7 *(*)(X509*, EVP_PKEY*, STACK_OF(X509)*, BIO*, int)) d->cryptoLib->resolveFunction("PKCS7_sign"); -- K_PKCS7_verify = (int (*)(PKCS7*,STACK_OF(X509)*,X509_STORE*,BIO*,BIO*,int)) d->cryptoLib->resolveFunction("PKCS7_verify"); -- K_PKCS7_get0_signers = (STACK_OF(X509) *(*)(PKCS7 *, STACK_OF(X509) *, int)) d->cryptoLib->resolveFunction("PKCS7_get0_signers"); -- K_PKCS7_encrypt = (PKCS7* (*)(STACK_OF(X509) *, BIO *, EVP_CIPHER *, int)) d->cryptoLib->resolveFunction("PKCS7_encrypt"); -- K_PKCS7_decrypt = (int (*)(PKCS7 *, EVP_PKEY *, X509 *, BIO *, int)) d->cryptoLib->resolveFunction("PKCS7_decrypt"); -- K_PEM_X509_INFO_read = (STACK_OF(X509_INFO) *(*)(FILE*, STACK_OF(X509_INFO)*, pem_password_cb*, void *)) d->cryptoLib->resolveFunction("PEM_X509_INFO_read"); -- K_ASN1_d2i_fp = (char *(*)(char *(*)(),char *(*)(),FILE*,unsigned char**)) d->cryptoLib->resolveFunction("ASN1_d2i_fp"); -- K_X509_new = (X509 *(*)()) d->cryptoLib->resolveFunction("X509_new"); -- K_X509_PURPOSE_get_count = (int (*)()) d->cryptoLib->resolveFunction("X509_PURPOSE_get_count"); -- K_X509_PURPOSE_get_id = (int (*)(X509_PURPOSE *)) d->cryptoLib->resolveFunction("X509_PURPOSE_get_id"); -- K_X509_check_purpose = (int (*)(X509*,int,int)) d->cryptoLib->resolveFunction("X509_check_purpose"); -- K_X509_PURPOSE_get0 = (X509_PURPOSE *(*)(int)) d->cryptoLib->resolveFunction("X509_PURPOSE_get0"); -- K_EVP_PKEY_assign = (int (*)(EVP_PKEY*, int, char*)) d->cryptoLib->resolveFunction("EVP_PKEY_assign"); -- K_X509_REQ_set_pubkey = (int (*)(X509_REQ*, EVP_PKEY*)) d->cryptoLib->resolveFunction("X509_REQ_set_pubkey"); -- K_RSA_generate_key = (RSA* (*)(int, unsigned long, void (*)(int,int,void *), void *)) d->cryptoLib->resolveFunction("RSA_generate_key"); -- K_i2d_X509_REQ_fp = (int (*)(FILE *, X509_REQ *)) d->cryptoLib->resolveFunction("i2d_X509_REQ_fp"); -- K_ERR_clear_error = (void (*)()) d->cryptoLib->resolveFunction("ERR_clear_error"); -- K_ERR_get_error = (unsigned long (*)()) d->cryptoLib->resolveFunction("ERR_get_error"); -- K_ERR_print_errors_fp = (void (*)(FILE*)) d->cryptoLib->resolveFunction("ERR_print_errors_fp"); -- K_X509_get1_email = (STACK *(*)(X509 *x)) d->cryptoLib->resolveFunction("X509_get1_email"); -- K_X509_email_free = (void (*)(STACK *sk)) d->cryptoLib->resolveFunction("X509_email_free"); -- K_EVP_des_ede3_cbc = (EVP_CIPHER *(*)()) d->cryptoLib->resolveFunction("EVP_des_ede3_cbc"); -- K_EVP_des_cbc = (EVP_CIPHER *(*)()) d->cryptoLib->resolveFunction("EVP_des_cbc"); -- K_EVP_rc2_cbc = (EVP_CIPHER *(*)()) d->cryptoLib->resolveFunction("EVP_rc2_cbc"); -- K_EVP_rc2_64_cbc = (EVP_CIPHER *(*)()) d->cryptoLib->resolveFunction("EVP_rc2_64_cbc"); -- K_EVP_rc2_40_cbc = (EVP_CIPHER *(*)()) d->cryptoLib->resolveFunction("EVP_rc2_40_cbc"); -- K_i2d_PrivateKey_fp = (int (*)(FILE*,EVP_PKEY*)) d->cryptoLib->resolveFunction("i2d_PrivateKey_fp"); -- K_i2d_PKCS8PrivateKey_fp = (int (*)(FILE*, EVP_PKEY*, const EVP_CIPHER*, char*, int, pem_password_cb*, void*)) d->cryptoLib->resolveFunction("i2d_PKCS8PrivateKey_fp"); -- K_RSA_free = (void (*)(RSA*)) d->cryptoLib->resolveFunction("RSA_free"); -- K_EVP_bf_cbc = (EVP_CIPHER *(*)()) d->cryptoLib->resolveFunction("EVP_bf_cbc"); -- K_X509_REQ_sign = (int (*)(X509_REQ*, EVP_PKEY*, const EVP_MD*)) d->cryptoLib->resolveFunction("X509_REQ_sign"); -- K_X509_NAME_add_entry_by_txt = (int (*)(X509_NAME*, char*, int, unsigned char*, int, int, int)) d->cryptoLib->resolveFunction("X509_NAME_add_entry_by_txt"); -- K_X509_NAME_new = (X509_NAME *(*)()) d->cryptoLib->resolveFunction("X509_NAME_new"); -- K_X509_REQ_set_subject_name = (int (*)(X509_REQ*,X509_NAME*)) d->cryptoLib->resolveFunction("X509_REQ_set_subject_name"); -- K_ASN1_STRING_data = (unsigned char *(*)(ASN1_STRING*)) d->cryptoLib->resolveFunction("ASN1_STRING_data"); -- K_ASN1_STRING_length = (int (*)(ASN1_STRING*)) d->cryptoLib->resolveFunction("ASN1_STRING_length"); --#endif -- } -- --#ifdef Q_OS_WIN -- d->sslLib = new KLibrary("ssleay32.dll"); -- if (!d->sslLib->load()) { -- delete d->sslLib; -- d->sslLib = 0; -- } --#elif defined(__OpenBSD__) -- { -- QString libname = findMostRecentLib("/usr/lib", "ssl"); -- if (!libname.isNull()) { -- d->sslLib = new KLibrary(libname); -- d->sslLib->setLoadHints(QLibrary::ExportExternalSymbolsHint); -- if (!d->sslLib->load()) { -- delete d->sslLib; -- d->sslLib = 0; -- } -- } -- } --#else -- for (QStringList::const_iterator it = libpaths.constBegin(); -- it != libpaths.constEnd(); -- ++it) { -- for (QStringList::const_iterator shit = libnamess.constBegin(); -- shit != libnamess.constEnd(); -- ++shit) { -- QString alib = *it; -- if (!alib.isEmpty() && !alib.endsWith('/')) -- alib += '/'; -- alib += *shit; -- QString tmpStr(alib.toLatin1()); -- tmpStr.remove(QRegExp("\\(.*\\)")); -- if (!access(tmpStr.toLatin1(), R_OK)) { -- d->sslLib = new KLibrary(alib); -- d->sslLib->setLoadHints(QLibrary::ExportExternalSymbolsHint); -- } -- if (d->sslLib && d->sslLib->load()) { -- break; -- } -- else { -- delete d->sslLib; -- d->sslLib = 0; -- } -- } -- if (d->sslLib) break; -- } --#endif -- -- if (d->sslLib) { --#ifdef KSSL_HAVE_SSL -- // stand back from your monitor and look at this. it's fun! :) -- K_SSL_connect = (int (*)(SSL *)) d->sslLib->resolveFunction("SSL_connect"); -- K_SSL_accept = (int (*)(SSL *)) d->sslLib->resolveFunction("SSL_accept"); -- K_SSL_read = (int (*)(SSL *, void *, int)) d->sslLib->resolveFunction("SSL_read"); -- K_SSL_write = (int (*)(SSL *, const void *, int)) -- d->sslLib->resolveFunction("SSL_write"); -- K_SSL_new = (SSL* (*)(SSL_CTX *)) d->sslLib->resolveFunction("SSL_new"); -- K_SSL_free = (void (*)(SSL *)) d->sslLib->resolveFunction("SSL_free"); -- K_SSL_shutdown = (int (*)(SSL *)) d->sslLib->resolveFunction("SSL_shutdown"); -- K_SSL_CTX_new = (SSL_CTX* (*)(SSL_METHOD*)) d->sslLib->resolveFunction("SSL_CTX_new"); -- K_SSL_CTX_free = (void (*)(SSL_CTX*)) d->sslLib->resolveFunction("SSL_CTX_free"); -- K_SSL_set_fd = (int (*)(SSL *, int)) d->sslLib->resolveFunction("SSL_set_fd"); -- K_SSL_pending = (int (*)(SSL *)) d->sslLib->resolveFunction("SSL_pending"); -- K_SSL_CTX_set_cipher_list = (int (*)(SSL_CTX *, const char *)) -- d->sslLib->resolveFunction("SSL_CTX_set_cipher_list"); -- K_SSL_CTX_set_verify = (void (*)(SSL_CTX*, int, int (*)(int, X509_STORE_CTX*))) d->sslLib->resolveFunction("SSL_CTX_set_verify"); -- K_SSL_use_certificate = (int (*)(SSL*, X509*)) -- d->sslLib->resolveFunction("SSL_CTX_use_certificate"); -- K_SSL_get_current_cipher = (SSL_CIPHER *(*)(SSL *)) -- d->sslLib->resolveFunction("SSL_get_current_cipher"); -- K_SSL_ctrl = (long (*)(SSL * ,int, long, char *)) -- d->sslLib->resolveFunction("SSL_ctrl"); -- K_TLSv1_client_method = (SSL_METHOD *(*)()) d->sslLib->resolveFunction("TLSv1_client_method"); -- K_SSLv23_client_method = (SSL_METHOD *(*)()) d->sslLib->resolveFunction("SSLv23_client_method"); -- K_SSL_get_peer_certificate = (X509 *(*)(SSL *)) d->sslLib->resolveFunction("SSL_get_peer_certificate"); -- K_SSL_CIPHER_get_bits = (int (*)(SSL_CIPHER *,int *)) d->sslLib->resolveFunction("SSL_CIPHER_get_bits"); -- K_SSL_CIPHER_get_version = (char * (*)(SSL_CIPHER *)) d->sslLib->resolveFunction("SSL_CIPHER_get_version"); -- K_SSL_CIPHER_get_name = (const char * (*)(SSL_CIPHER *)) d->sslLib->resolveFunction("SSL_CIPHER_get_name"); -- K_SSL_CIPHER_description = (char * (*)(SSL_CIPHER *, char *, int)) d->sslLib->resolveFunction("SSL_CIPHER_description"); -- K_SSL_CTX_use_PrivateKey = (int (*)(SSL_CTX*, EVP_PKEY*)) d->sslLib->resolveFunction("SSL_CTX_use_PrivateKey"); -- K_SSL_CTX_use_certificate = (int (*)(SSL_CTX*, X509*)) d->sslLib->resolveFunction("SSL_CTX_use_certificate"); -- K_SSL_get_error = (int (*)(SSL*, int)) d->sslLib->resolveFunction("SSL_get_error"); -- K_SSL_get_peer_cert_chain = (STACK_OF(X509)* (*)(SSL*)) d->sslLib->resolveFunction("SSL_get_peer_cert_chain"); -- K_SSL_load_client_CA_file = (STACK_OF(X509_NAME)* (*)(const char *)) d->sslLib->resolveFunction("SSL_load_client_CA_file"); -- K_SSL_peek = (int (*)(SSL*,void*,int)) d->sslLib->resolveFunction("SSL_peek"); -- K_SSL_get1_session = (SSL_SESSION* (*)(SSL*)) d->sslLib->resolveFunction("SSL_get1_session"); -- K_SSL_SESSION_free = (void (*)(SSL_SESSION*)) d->sslLib->resolveFunction("SSL_SESSION_free"); -- K_SSL_set_session = (int (*)(SSL*,SSL_SESSION*)) d->sslLib->resolveFunction("SSL_set_session"); -- K_d2i_SSL_SESSION = (SSL_SESSION* (*)(SSL_SESSION**,unsigned char**, long)) d->sslLib->resolveFunction("d2i_SSL_SESSION"); -- K_i2d_SSL_SESSION = (int (*)(SSL_SESSION*,unsigned char**)) d->sslLib->resolveFunction("i2d_SSL_SESSION"); -- K_SSL_get_ciphers = (STACK_OF(SSL_CIPHER) *(*)(const SSL*)) d->sslLib->resolveFunction("SSL_get_ciphers"); --#endif -- -- -- // Initialize the library (once only!) -- KLibrary::void_function_ptr x; -- x = d->sslLib->resolveFunction("SSL_library_init"); -- if (d->cryptoLib) { -- if (x) ((int (*)())x)(); -- x = d->cryptoLib->resolveFunction("OpenSSL_add_all_algorithms"); -- if (!x) -- x = d->cryptoLib->resolveFunction("OPENSSL_add_all_algorithms"); -- if (x) { -- ((void (*)())x)(); -- } else { -- x = d->cryptoLib->resolveFunction("OpenSSL_add_all_algorithms_conf"); -- if (!x) -- x = d->cryptoLib->resolveFunction("OPENSSL_add_all_algorithms_conf"); -- if (x) { -- ((void (*)())x)(); -- } else { -- x = d->cryptoLib->resolveFunction("OpenSSL_add_all_algorithms_noconf"); -- if (!x) -- x = d->cryptoLib->resolveFunction("OPENSSL_add_all_algorithms_noconf"); -- if (x) -- ((void (*)())x)(); -- } -- } -- x = d->cryptoLib->resolveFunction("OpenSSL_add_all_ciphers"); -- if (!x) -- x = d->cryptoLib->resolveFunction("OPENSSL_add_all_ciphers"); -- if (x) ((void (*)())x)(); -- x = d->cryptoLib->resolveFunction("OpenSSL_add_all_digests"); -- if (!x) -- x = d->cryptoLib->resolveFunction("OPENSSL_add_all_digests"); -- if (x) ((void (*)())x)(); -- } -- } -- - } - --KOpenSSLProxy::~KOpenSSLProxy() { -- if (d->sslLib) { -- d->sslLib->unload(); -- } -- if (d->cryptoLib) { -- d->cryptoLib->unload(); -- } -- -- KOpenSSLProxyPrivate::sSelf = 0; -- delete d; -+KOpenSSLProxy::~KOpenSSLProxy() -+{ -+ KOpenSSLProxyPrivate::sSelf = 0; -+ delete d; - } - -- - // FIXME: we should check "ok" and allow this to init the lib if !ok. - --KOpenSSLProxy *KOpenSSLProxy::self() { --#ifdef KSSL_HAVE_SSL -- if(!KOpenSSLProxyPrivate::sSelf) { -- KOpenSSLProxyPrivate::sSelf = new KOpenSSLProxy(); -- qAddPostRoutine(KOpenSSLProxyPrivate::cleanupKOpenSSLProxy); -- } -+KOpenSSLProxy *KOpenSSLProxy::self() -+{ -+#if KSSL_HAVE_SSL -+ if (!KOpenSSLProxyPrivate::sSelf) { -+ KOpenSSLProxyPrivate::sSelf = new KOpenSSLProxy(); -+ qAddPostRoutine(KOpenSSLProxyPrivate::cleanupKOpenSSLProxy); -+ } - #endif -- return KOpenSSLProxyPrivate::sSelf; -+ return KOpenSSLProxyPrivate::sSelf; - } - -+#if KSSL_HAVE_SSL - -- -- -- -- -- --#ifdef KSSL_HAVE_SSL -- -- -- --int KOpenSSLProxy::SSL_connect(SSL *ssl) { -- if (K_SSL_connect) return (K_SSL_connect)(ssl); -- return -1; -+int KOpenSSLProxy::SSL_connect(SSL *ssl) -+{ -+ return ::SSL_connect(ssl); - } - -- --int KOpenSSLProxy::SSL_accept(SSL *ssl) { -- if (K_SSL_accept) return (K_SSL_accept)(ssl); -- return -1; -+int KOpenSSLProxy::SSL_accept(SSL *ssl) -+{ -+ return ::SSL_accept(ssl); - } - -- --int KOpenSSLProxy::SSL_read(SSL *ssl, void *buf, int num) { -- if (K_SSL_read) return (K_SSL_read)(ssl, buf, num); -- return -1; -+int KOpenSSLProxy::SSL_read(SSL *ssl, void *buf, int num) -+{ -+ return ::SSL_read(ssl, buf, num); - } - -- --int KOpenSSLProxy::SSL_write(SSL *ssl, const void *buf, int num) { -- if (K_SSL_write) return (K_SSL_write)(ssl, buf, num); -- return -1; -+int KOpenSSLProxy::SSL_write(SSL *ssl, const void *buf, int num) -+{ -+ return ::SSL_write(ssl, buf, num); - } - -- --SSL *KOpenSSLProxy::SSL_new(SSL_CTX *ctx) { -- if (K_SSL_new) return (K_SSL_new)(ctx); -- return 0L; -+SSL *KOpenSSLProxy::SSL_new(SSL_CTX *ctx) -+{ -+ return ::SSL_new(ctx); - } - -- --void KOpenSSLProxy::SSL_free(SSL *ssl) { -- if (K_SSL_free) (K_SSL_free)(ssl); -+void KOpenSSLProxy::SSL_free(SSL *ssl) -+{ -+ return ::SSL_free(ssl); - } - -- --int KOpenSSLProxy::SSL_shutdown(SSL *ssl) { -- if (K_SSL_shutdown) return (K_SSL_shutdown)(ssl); -- return -1; -+int KOpenSSLProxy::SSL_shutdown(SSL *ssl) -+{ -+ return ::SSL_shutdown(ssl); - } - -- --SSL_CTX *KOpenSSLProxy::SSL_CTX_new(SSL_METHOD *method) { -- if (K_SSL_CTX_new) return (K_SSL_CTX_new)(method); -- return 0L; -+SSL_CTX *KOpenSSLProxy::SSL_CTX_new(const SSL_METHOD *method) -+{ -+ return ::SSL_CTX_new(method); - } - -- --void KOpenSSLProxy::SSL_CTX_free(SSL_CTX *ctx) { -- if (K_SSL_CTX_free) (K_SSL_CTX_free)(ctx); -+void KOpenSSLProxy::SSL_CTX_free(SSL_CTX *ctx) -+{ -+ return ::SSL_CTX_free(ctx); - } - -- --int KOpenSSLProxy::SSL_set_fd(SSL *ssl, int fd) { -- if (K_SSL_set_fd) return (K_SSL_set_fd)(ssl, fd); -- return -1; -+int KOpenSSLProxy::SSL_set_fd(SSL *ssl, int fd) -+{ -+ return ::SSL_set_fd(ssl, fd); - } - -- --int KOpenSSLProxy::SSL_pending(SSL *ssl) { -- if (K_SSL_pending) return (K_SSL_pending)(ssl); -- return -1; -+int KOpenSSLProxy::SSL_pending(SSL *ssl) -+{ -+ return ::SSL_pending(ssl); - } - -- --int KOpenSSLProxy::SSL_CTX_set_cipher_list(SSL_CTX *ctx, const char *str) { -- if (K_SSL_CTX_set_cipher_list) return (K_SSL_CTX_set_cipher_list)(ctx, str); -- return -1; -+int KOpenSSLProxy::SSL_CTX_set_cipher_list(SSL_CTX *ctx, const char *str) -+{ -+ return ::SSL_CTX_set_cipher_list(ctx, str); - } - -- - void KOpenSSLProxy::SSL_CTX_set_verify(SSL_CTX *ctx, int mode, -- int (*verify_callback)(int, X509_STORE_CTX *)) { -- if (K_SSL_CTX_set_verify) (K_SSL_CTX_set_verify)(ctx, mode, verify_callback); --} -- -- --int KOpenSSLProxy::SSL_use_certificate(SSL *ssl, X509 *x) { -- if (K_SSL_use_certificate) return (K_SSL_use_certificate)(ssl, x); -- return -1; -+ int (*verify_callback)(int, X509_STORE_CTX *)) -+{ -+ ::SSL_CTX_set_verify(ctx, mode, verify_callback); - } - -- --SSL_CIPHER *KOpenSSLProxy::SSL_get_current_cipher(SSL *ssl) { -- if (K_SSL_get_current_cipher) return (K_SSL_get_current_cipher)(ssl); -- return 0L; -+int KOpenSSLProxy::SSL_use_certificate(SSL *ssl, X509 *x) -+{ -+ return ::SSL_use_certificate(ssl, x); - } - -- --long KOpenSSLProxy::SSL_ctrl(SSL *ssl,int cmd, long larg, char *parg) { -- if (K_SSL_ctrl) return (K_SSL_ctrl)(ssl, cmd, larg, parg); -- return -1; -+const SSL_CIPHER *KOpenSSLProxy::SSL_get_current_cipher(SSL *ssl) -+{ -+ return ::SSL_get_current_cipher(ssl); - } - -- --int KOpenSSLProxy::RAND_egd(const char *path) { -- if (K_RAND_egd) return (K_RAND_egd)(path); -- return -1; -+long KOpenSSLProxy::SSL_ctrl(SSL *ssl, int cmd, long larg, char *parg) -+{ -+ return ::SSL_ctrl(ssl, cmd, larg, parg); - } - -- --SSL_METHOD *KOpenSSLProxy::TLSv1_client_method() { -- if (K_TLSv1_client_method) return (K_TLSv1_client_method)(); -- return 0L; -+int KOpenSSLProxy::RAND_egd(const char *path) -+{ -+#ifndef OPENSSL_NO_EGD -+ return ::RAND_egd(path); -+#endif -+ return 0; - } - -- --SSL_METHOD *KOpenSSLProxy::SSLv23_client_method() { -- if (K_SSLv23_client_method) return (K_SSLv23_client_method)(); -- return 0L; -+const SSL_METHOD *KOpenSSLProxy::TLSv1_client_method() -+{ -+ return ::TLSv1_client_method(); - } - -- --X509 *KOpenSSLProxy::SSL_get_peer_certificate(SSL *s) { -- if (K_SSL_get_peer_certificate) return (K_SSL_get_peer_certificate)(s); -- return 0L; -+const SSL_METHOD *KOpenSSLProxy::SSLv23_client_method() -+{ -+ return ::SSLv23_client_method(); - } - -- --int KOpenSSLProxy::SSL_CIPHER_get_bits(SSL_CIPHER *c,int *alg_bits) { -- if (K_SSL_CIPHER_get_bits) return (K_SSL_CIPHER_get_bits)(c, alg_bits); -- return -1; -+X509 *KOpenSSLProxy::SSL_get_peer_certificate(SSL *s) -+{ -+ return ::SSL_get_peer_certificate(s); - } - -- --char * KOpenSSLProxy::SSL_CIPHER_get_version(SSL_CIPHER *c) { -- if (K_SSL_CIPHER_get_version) return (K_SSL_CIPHER_get_version)(c); -- return 0L; -+int KOpenSSLProxy::SSL_CIPHER_get_bits(SSL_CIPHER *c, int *alg_bits) -+{ -+ return ::SSL_CIPHER_get_bits(c, alg_bits); - } - -- --const char * KOpenSSLProxy::SSL_CIPHER_get_name(SSL_CIPHER *c) { -- if (K_SSL_CIPHER_get_name) return (K_SSL_CIPHER_get_name)(c); -- return 0L; -+const char *KOpenSSLProxy::SSL_CIPHER_get_version(SSL_CIPHER *c) -+{ -+ return ::SSL_CIPHER_get_version(c); - } - -- --char * KOpenSSLProxy::SSL_CIPHER_description(SSL_CIPHER *c,char *buf,int size) { -- if (K_SSL_CIPHER_description) return (K_SSL_CIPHER_description)(c,buf,size); -- return 0L; -+const char *KOpenSSLProxy::SSL_CIPHER_get_name(SSL_CIPHER *c) -+{ -+ return ::SSL_CIPHER_get_name(c); - } - -- --X509 * KOpenSSLProxy::d2i_X509(X509 **a,unsigned char **pp,long length) { -- if (K_d2i_X509) return (K_d2i_X509)(a,pp,length); -- return 0L; -+char *KOpenSSLProxy::SSL_CIPHER_description(SSL_CIPHER *c, char *buf, int size) -+{ -+ return ::SSL_CIPHER_description(c, buf, size); - } - -- --int KOpenSSLProxy::i2d_X509(X509 *a,unsigned char **pp) { -- if (K_i2d_X509) return (K_i2d_X509)(a,pp); -- return -1; -+X509 *KOpenSSLProxy::d2i_X509(X509 **a, const unsigned char **pp, long length) -+{ -+ return ::d2i_X509(a, pp, length); - } - -- --int KOpenSSLProxy::X509_cmp(X509 *a, X509 *b) { -- if (K_X509_cmp) return (K_X509_cmp)(a,b); -- return 0; -+int KOpenSSLProxy::i2d_X509(X509 *a, unsigned char **pp) -+{ -+ return ::i2d_X509(a, pp); - } - -- --X509_STORE *KOpenSSLProxy::X509_STORE_new(void) { -- if (K_X509_STORE_new) return (K_X509_STORE_new)(); -- return 0L; -+int KOpenSSLProxy::X509_cmp(X509 *a, X509 *b) -+{ -+ return ::X509_cmp(a, b); - } - -- --void KOpenSSLProxy::X509_STORE_free(X509_STORE *v) { -- if (K_X509_STORE_free) (K_X509_STORE_free)(v); -+X509_STORE *KOpenSSLProxy::X509_STORE_new(void) -+{ -+ return ::X509_STORE_new(); - } - -- --X509_STORE_CTX *KOpenSSLProxy::X509_STORE_CTX_new(void) { -- if (K_X509_STORE_CTX_new) return (K_X509_STORE_CTX_new)(); -- return 0L; -+void KOpenSSLProxy::X509_STORE_free(X509_STORE *v) -+{ -+ ::X509_STORE_free(v); - } - -- --void KOpenSSLProxy::X509_STORE_CTX_free(X509_STORE_CTX *ctx) { -- if (K_X509_STORE_CTX_free) (K_X509_STORE_CTX_free)(ctx); -+X509_STORE_CTX *KOpenSSLProxy::X509_STORE_CTX_new(void) -+{ -+ return ::X509_STORE_CTX_new(); - } - -- --int KOpenSSLProxy::X509_verify_cert(X509_STORE_CTX *ctx) { -- if (K_X509_verify_cert) return (K_X509_verify_cert)(ctx); -- return -1; -+void KOpenSSLProxy::X509_STORE_CTX_free(X509_STORE_CTX *ctx) -+{ -+ ::X509_STORE_CTX_free(ctx); - } - -- --void KOpenSSLProxy::X509_free(X509 *a) { -- if (K_X509_free) (K_X509_free)(a); -+int KOpenSSLProxy::X509_verify_cert(X509_STORE_CTX *ctx) -+{ -+ return ::X509_verify_cert(ctx); - } - -- --char *KOpenSSLProxy::X509_NAME_oneline(X509_NAME *a,char *buf,int size) { -- if (K_X509_NAME_oneline) return (K_X509_NAME_oneline)(a,buf,size); -- return 0L; -+void KOpenSSLProxy::X509_free(X509 *a) -+{ -+ ::X509_free(a); - } - -- --X509_NAME *KOpenSSLProxy::X509_get_subject_name(X509 *a) { -- if (K_X509_get_subject_name) return (K_X509_get_subject_name)(a); -- return 0L; -+char *KOpenSSLProxy::X509_NAME_oneline(X509_NAME *a, char *buf, int size) -+{ -+ return ::X509_NAME_oneline(a, buf, size); - } - -- --X509_NAME *KOpenSSLProxy::X509_get_issuer_name(X509 *a) { -- if (K_X509_get_issuer_name) return (K_X509_get_issuer_name)(a); -- return 0L; -+X509_NAME *KOpenSSLProxy::X509_get_subject_name(X509 *a) -+{ -+ return ::X509_get_subject_name(a); - } - -- --X509_LOOKUP *KOpenSSLProxy::X509_STORE_add_lookup(X509_STORE *v, X509_LOOKUP_METHOD *m) { -- if (K_X509_STORE_add_lookup) return (K_X509_STORE_add_lookup)(v,m); -- return 0L; -+X509_NAME *KOpenSSLProxy::X509_get_issuer_name(X509 *a) -+{ -+ return ::X509_get_issuer_name(a); - } - -- --X509_LOOKUP_METHOD *KOpenSSLProxy::X509_LOOKUP_file(void) { -- if (K_X509_LOOKUP_file) return (K_X509_LOOKUP_file)(); -- return 0L; -+X509_LOOKUP *KOpenSSLProxy::X509_STORE_add_lookup(X509_STORE *v, X509_LOOKUP_METHOD *m) -+{ -+ return ::X509_STORE_add_lookup(v, m); - } - -- --void KOpenSSLProxy::X509_LOOKUP_free(X509_LOOKUP *x) { -- if (K_X509_LOOKUP_free) (K_X509_LOOKUP_free)(x); -+X509_LOOKUP_METHOD *KOpenSSLProxy::X509_LOOKUP_file(void) -+{ -+ return ::X509_LOOKUP_file(); - } - -- --int KOpenSSLProxy::X509_LOOKUP_ctrl(X509_LOOKUP *ctx, int cmd, const char *argc, long argl, char **ret) { -- if (K_X509_LOOKUP_ctrl) return (K_X509_LOOKUP_ctrl)(ctx,cmd,argc,argl,ret); -- return -1; -+void KOpenSSLProxy::X509_LOOKUP_free(X509_LOOKUP *x) -+{ -+ ::X509_LOOKUP_free(x); - } - -- --void KOpenSSLProxy::X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store, X509 *x509, STACK_OF(X509) *chain) { -- if (K_X509_STORE_CTX_init) (K_X509_STORE_CTX_init)(ctx,store,x509,chain); -+int KOpenSSLProxy::X509_LOOKUP_ctrl(X509_LOOKUP *ctx, int cmd, const char *argc, long argl, char **ret) -+{ -+ return ::X509_LOOKUP_ctrl(ctx, cmd, argc, argl, ret); - } - -- --void KOpenSSLProxy::CRYPTO_free(void *x) { -- if (K_CRYPTO_free) (K_CRYPTO_free)(x); -+void KOpenSSLProxy::X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store, X509 *x509, STACK_OF(X509) *chain) -+{ -+ ::X509_STORE_CTX_init(ctx, store, x509, chain); - } - -- --X509 *KOpenSSLProxy::X509_dup(X509 *x509) { -- if (K_X509_dup) return (K_X509_dup)(x509); -- return 0L; -+void KOpenSSLProxy::CRYPTO_free(void *x) -+{ -+ ::CRYPTO_free(x, OPENSSL_FILE, OPENSSL_LINE); - } - -- --BIO *KOpenSSLProxy::BIO_new(BIO_METHOD *type) { -- if (K_BIO_new) return (K_BIO_new)(type); -- else return 0L; -+X509 *KOpenSSLProxy::X509_dup(X509 *x509) -+{ -+ return ::X509_dup(x509); - } - -- --BIO_METHOD *KOpenSSLProxy::BIO_s_mem(void) { -- if (K_BIO_s_mem) return (K_BIO_s_mem)(); -- else return 0L; -+BIO *KOpenSSLProxy::BIO_new(BIO_METHOD *type) -+{ -+ return ::BIO_new(type); - } - -- --BIO *KOpenSSLProxy::BIO_new_fp(FILE *stream, int close_flag) { -- if (K_BIO_new_fp) return (K_BIO_new_fp)(stream, close_flag); -- return 0L; -+const BIO_METHOD *KOpenSSLProxy::BIO_s_mem(void) -+{ -+ return ::BIO_s_mem(); - } - -- --BIO *KOpenSSLProxy::BIO_new_mem_buf(void *buf, int len) { -- if (K_BIO_new_mem_buf) return (K_BIO_new_mem_buf)(buf,len); -- else return 0L; -+BIO *KOpenSSLProxy::BIO_new_fp(FILE *stream, int close_flag) -+{ -+ return ::BIO_new_fp(stream, close_flag); - } - -- --int KOpenSSLProxy::BIO_free(BIO *a) { -- if (K_BIO_free) return (K_BIO_free)(a); -- return -1; -+BIO *KOpenSSLProxy::BIO_new_mem_buf(void *buf, int len) -+{ -+ return ::BIO_new_mem_buf(buf, len); - } - -- --long KOpenSSLProxy::BIO_ctrl(BIO *bp,int cmd,long larg,void *parg) { -- if (K_BIO_ctrl) return (K_BIO_ctrl)(bp,cmd,larg,parg); -- else return 0; // failure return for BIO_ctrl is quite individual, maybe we should abort() instead -+int KOpenSSLProxy::BIO_free(BIO *a) -+{ -+ return ::BIO_free(a); - } - -- --int KOpenSSLProxy::BIO_write(BIO *b, const void *data, int len) { -- if (K_BIO_write) return (K_BIO_write)(b, data, len); -- else return -1; -+long KOpenSSLProxy::BIO_ctrl(BIO *bp, int cmd, long larg, void *parg) -+{ -+ return ::BIO_ctrl(bp, cmd, larg, parg); - } - -- --int KOpenSSLProxy::PEM_write_bio_X509(BIO *bp, X509 *x) { -- if (K_PEM_ASN1_write_bio) return (K_PEM_ASN1_write_bio) ((int (*)())K_i2d_X509, PEM_STRING_X509, bp, (char *)x, 0L, 0L, 0, 0L, 0L); -- else return -1; -+int KOpenSSLProxy::BIO_write(BIO *b, const void *data, int len) -+{ -+ return ::BIO_write(b, data, len); - } - --int KOpenSSLProxy::ASN1_item_i2d_fp(FILE *out,unsigned char *x) { -- if (K_ASN1_item_i2d_fp && K_NETSCAPE_X509_it) -- return (K_ASN1_item_i2d_fp)(K_NETSCAPE_X509_it, out, x); -- else return -1; -+int KOpenSSLProxy::PEM_write_bio_X509(BIO *bp, X509 *x) -+{ -+ return ::PEM_ASN1_write_bio(reinterpret_cast<i2d_of_void*>(::i2d_X509), PEM_STRING_X509, bp, (char *)x, 0L, 0L, 0, 0L, 0L); - } - -- --int KOpenSSLProxy::X509_print(FILE *fp, X509 *x) { -- if (K_X509_print_fp) return (K_X509_print_fp)(fp, x); -- return -1; -+int KOpenSSLProxy::X509_print(FILE *fp, X509 *x) -+{ -+ return ::X509_print_fp(fp, x); - } - -- --PKCS12 *KOpenSSLProxy::d2i_PKCS12_fp(FILE *fp, PKCS12 **p12) { -- if (K_d2i_PKCS12_fp) return (K_d2i_PKCS12_fp)(fp, p12); -- else return 0L; -+PKCS12 *KOpenSSLProxy::d2i_PKCS12_fp(FILE *fp, PKCS12 **p12) -+{ -+ return ::d2i_PKCS12_fp(fp, p12); - } - -- --int KOpenSSLProxy::PKCS12_newpass(PKCS12 *p12, char *oldpass, char *newpass) { -- if (K_PKCS12_newpass) return (K_PKCS12_newpass)(p12, oldpass, newpass); -- else return -1; -+int KOpenSSLProxy::PKCS12_newpass(PKCS12 *p12, char *oldpass, char *newpass) -+{ -+ return ::PKCS12_newpass(p12, oldpass, newpass); - } - -- --int KOpenSSLProxy::i2d_PKCS12(PKCS12 *p12, unsigned char **p) { -- if (K_i2d_PKCS12) return (K_i2d_PKCS12)(p12, p); -- else return -1; -+int KOpenSSLProxy::i2d_PKCS12(PKCS12 *p12, unsigned char **p) -+{ -+ return ::i2d_PKCS12(p12, p); - } - -- --int KOpenSSLProxy::i2d_PKCS12_fp(FILE *fp, PKCS12 *p12) { -- if (K_i2d_PKCS12_fp) return (K_i2d_PKCS12_fp)(fp, p12); -- else return -1; -+int KOpenSSLProxy::i2d_PKCS12_fp(FILE *fp, PKCS12 *p12) -+{ -+ return ::i2d_PKCS12_fp(fp, p12); - } - -- --PKCS12 *KOpenSSLProxy::PKCS12_new(void) { -- if (K_PKCS12_new) return (K_PKCS12_new)(); -- else return 0L; -+PKCS12 *KOpenSSLProxy::PKCS12_new(void) -+{ -+ return ::PKCS12_new(); - } - -- --void KOpenSSLProxy::PKCS12_free(PKCS12 *a) { -- if (K_PKCS12_free) (K_PKCS12_free)(a); -+void KOpenSSLProxy::PKCS12_free(PKCS12 *a) -+{ -+ ::PKCS12_free(a); - } - -- - int KOpenSSLProxy::PKCS12_parse(PKCS12 *p12, const char *pass, EVP_PKEY **pkey, -- X509 **cert, STACK_OF(X509) **ca) { -- if (K_PKCS12_parse) return (K_PKCS12_parse) (p12, pass, pkey, cert, ca); -- else return -1; -+ X509 **cert, STACK_OF(X509) **ca) -+{ -+ return ::PKCS12_parse(p12, pass, pkey, cert, ca); - } - -- --void KOpenSSLProxy::EVP_PKEY_free(EVP_PKEY *x) { -- if (K_EVP_PKEY_free) (K_EVP_PKEY_free)(x); -+void KOpenSSLProxy::EVP_PKEY_free(EVP_PKEY *x) -+{ -+ ::EVP_PKEY_free(x); - } - -- --EVP_PKEY* KOpenSSLProxy::EVP_PKEY_new() { -- if (K_EVP_PKEY_new) return (K_EVP_PKEY_new)(); -- else return 0L; -+EVP_PKEY *KOpenSSLProxy::EVP_PKEY_new() -+{ -+ return ::EVP_PKEY_new(); - } - -- --void KOpenSSLProxy::X509_REQ_free(X509_REQ *x) { -- if (K_X509_REQ_free) (K_X509_REQ_free)(x); -+void KOpenSSLProxy::X509_REQ_free(X509_REQ *x) -+{ -+ ::X509_REQ_free(x); - } - -- --X509_REQ* KOpenSSLProxy::X509_REQ_new() { -- if (K_X509_REQ_new) return (K_X509_REQ_new)(); -- else return 0L; -+X509_REQ *KOpenSSLProxy::X509_REQ_new() -+{ -+ return ::X509_REQ_new(); - } - -- --int KOpenSSLProxy::SSL_CTX_use_PrivateKey(SSL_CTX *ctx, EVP_PKEY *pkey) { -- if (K_SSL_CTX_use_PrivateKey) return (K_SSL_CTX_use_PrivateKey)(ctx,pkey); -- else return -1; -+int KOpenSSLProxy::SSL_CTX_use_PrivateKey(SSL_CTX *ctx, EVP_PKEY *pkey) -+{ -+ return ::SSL_CTX_use_PrivateKey(ctx, pkey); - } - -- --int KOpenSSLProxy::SSL_CTX_use_certificate(SSL_CTX *ctx, X509 *x) { -- if (K_SSL_CTX_use_certificate) return (K_SSL_CTX_use_certificate)(ctx,x); -- else return -1; -+int KOpenSSLProxy::SSL_CTX_use_certificate(SSL_CTX *ctx, X509 *x) -+{ -+ return ::SSL_CTX_use_certificate(ctx, x); - } - -- --int KOpenSSLProxy::SSL_get_error(SSL *ssl, int rc) { -- if (K_SSL_get_error) return (K_SSL_get_error)(ssl,rc); -- else return -1; -+int KOpenSSLProxy::SSL_get_error(SSL *ssl, int rc) -+{ -+ return ::SSL_get_error(ssl, rc); - } - -- --STACK_OF(X509) *KOpenSSLProxy::SSL_get_peer_cert_chain(SSL *s) { -- if (K_SSL_get_peer_cert_chain) return (K_SSL_get_peer_cert_chain)(s); -- else return 0L; -+STACK_OF(X509) *KOpenSSLProxy::SSL_get_peer_cert_chain(SSL *s) -+{ -+ return ::SSL_get_peer_cert_chain(s); - } - -- --void KOpenSSLProxy::sk_free(STACK *s) { -- if (K_sk_free) (K_sk_free)(s); -+void KOpenSSLProxy::sk_free(STACK *s) -+{ -+ ::OPENSSL_sk_free(s); - } - -- --int KOpenSSLProxy::sk_num(STACK *s) { -- if (K_sk_num) return (K_sk_num)(s); -- else return -1; -+int KOpenSSLProxy::sk_num(STACK *s) -+{ -+ return ::OPENSSL_sk_num(s); - } - -- --char *KOpenSSLProxy::sk_pop(STACK *s) { -- if (K_sk_pop) return (K_sk_pop)(s); -- else return 0L; -+char *KOpenSSLProxy::sk_pop(STACK *s) -+{ -+ return static_cast<char*>(::OPENSSL_sk_pop(s)); - } - -- --char *KOpenSSLProxy::sk_value(STACK *s, int n) { -- if (K_sk_value) return (K_sk_value)(s, n); -- else return 0L; -+char *KOpenSSLProxy::sk_value(STACK *s, int n) -+{ -+ return static_cast<char*>(::sk_value(s, n)); - } - -- --void KOpenSSLProxy::X509_STORE_CTX_set_chain(X509_STORE_CTX *v, STACK_OF(X509)* x) { -- if (K_X509_STORE_CTX_set_chain) (K_X509_STORE_CTX_set_chain)(v,x); -+void KOpenSSLProxy::X509_STORE_CTX_set_chain(X509_STORE_CTX *v, STACK_OF(X509)* x) -+{ -+ ::X509_STORE_CTX_set_chain(v, x); - } - --void KOpenSSLProxy::X509_STORE_CTX_set_purpose(X509_STORE_CTX *v, int purpose) { -- if (K_X509_STORE_CTX_set_purpose) (K_X509_STORE_CTX_set_purpose)(v,purpose); -+void KOpenSSLProxy::X509_STORE_CTX_set_purpose(X509_STORE_CTX *v, int purpose) -+{ -+ ::X509_STORE_CTX_set_purpose(v, purpose); - } - -- --STACK* KOpenSSLProxy::sk_dup(STACK *s) { -- if (K_sk_dup) return (K_sk_dup)(s); -- else return 0L; -+STACK *KOpenSSLProxy::sk_dup(STACK *s) -+{ -+ return ::sk_dup(s); - } - -- --STACK* KOpenSSLProxy::sk_new(int (*cmp)()) { -- if (K_sk_new) return (K_sk_new)(cmp); -- else return 0L; -+STACK *KOpenSSLProxy::sk_new(OPENSSL_sk_compfunc cmp) -+{ -+ return ::sk_new(cmp); - } - -- --int KOpenSSLProxy::sk_push(STACK* s, char* d) { -- if (K_sk_push) return (K_sk_push)(s,d); -- else return -1; -+int KOpenSSLProxy::sk_push(STACK *s, char *d) -+{ -+ return ::sk_push(s, d); - } - -- --char *KOpenSSLProxy::i2s_ASN1_INTEGER(X509V3_EXT_METHOD *meth, ASN1_INTEGER *aint) { -- if (K_i2s_ASN1_INTEGER) return (K_i2s_ASN1_INTEGER)(meth, aint); -- else return 0L; -+char *KOpenSSLProxy::i2s_ASN1_INTEGER(X509V3_EXT_METHOD *meth, ASN1_INTEGER *aint) -+{ -+ return ::i2s_ASN1_INTEGER(meth, aint); - } - -- --ASN1_INTEGER *KOpenSSLProxy::X509_get_serialNumber(X509 *x) { -- if (K_X509_get_serialNumber) return (K_X509_get_serialNumber)(x); -- else return 0L; -+ASN1_INTEGER *KOpenSSLProxy::X509_get_serialNumber(X509 *x) -+{ -+ return ::X509_get_serialNumber(x); - } - -- --EVP_PKEY *KOpenSSLProxy::X509_get_pubkey(X509 *x) { -- if (K_X509_get_pubkey) return (K_X509_get_pubkey)(x); -- else return 0L; -+EVP_PKEY *KOpenSSLProxy::X509_get_pubkey(X509 *x) -+{ -+ return ::X509_get_pubkey(x); - } - -- --int KOpenSSLProxy::i2d_PublicKey(EVP_PKEY *a, unsigned char **pp) { -- if (K_i2d_PublicKey) return (K_i2d_PublicKey)(a,pp); -- else return 0; -+int KOpenSSLProxy::i2d_PublicKey(EVP_PKEY *a, unsigned char **pp) -+{ -+ return ::i2d_PublicKey(a, pp); - } - -- --int KOpenSSLProxy::X509_check_private_key(X509 *x, EVP_PKEY *p) { -- if (K_X509_check_private_key) return (K_X509_check_private_key)(x,p); -- return -1; -+int KOpenSSLProxy::X509_check_private_key(X509 *x, EVP_PKEY *p) -+{ -+ return ::X509_check_private_key(x, p); - } - -- --char *KOpenSSLProxy::BN_bn2hex(const BIGNUM *a) { -- if (K_BN_bn2hex) return (K_BN_bn2hex)(a); -- else return 0L; -+char *KOpenSSLProxy::BN_bn2hex(const BIGNUM *a) -+{ -+ return ::BN_bn2hex(a); - } - -- --int KOpenSSLProxy::X509_digest(const X509 *x,const EVP_MD *t, unsigned char *md, unsigned int *len) { -- if (K_X509_digest) return (K_X509_digest)(x, t, md, len); -- else return -1; -+int KOpenSSLProxy::X509_digest(const X509 *x, const EVP_MD *t, unsigned char *md, unsigned int *len) -+{ -+ return ::X509_digest(x, t, md, len); - } - -- --EVP_MD *KOpenSSLProxy::EVP_md5() { -- if (K_EVP_md5) return (K_EVP_md5)(); -- return 0L; -+const EVP_MD *KOpenSSLProxy::EVP_md5() -+{ -+ return ::EVP_md5(); - } - -- --void KOpenSSLProxy::ASN1_INTEGER_free(ASN1_INTEGER *a) { -- if (K_ASN1_INTEGER_free) (K_ASN1_INTEGER_free)(a); -+void KOpenSSLProxy::ASN1_INTEGER_free(ASN1_INTEGER *a) -+{ -+ ::ASN1_INTEGER_free(a); - } - -- --int KOpenSSLProxy::OBJ_obj2nid(ASN1_OBJECT *o) { -- if (K_OBJ_obj2nid) return (K_OBJ_obj2nid)(o); -- else return -1; -+int KOpenSSLProxy::OBJ_obj2nid(ASN1_OBJECT *o) -+{ -+ return ::OBJ_obj2nid(o); - } - -- --const char * KOpenSSLProxy::OBJ_nid2ln(int n) { -- if (K_OBJ_nid2ln) return (K_OBJ_nid2ln)(n); -- else return 0L; -+const char *KOpenSSLProxy::OBJ_nid2ln(int n) -+{ -+ return ::OBJ_nid2ln(n); - } - -- --int KOpenSSLProxy::X509_get_ext_count(X509 *x) { -- if (K_X509_get_ext_count) return (K_X509_get_ext_count)(x); -- else return -1; -+int KOpenSSLProxy::X509_get_ext_count(X509 *x) -+{ -+ return ::X509_get_ext_count(x); - } - -- --int KOpenSSLProxy::X509_get_ext_by_NID(X509 *x, int nid, int lastpos) { -- if (K_X509_get_ext_by_NID) return (K_X509_get_ext_by_NID)(x,nid,lastpos); -- else return -1; -+int KOpenSSLProxy::X509_get_ext_by_NID(X509 *x, int nid, int lastpos) -+{ -+ return ::X509_get_ext_by_NID(x, nid, lastpos); - } - -- --int KOpenSSLProxy::X509_get_ext_by_OBJ(X509 *x,ASN1_OBJECT *obj,int lastpos) { -- if (K_X509_get_ext_by_OBJ) return (K_X509_get_ext_by_OBJ)(x,obj,lastpos); -- else return -1; -+int KOpenSSLProxy::X509_get_ext_by_OBJ(X509 *x, ASN1_OBJECT *obj, int lastpos) -+{ -+ return ::X509_get_ext_by_OBJ(x, obj, lastpos); - } - -- --X509_EXTENSION *KOpenSSLProxy::X509_get_ext(X509 *x, int loc) { -- if (K_X509_get_ext) return (K_X509_get_ext)(x,loc); -- else return 0L; -+X509_EXTENSION *KOpenSSLProxy::X509_get_ext(X509 *x, int loc) -+{ -+ return ::X509_get_ext(x, loc); - } - -- --X509_EXTENSION *KOpenSSLProxy::X509_delete_ext(X509 *x, int loc) { -- if (K_X509_delete_ext) return (K_X509_delete_ext)(x,loc); -- else return 0L; -+X509_EXTENSION *KOpenSSLProxy::X509_delete_ext(X509 *x, int loc) -+{ -+ return ::X509_delete_ext(x, loc); - } - -- --int KOpenSSLProxy::X509_add_ext(X509 *x, X509_EXTENSION *ex, int loc) { -- if (K_X509_add_ext) return (K_X509_add_ext)(x,ex,loc); -- else return -1; -+int KOpenSSLProxy::X509_add_ext(X509 *x, X509_EXTENSION *ex, int loc) -+{ -+ return ::X509_add_ext(x, ex, loc); - } - -- --void *KOpenSSLProxy::X509_get_ext_d2i(X509 *x, int nid, int *crit, int *idx) { -- if (K_X509_get_ext_d2i) return (K_X509_get_ext_d2i)(x,nid,crit,idx); -- else return 0L; -+void *KOpenSSLProxy::X509_get_ext_d2i(X509 *x, int nid, int *crit, int *idx) -+{ -+ return ::X509_get_ext_d2i(x, nid, crit, idx); - } - -- --char *KOpenSSLProxy::i2s_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method, ASN1_OCTET_STRING *ia5) { -- if (K_i2s_ASN1_OCTET_STRING) return (K_i2s_ASN1_OCTET_STRING)(method,ia5); -- else return 0L; -+char *KOpenSSLProxy::i2s_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method, ASN1_OCTET_STRING *ia5) -+{ -+ return ::i2s_ASN1_OCTET_STRING(method, ia5); - } - -- --int KOpenSSLProxy::ASN1_BIT_STRING_get_bit(ASN1_BIT_STRING *a, int n) { -- if (K_ASN1_BIT_STRING_get_bit) return (K_ASN1_BIT_STRING_get_bit)(a,n); -- else return -1; -+int KOpenSSLProxy::ASN1_BIT_STRING_get_bit(ASN1_BIT_STRING *a, int n) -+{ -+ return ::ASN1_BIT_STRING_get_bit(a, n); - } - -- --PKCS7 *KOpenSSLProxy::PKCS7_new(void) { -- if (K_PKCS7_new) return (K_PKCS7_new)(); -- else return 0L; -+PKCS7 *KOpenSSLProxy::PKCS7_new(void) -+{ -+ return ::PKCS7_new(); - } - -- --void KOpenSSLProxy::PKCS7_free(PKCS7 *a) { -- if (K_PKCS7_free) (K_PKCS7_free)(a); -+void KOpenSSLProxy::PKCS7_free(PKCS7 *a) -+{ -+ ::PKCS7_free(a); - } - -- --void KOpenSSLProxy::PKCS7_content_free(PKCS7 *a) { -- if (K_PKCS7_content_free) (K_PKCS7_content_free)(a); -+void KOpenSSLProxy::PKCS7_content_free(PKCS7 *a) -+{ -+ CRYPTO_free(a); - } - -- --int KOpenSSLProxy::i2d_PKCS7(PKCS7 *a, unsigned char **pp) { -- if (K_i2d_PKCS7) return (K_i2d_PKCS7)(a,pp); -- else return -1; -+int KOpenSSLProxy::i2d_PKCS7(PKCS7 *a, unsigned char **pp) -+{ -+ return ::i2d_PKCS7(a, pp); - } - -- --PKCS7 *KOpenSSLProxy::d2i_PKCS7(PKCS7 **a, unsigned char **pp,long length) { -- if (K_d2i_PKCS7) return (K_d2i_PKCS7)(a,pp,length); -- else return 0L; -+PKCS7 *KOpenSSLProxy::d2i_PKCS7(PKCS7 **a, const unsigned char **pp, long length) -+{ -+ return ::d2i_PKCS7(a, pp, length); - } - -- --int KOpenSSLProxy::i2d_PKCS7_fp(FILE *fp,PKCS7 *p7) { -- if (K_i2d_PKCS7_fp) return (K_i2d_PKCS7_fp)(fp,p7); -- else return -1; -+int KOpenSSLProxy::i2d_PKCS7_fp(FILE *fp, PKCS7 *p7) -+{ -+ return ::i2d_PKCS7_fp(fp, p7); - } - -- --PKCS7 *KOpenSSLProxy::d2i_PKCS7_fp(FILE *fp,PKCS7 **p7) { -- if (K_d2i_PKCS7_fp) return (K_d2i_PKCS7_fp)(fp,p7); -- else return 0L; -+PKCS7 *KOpenSSLProxy::d2i_PKCS7_fp(FILE *fp, PKCS7 **p7) -+{ -+ return ::d2i_PKCS7_fp(fp, p7); - } - -- --int KOpenSSLProxy::i2d_PKCS7_bio(BIO *bp,PKCS7 *p7) { -- if (K_i2d_PKCS7_bio) return (K_i2d_PKCS7_bio)(bp, p7); -- else return -1; -+int KOpenSSLProxy::i2d_PKCS7_bio(BIO *bp, PKCS7 *p7) -+{ -+ return ::i2d_PKCS7_bio(bp, p7); - } - -- --PKCS7 *KOpenSSLProxy::d2i_PKCS7_bio(BIO *bp,PKCS7 **p7) { -- if (K_d2i_PKCS7_bio) return (K_d2i_PKCS7_bio)(bp, p7); -- else return 0L; -+PKCS7 *KOpenSSLProxy::d2i_PKCS7_bio(BIO *bp, PKCS7 **p7) -+{ -+ return ::d2i_PKCS7_bio(bp, p7); - } - -- --PKCS7 *KOpenSSLProxy::PKCS7_dup(PKCS7 *p7) { -- if (K_PKCS7_dup) return (K_PKCS7_dup)(p7); -- else return 0L; -+PKCS7 *KOpenSSLProxy::PKCS7_dup(PKCS7 *p7) -+{ -+ return ::PKCS7_dup(p7); - } - -- - PKCS7 *KOpenSSLProxy::PKCS7_sign(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs, -- BIO *data, int flags) { -- if (K_PKCS7_sign) return (K_PKCS7_sign)(signcert,pkey,certs,data,flags); -- else return 0L; -+ BIO *data, int flags) -+{ -+ return ::PKCS7_sign(signcert, pkey, certs, data, flags); - } - -- --int KOpenSSLProxy::PKCS7_verify(PKCS7* p, STACK_OF(X509)* st, X509_STORE* s, BIO* in, BIO *out, int flags) { -- if (K_PKCS7_verify) return (K_PKCS7_verify)(p,st,s,in,out,flags); -- else return 0; -+int KOpenSSLProxy::PKCS7_verify(PKCS7 *p, STACK_OF(X509)* st, X509_STORE *s, BIO *in, BIO *out, int flags) -+{ -+ return ::PKCS7_verify(p, st, s, in, out, flags); - } - -- --STACK_OF(X509) *KOpenSSLProxy::PKCS7_get0_signers(PKCS7 *p7, STACK_OF(X509) *certs, int flags) { -- if (K_PKCS7_get0_signers) return (K_PKCS7_get0_signers)(p7,certs,flags); -- else return 0L; -+STACK_OF(X509) *KOpenSSLProxy::PKCS7_get0_signers(PKCS7 *p7, STACK_OF(X509) *certs, int flags) -+{ -+ return ::PKCS7_get0_signers(p7, certs, flags); - } - -- - PKCS7 *KOpenSSLProxy::PKCS7_encrypt(STACK_OF(X509) *certs, BIO *in, EVP_CIPHER *cipher, -- int flags) { -- if (K_PKCS7_encrypt) return (K_PKCS7_encrypt)(certs,in,cipher,flags); -- else return 0L; -+ int flags) -+{ -+ return ::PKCS7_encrypt(certs, in, cipher, flags); - } - -- --int KOpenSSLProxy::PKCS7_decrypt(PKCS7 *p7, EVP_PKEY *pkey, X509 *cert, BIO *data, int flags) { -- if (K_PKCS7_decrypt) return (K_PKCS7_decrypt)(p7,pkey,cert,data,flags); -- else return 0; -+int KOpenSSLProxy::PKCS7_decrypt(PKCS7 *p7, EVP_PKEY *pkey, X509 *cert, BIO *data, int flags) -+{ -+ return ::PKCS7_decrypt(p7, pkey, cert, data, flags); - } - -- --STACK_OF(X509_NAME) *KOpenSSLProxy::SSL_load_client_CA_file(const char *file) { -- if (K_SSL_load_client_CA_file) return (K_SSL_load_client_CA_file)(file); -- else return 0L; -+STACK_OF(X509_NAME) *KOpenSSLProxy::SSL_load_client_CA_file(const char *file) -+{ -+ return ::SSL_load_client_CA_file(file); - } - -- --STACK_OF(X509_INFO) *KOpenSSLProxy::PEM_X509_INFO_read(FILE *fp, STACK_OF(X509_INFO) *sk, pem_password_cb *cb, void *u) { -- if (K_PEM_X509_INFO_read) return (K_PEM_X509_INFO_read)(fp,sk,cb,u); -- else return 0L; -+STACK_OF(X509_INFO) *KOpenSSLProxy::PEM_X509_INFO_read(FILE *fp, STACK_OF(X509_INFO) *sk, pem_password_cb *cb, void *u) -+{ -+ return ::PEM_X509_INFO_read(fp, sk, cb, u); - } - -- --X509 *KOpenSSLProxy::X509_d2i_fp(FILE *out, X509** buf) { -- if (K_ASN1_d2i_fp) return reinterpret_cast<X509 *>((K_ASN1_d2i_fp)(reinterpret_cast<char *(*)()>(K_X509_new), reinterpret_cast<char *(*)()>(K_d2i_X509), out, reinterpret_cast<unsigned char **>(buf))); -- else return 0L; -+X509 *KOpenSSLProxy::X509_d2i_fp(FILE *out, X509 **buf) -+{ -+ return reinterpret_cast<X509 *>(::ASN1_d2i_fp(reinterpret_cast<void *(*)()>(::X509_new), reinterpret_cast<d2i_of_void*>(::d2i_X509), out, reinterpret_cast<void **>(buf))); - } - -- --int KOpenSSLProxy::SSL_peek(SSL *ssl,void *buf,int num) { -- if (K_SSL_peek) return (K_SSL_peek)(ssl,buf,num); -- else return -1; -+int KOpenSSLProxy::SSL_peek(SSL *ssl, void *buf, int num) -+{ -+ return ::SSL_peek(ssl, buf, num); - } - -- --const char *KOpenSSLProxy::RAND_file_name(char *buf, size_t num) { -- if (K_RAND_file_name) return (K_RAND_file_name)(buf, num); -- else return 0L; -+const char *KOpenSSLProxy::RAND_file_name(char *buf, size_t num) -+{ -+ return ::RAND_file_name(buf, num); - } - -- --int KOpenSSLProxy::RAND_load_file(const char *filename, long max_bytes) { -- if (K_RAND_load_file) return (K_RAND_load_file)(filename, max_bytes); -- else return -1; -+int KOpenSSLProxy::RAND_load_file(const char *filename, long max_bytes) -+{ -+ return ::RAND_load_file(filename, max_bytes); - } - -- --int KOpenSSLProxy::RAND_write_file(const char *filename) { -- if (K_RAND_write_file) return (K_RAND_write_file)(filename); -- else return -1; -+int KOpenSSLProxy::RAND_write_file(const char *filename) -+{ -+ return ::RAND_write_file(filename); - } - -- --int KOpenSSLProxy::X509_PURPOSE_get_count() { -- if (K_X509_PURPOSE_get_count) return (K_X509_PURPOSE_get_count)(); -- else return -1; -+int KOpenSSLProxy::X509_PURPOSE_get_count() -+{ -+ return ::X509_PURPOSE_get_count(); - } - -- --int KOpenSSLProxy::X509_PURPOSE_get_id(X509_PURPOSE *p) { -- if (K_X509_PURPOSE_get_id) return (K_X509_PURPOSE_get_id)(p); -- else return -1; -+int KOpenSSLProxy::X509_PURPOSE_get_id(X509_PURPOSE *p) -+{ -+ return ::X509_PURPOSE_get_id(p); - } - -- --int KOpenSSLProxy::X509_check_purpose(X509 *x, int id, int ca) { -- if (K_X509_check_purpose) return (K_X509_check_purpose)(x, id, ca); -- else return -1; -+int KOpenSSLProxy::X509_check_purpose(X509 *x, int id, int ca) -+{ -+ return ::X509_check_purpose(x, id, ca); - } - -- --X509_PURPOSE *KOpenSSLProxy::X509_PURPOSE_get0(int idx) { -- if (K_X509_PURPOSE_get0) return (K_X509_PURPOSE_get0)(idx); -- else return 0L; -+X509_PURPOSE *KOpenSSLProxy::X509_PURPOSE_get0(int idx) -+{ -+ return ::X509_PURPOSE_get0(idx); - } - -- --int KOpenSSLProxy::EVP_PKEY_assign(EVP_PKEY *pkey, int type, char *key) { -- if (K_EVP_PKEY_assign) return (K_EVP_PKEY_assign)(pkey, type, key); -- else return -1; -+int KOpenSSLProxy::EVP_PKEY_assign(EVP_PKEY *pkey, int type, char *key) -+{ -+ return ::EVP_PKEY_assign(pkey, type, key); - } - -- --int KOpenSSLProxy::X509_REQ_set_pubkey(X509_REQ *x, EVP_PKEY *pkey) { -- if (K_X509_REQ_set_pubkey) return (K_X509_REQ_set_pubkey)(x, pkey); -- else return -1; -+int KOpenSSLProxy::X509_REQ_set_pubkey(X509_REQ *x, EVP_PKEY *pkey) -+{ -+ return ::X509_REQ_set_pubkey(x, pkey); - } - -- --RSA* KOpenSSLProxy::RSA_generate_key(int bits, unsigned long e, void -- (*callback)(int,int,void *), void *cb_arg) { -- if (K_RSA_generate_key) return (K_RSA_generate_key)(bits, e, callback, cb_arg); -- else return 0L; -+RSA *KOpenSSLProxy::RSA_generate_key(int bits, unsigned long e, void -+ (*callback)(int, int, void *), void *cb_arg) -+{ -+ return ::RSA_generate_key(bits, e, callback, cb_arg); - } - --STACK *KOpenSSLProxy::X509_get1_email(X509 *x) { -- if (K_X509_get1_email) return (K_X509_get1_email)(x); -- else return 0L; -+STACK *KOpenSSLProxy::X509_get1_email(X509 *x) -+{ -+ return reinterpret_cast<STACK*>(::X509_get1_email(x)); - } - --void KOpenSSLProxy::X509_email_free(STACK *sk) { -- if (K_X509_email_free) (K_X509_email_free)(sk); -+void KOpenSSLProxy::X509_email_free(STACK *sk) -+{ -+ ::X509_email_free(reinterpret_cast<STACK_OF(OPENSSL_STRING)*>(sk)); - } - --EVP_CIPHER *KOpenSSLProxy::EVP_des_ede3_cbc() { -- if (K_EVP_des_ede3_cbc) return (K_EVP_des_ede3_cbc)(); -- else return 0L; -+const EVP_CIPHER *KOpenSSLProxy::EVP_des_ede3_cbc() -+{ -+ return ::EVP_des_ede3_cbc(); - } - --EVP_CIPHER *KOpenSSLProxy::EVP_des_cbc() { -- if (K_EVP_des_cbc) return (K_EVP_des_cbc)(); -- else return 0L; -+const EVP_CIPHER *KOpenSSLProxy::EVP_des_cbc() -+{ -+ return ::EVP_des_cbc(); - } - --EVP_CIPHER *KOpenSSLProxy::EVP_rc2_cbc() { -- if (K_EVP_rc2_cbc) return (K_EVP_rc2_cbc)(); -- else return 0L; -+const EVP_CIPHER *KOpenSSLProxy::EVP_rc2_cbc() -+{ -+ return ::EVP_rc2_cbc(); - } - --EVP_CIPHER *KOpenSSLProxy::EVP_rc2_64_cbc() { -- if (K_EVP_rc2_64_cbc) return (K_EVP_rc2_64_cbc)(); -- else return 0L; -+const EVP_CIPHER *KOpenSSLProxy::EVP_rc2_64_cbc() -+{ -+ return ::EVP_rc2_64_cbc(); - } - --EVP_CIPHER *KOpenSSLProxy::EVP_rc2_40_cbc() { -- if (K_EVP_rc2_40_cbc) return (K_EVP_rc2_40_cbc)(); -- else return 0L; -+const EVP_CIPHER *KOpenSSLProxy::EVP_rc2_40_cbc() -+{ -+ return ::EVP_rc2_40_cbc(); - } - --int KOpenSSLProxy::i2d_X509_REQ_fp(FILE *fp, X509_REQ *x) { -- if (K_i2d_X509_REQ_fp) return (K_i2d_X509_REQ_fp)(fp,x); -- else return -1; -+int KOpenSSLProxy::i2d_X509_REQ_fp(FILE *fp, X509_REQ *x) -+{ -+ return ::i2d_X509_REQ_fp(fp, x); - } - -- --void KOpenSSLProxy::ERR_clear_error() { -- if (K_ERR_clear_error) (K_ERR_clear_error)(); -+void KOpenSSLProxy::ERR_clear_error() -+{ -+ return ::ERR_clear_error(); - } - -- --unsigned long KOpenSSLProxy::ERR_get_error() { -- if (K_ERR_get_error) return (K_ERR_get_error)(); -- else return 0xffffffff; -+unsigned long KOpenSSLProxy::ERR_get_error() -+{ -+ return ::ERR_get_error(); - } - -- --void KOpenSSLProxy::ERR_print_errors_fp(FILE* fp) { -- if (K_ERR_print_errors_fp) (K_ERR_print_errors_fp)(fp); -+void KOpenSSLProxy::ERR_print_errors_fp(FILE *fp) -+{ -+ return ::ERR_print_errors_fp(fp); - } - -- --SSL_SESSION *KOpenSSLProxy::SSL_get1_session(SSL *ssl) { -- if (K_SSL_get1_session) return (K_SSL_get1_session)(ssl); -- else return 0L; -+SSL_SESSION *KOpenSSLProxy::SSL_get1_session(SSL *ssl) -+{ -+ return ::SSL_get1_session(ssl); - } - -- --void KOpenSSLProxy::SSL_SESSION_free(SSL_SESSION *session) { -- if (K_SSL_SESSION_free) (K_SSL_SESSION_free)(session); -+void KOpenSSLProxy::SSL_SESSION_free(SSL_SESSION *session) -+{ -+ return ::SSL_SESSION_free(session); - } - -- --int KOpenSSLProxy::SSL_set_session(SSL *ssl, SSL_SESSION *session) { -- if (K_SSL_set_session) return (K_SSL_set_session)(ssl, session); -- else return -1; -+int KOpenSSLProxy::SSL_set_session(SSL *ssl, SSL_SESSION *session) -+{ -+ return ::SSL_set_session(ssl, session); - } - -- --SSL_SESSION *KOpenSSLProxy::d2i_SSL_SESSION(SSL_SESSION **a, unsigned char **pp, long length) { -- if (K_d2i_SSL_SESSION) return (K_d2i_SSL_SESSION)(a, pp, length); -- else return 0L; -+SSL_SESSION *KOpenSSLProxy::d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp, long length) -+{ -+ return ::d2i_SSL_SESSION(a, pp, length); - } - -- --int KOpenSSLProxy::i2d_SSL_SESSION(SSL_SESSION *in, unsigned char **pp) { -- if (K_i2d_SSL_SESSION) return (K_i2d_SSL_SESSION)(in, pp); -- else return -1; -+int KOpenSSLProxy::i2d_SSL_SESSION(SSL_SESSION *in, unsigned char **pp) -+{ -+ return ::i2d_SSL_SESSION(in, pp); - } - -- --int KOpenSSLProxy::i2d_PrivateKey_fp(FILE *fp, EVP_PKEY *p) { -- if (K_i2d_PrivateKey_fp) return (K_i2d_PrivateKey_fp)(fp, p); -- else return -1; -+int KOpenSSLProxy::i2d_PrivateKey_fp(FILE *fp, EVP_PKEY *p) -+{ -+ return ::i2d_PrivateKey_fp(fp, p); - } - -- --int KOpenSSLProxy::i2d_PKCS8PrivateKey_fp(FILE *fp, EVP_PKEY *p, const EVP_CIPHER *c, char *k, int klen, pem_password_cb *cb, void *u) { -- if (K_i2d_PKCS8PrivateKey_fp) return (K_i2d_PKCS8PrivateKey_fp)(fp, p, c, k, klen, cb, u); -- else return -1; -+int KOpenSSLProxy::i2d_PKCS8PrivateKey_fp(FILE *fp, EVP_PKEY *p, const EVP_CIPHER *c, char *k, int klen, pem_password_cb *cb, void *u) -+{ -+ return ::i2d_PKCS8PrivateKey_fp(fp, p, c, k, klen, cb, u); - } - -- --void KOpenSSLProxy::RSA_free(RSA *rsa) { -- if (K_RSA_free) (K_RSA_free)(rsa); -+void KOpenSSLProxy::RSA_free(RSA *rsa) -+{ -+ return ::RSA_free(rsa); - } - -- --EVP_CIPHER *KOpenSSLProxy::EVP_bf_cbc() { -- if (K_EVP_bf_cbc) return (K_EVP_bf_cbc)(); -- return 0L; -+const EVP_CIPHER *KOpenSSLProxy::EVP_bf_cbc() -+{ -+ return ::EVP_bf_cbc(); - } - -- --int KOpenSSLProxy::X509_REQ_sign(X509_REQ *x, EVP_PKEY *pkey, const EVP_MD *md) { -- if (K_X509_REQ_sign) return (K_X509_REQ_sign)(x, pkey, md); -- return -1; -+int KOpenSSLProxy::X509_REQ_sign(X509_REQ *x, EVP_PKEY *pkey, const EVP_MD *md) -+{ -+ return ::X509_REQ_sign(x, pkey, md); - } - -- - int KOpenSSLProxy::X509_NAME_add_entry_by_txt(X509_NAME *name, char *field, -- int type, unsigned char *bytes, int len, int loc, int set) { -- if (K_X509_NAME_add_entry_by_txt) return (K_X509_NAME_add_entry_by_txt)(name, field, type, bytes, len, loc, set); -- return -1; -+ int type, unsigned char *bytes, int len, int loc, int set) -+{ -+ return ::X509_NAME_add_entry_by_txt(name, field, type, bytes, len, loc, set); - } - -- --X509_NAME *KOpenSSLProxy::X509_NAME_new() { -- if (K_X509_NAME_new) return (K_X509_NAME_new)(); -- return 0L; -+X509_NAME *KOpenSSLProxy::X509_NAME_new() -+{ -+ return ::X509_NAME_new(); - } - -- --int KOpenSSLProxy::X509_REQ_set_subject_name(X509_REQ *req,X509_NAME *name) { -- if (K_X509_REQ_set_subject_name) return (K_X509_REQ_set_subject_name)(req, name); -- return -1; -+int KOpenSSLProxy::X509_REQ_set_subject_name(X509_REQ *req, X509_NAME *name) -+{ -+ return ::X509_REQ_set_subject_name(req, name); - } - -- --unsigned char *KOpenSSLProxy::ASN1_STRING_data(ASN1_STRING *x) { -- if (K_ASN1_STRING_data) return (K_ASN1_STRING_data)(x); -- return 0L; -+unsigned char *KOpenSSLProxy::ASN1_STRING_data(ASN1_STRING *x) -+{ -+ return ::ASN1_STRING_data(x); - } - -- --int KOpenSSLProxy::ASN1_STRING_length(ASN1_STRING *x) { -- if (K_ASN1_STRING_length) return (K_ASN1_STRING_length)(x); -- return 0L; -+int KOpenSSLProxy::ASN1_STRING_length(ASN1_STRING *x) -+{ -+ return ::ASN1_STRING_length(x); - } - -- --STACK_OF(SSL_CIPHER) *KOpenSSLProxy::SSL_get_ciphers(const SSL* ssl) { -- if (K_SSL_get_ciphers) return (K_SSL_get_ciphers)(ssl); -- return 0L; -+STACK_OF(SSL_CIPHER) *KOpenSSLProxy::SSL_get_ciphers(const SSL *ssl) -+{ -+ return ::SSL_get_ciphers(ssl); - } - - #endif -- ---- kdelibs-4.14.26/kio/kssl/kopenssl.h.omv~ 2016-11-14 21:58:51.376629071 +0100 -+++ kdelibs-4.14.26/kio/kssl/kopenssl.h 2016-11-14 22:11:08.549870329 +0100 -@@ -16,7 +16,6 @@ - Boston, MA 02110-1301, USA. - */ - -- - // IF YOU ARE USING THIS CLASS, YOU ARE MAKING A MISTAKE. - - #ifndef __KOPENSSLPROXY_H -@@ -25,11 +24,9 @@ - #define KOSSL KOpenSSLProxy - class KOpenSSLProxyPrivate; - --#include <kio/kio_export.h> -- - #include <ksslconfig.h> - --#ifdef KSSL_HAVE_SSL -+#if KSSL_HAVE_SSL - #define crypt _openssl_crypt - #include <openssl/ssl.h> - #include <openssl/x509.h> -@@ -62,833 +59,773 @@ class KOpenSSLProxyPrivate; - * @short KDE OpenSSL Wrapper - * @internal - */ --class KOpenSSLProxy { -+class KOpenSSLProxy -+{ - public: - -- /** -- * Return an instance of class KOpenSSLProxy * -- * You cannot delete this object. It is a singleton class. -- */ -- static KOpenSSLProxy *self(); -- -- /** -- * Return true of libcrypto was found and loaded -- */ -- bool hasLibCrypto() const; -- -- /** -- * Return true of libssl was found and loaded -- */ -- bool hasLibSSL() const; -- -- /** -- * Destroy the class and start over - don't use this unless you know -- * what you are doing. -- */ -- void destroy(); -- -- // Here are the symbols that we need. --#ifdef KSSL_HAVE_SSL -- -- /* -- * SSL_connect - initiate the TLS/SSL handshake with an TLS/SSL server -- */ -- int SSL_connect(SSL *ssl); -- -- /* -- * SSL_accept - initiate the TLS/SSL handshake with an TLS/SSL server -- */ -- int SSL_accept(SSL *ssl); -- -- /* -- * SSL_get_error - get the error code -- */ -- int SSL_get_error(SSL *ssl, int rc); -- -- /* -- * SSL_read - read bytes from a TLS/SSL connection. -- */ -- int SSL_read(SSL *ssl, void *buf, int num); -- -- /* -- * SSL_write - write bytes to a TLS/SSL connection. -- */ -- int SSL_write(SSL *ssl, const void *buf, int num); -- -- /* -- * SSL_new - create a new SSL structure for a connection -- */ -- SSL *SSL_new(SSL_CTX *ctx); -- -- /* -- * SSL_free - free an allocated SSL structure -- */ -- void SSL_free(SSL *ssl); -- -- /* -- * SSL_shutdown - shutdown an allocated SSL connection -- */ -- int SSL_shutdown(SSL *ssl); -- -- /* -- * SSL_CTX_new - create a new SSL_CTX object as framework for TLS/SSL enabled functions -- */ -- SSL_CTX *SSL_CTX_new(SSL_METHOD *method); -- -- /* -- * SSL_CTX_free - free an allocated SSL_CTX object -- */ -- void SSL_CTX_free(SSL_CTX *ctx); -- -- /* -- * SSL_set_fd - connect the SSL object with a file descriptor -- */ -- int SSL_set_fd(SSL *ssl, int fd); -- -- /* -- * SSL_pending - obtain number of readable bytes buffered in an SSL object -- */ -- int SSL_pending(SSL *ssl); -- -- /* -- * SSL_peek - obtain bytes buffered in an SSL object -- */ -- int SSL_peek(SSL *ssl, void *buf, int num); -- -- /* -- * SSL_CTX_set_cipher_list - choose list of available SSL_CIPHERs -- */ -- int SSL_CTX_set_cipher_list(SSL_CTX *ctx, const char *str); -- -- /* -- * SSL_CTX_set_verify - set peer certificate verification parameters -- */ -- void SSL_CTX_set_verify(SSL_CTX *ctx, int mode, -- int (*verify_callback)(int, X509_STORE_CTX *)); -- -- /* -- * SSL_use_certificate - load certificate -- */ -- int SSL_use_certificate(SSL *ssl, X509 *x); -- -- /* -- * SSL_get_current_cipher - get SSL_CIPHER of a connection -- */ -- SSL_CIPHER *SSL_get_current_cipher(SSL *ssl); -- -- /* -- * SSL_set_options - manipulate SSL engine options -- * Note: These are all mapped to SSL_ctrl so call them as the comment -- * specifies but know that they use SSL_ctrl. They are #define -- * so they will map to the one in this class if called as a -- * member function of this class. -- */ -- /* long SSL_set_options(SSL *ssl, long options); */ -- /* Returns 0 if not reused, 1 if session id is reused */ -- /* int SSL_session_reused(SSL *ssl); */ -- long SSL_ctrl(SSL *ssl,int cmd, long larg, char *parg); -- -- /* -- * RAND_egd - set the path to the EGD -- */ -- int RAND_egd(const char *path); -- -- -- /* -- * RAND_file_name -- */ -- const char *RAND_file_name(char *buf, size_t num); -- -- -- /* -- * RAND_load_file -- */ -- int RAND_load_file(const char *filename, long max_bytes); -- -- -- /* -- * RAND_write_file -- */ -- int RAND_write_file(const char *filename); -- -- -- /* -- * TLSv1_client_method - return a TLSv1 client method object -- */ -- SSL_METHOD *TLSv1_client_method(); -- -- -- /* -- * SSLv23_client_method - return a SSLv23 client method object -- */ -- SSL_METHOD *SSLv23_client_method(); -- -- -- /* -- * SSL_get_peer_certificate - return the peer's certificate -- */ -- X509 *SSL_get_peer_certificate(SSL *s); -- -- -- /* -- * SSL_get_peer_cert_chain - get the peer's certificate chain -- */ -- STACK_OF(X509) *SSL_get_peer_cert_chain(SSL *s); -- -- /* -- * SSL_CIPHER_get_bits - get the number of bits in this cipher -- */ -- int SSL_CIPHER_get_bits(SSL_CIPHER *c,int *alg_bits); -- -- -- /* -- * SSL_CIPHER_get_version - get the version of this cipher -- */ -- char *SSL_CIPHER_get_version(SSL_CIPHER *c); -- -- -- /* -- * SSL_CIPHER_get_name - get the name of this cipher -- */ -- const char *SSL_CIPHER_get_name(SSL_CIPHER *c); -- -- -- /* -- * SSL_CIPHER_description - get the description of this cipher -- */ -- char *SSL_CIPHER_description(SSL_CIPHER *,char *buf,int size); -- -- -- /* -- * SSL_CTX_use_PrivateKey - set the private key for the session. -- * - for use with client certificates -- */ -- int SSL_CTX_use_PrivateKey(SSL_CTX *ctx, EVP_PKEY *pkey); -- -- -- /* -- * SSL_CTX_use_certificate - set the client certificate for the session. -- */ -- int SSL_CTX_use_certificate(SSL_CTX *ctx, X509 *x); -- -- -- /* -- * d2i_X509 - Convert a text representation of X509 to an X509 object -- */ -- X509 * d2i_X509(X509 **a,unsigned char **pp,long length); -- -- -- /* -- * i2d_X509 - Convert an X509 object into a text representation -- */ -- int i2d_X509(X509 *a,unsigned char **pp); -- -- -- /* -- * X509_cmp - compare two X509 objects -- */ -- int X509_cmp(X509 *a, X509 *b); -- -- -- /* -- * X509_dup - duplicate an X509 object -- */ -- X509 *X509_dup(X509 *x509); -- -- -- /* -- * X509_STORE_CTX_new - create an X509 store context -- */ -- X509_STORE_CTX *X509_STORE_CTX_new(void); -- -- -- /* -- * X509_STORE_CTX_free - free up an X509 store context -- */ -- void X509_STORE_CTX_free(X509_STORE_CTX *v); -- -- -- /* -- * X509_STORE_CTX_set_chain - set the certificate chain -- */ -- void X509_STORE_CTX_set_chain(X509_STORE_CTX *v, STACK_OF(X509)* x); -- -- /* -- * X509_STORE_CTX_set_purpose - set the purpose of the certificate -- */ -- void X509_STORE_CTX_set_purpose(X509_STORE_CTX *v, int purpose); -- -- /* -- * X509_verify_cert - verify the certificate -- */ -- int X509_verify_cert(X509_STORE_CTX *v); -- -- -- /* -- * X509_STORE_new - create an X509 store -- */ -- X509_STORE *X509_STORE_new(void); -- -- -- /* -- * X509_STORE_free - free up an X509 store -- */ -- void X509_STORE_free(X509_STORE *v); -- -- -- /* -- * X509_free - free up an X509 -- */ -- void X509_free(X509 *v); -- -- -- /* -- * X509_NAME_oneline - return the X509 data in a string -- */ -- char *X509_NAME_oneline(X509_NAME *a, char *buf, int size); -- -- -- /* -- * X509_get_subject_name - return the X509_NAME for the subject field -- */ -- X509_NAME *X509_get_subject_name(X509 *a); -- -- -- /* -- * X509_get_issuer_name - return the X509_NAME for the issuer field -- */ -- X509_NAME *X509_get_issuer_name(X509 *a); -- -- -- /* -- * X509_STORE_add_lookup - add a lookup file/method to an X509 store -- */ -- X509_LOOKUP *X509_STORE_add_lookup(X509_STORE *v, X509_LOOKUP_METHOD *m); -- -- -- /* -- * X509_LOOKUP_file - Definition of the LOOKUP_file method -- */ -- X509_LOOKUP_METHOD *X509_LOOKUP_file(void); -- -- -- /* -- * X509_LOOKUP_free - Free an X509_LOOKUP -- */ -- void X509_LOOKUP_free(X509_LOOKUP *x); -- -- -- /* -- * X509_LOOKUP_ctrl - This is not normally called directly (use macros) -- */ -- int X509_LOOKUP_ctrl(X509_LOOKUP *ctx, int cmd, const char *argc, long argl, char **ret); -- -- -- /* -- * X509_STORE_CTX_init - initialize an X509 STORE context -- */ -- void X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store, X509 *x509, STACK_OF(X509) *chain); -- -- -- /* -- * CRYPTO_free - free up an internally allocated object -- */ -- void CRYPTO_free(void *x); -- -- /* -- * BIO_new - create new BIO -- */ -- BIO *BIO_new(BIO_METHOD *type); -- -- /* -- * BIO methods - only one defined here yet -- */ -- BIO_METHOD *BIO_s_mem(void); -- -- /* -- * BIO_new_fp - nastiness called BIO - used to create BIO* from FILE* -- */ -- BIO *BIO_new_fp(FILE *stream, int close_flag); -- -- /* -- * BIO_new_mem_buf - read only BIO from memory region -- */ -- BIO *BIO_new_mem_buf(void *buf, int len); -- -- /* -- * BIO_free - nastiness called BIO - used to destroy BIO* -- */ -- int BIO_free(BIO *a); -- -- /* -- * BIO_ctrl - BIO control method -- */ -- long BIO_ctrl(BIO *bp,int cmd,long larg,void *parg); -- -- /* -- * BIO_write - equivalent to ::write for BIO -- */ -- int BIO_write(BIO *b, const void *data, int len); -- -- /* -- * PEM_write_bio_X509 - write a PEM encoded cert to a BIO* -- */ -- int PEM_write_bio_X509(BIO *bp, X509 *x); -- -- /* -- * ASN1_item_i2d_fp - used for netscape output -- */ -- int ASN1_item_i2d_fp(FILE *out, unsigned char *x); -- -- -- /* -- * ASN1_d2i_fp - read an X509 from a DER encoded file (buf can be NULL) -- */ -- X509 *X509_d2i_fp(FILE *out, X509** buf); -- -- -- /* -- * X509_print - print the text form of an X509 -- */ -- int X509_print(FILE *fp, X509 *x); -- -- -- /* -- * Read a PKCS#12 cert from fp -- */ -- PKCS12 *d2i_PKCS12_fp(FILE *fp, PKCS12 **p12); -- -- -- /* -- * Change the password on a PKCS#12 cert -- */ -- int PKCS12_newpass(PKCS12 *p12, char *oldpass, char *newpass); -- -- -- /* -- * Write a PKCS#12 to mem -- */ -- int i2d_PKCS12(PKCS12 *p12, unsigned char **p); -- -- -- /* -- * Write a PKCS#12 to FILE* -- */ -- int i2d_PKCS12_fp(FILE *fp, PKCS12 *p12); -- -- -- /* -- * Create a new PKCS#12 object -- */ -- PKCS12 *PKCS12_new(void); -- -- -- /* -- * Destroy that PKCS#12 that you created! -- */ -- void PKCS12_free(PKCS12 *a); -- -- -- /* -- * Parse the PKCS#12 -- */ -- int PKCS12_parse(PKCS12 *p12, const char *pass, EVP_PKEY **pkey, -- X509 **cert, STACK_OF(X509) **ca); -- -- -- /* -- * Free the Private Key -- */ -- void EVP_PKEY_free(EVP_PKEY *x); -- -- -- /* -- * Pop off the stack -- */ -- char *sk_pop(STACK *s); -- -- -- /* -- * Free the stack -- */ -- void sk_free(STACK *s); -+ /** -+ * Return an instance of class KOpenSSLProxy * -+ * You cannot delete this object. It is a singleton class. -+ */ -+ static KOpenSSLProxy *self(); -+ -+ /** -+ * Return true of libcrypto was found and loaded -+ */ -+ bool hasLibCrypto() const; -+ -+ /** -+ * Return true of libssl was found and loaded -+ */ -+ bool hasLibSSL() const; -+ -+ /** -+ * Destroy the class and start over - don't use this unless you know -+ * what you are doing. -+ */ -+ void destroy(); -+ -+ // Here are the symbols that we need. -+#if KSSL_HAVE_SSL -+ -+ /* -+ * SSL_connect - initiate the TLS/SSL handshake with an TLS/SSL server -+ */ -+ int SSL_connect(SSL *ssl); -+ -+ /* -+ * SSL_accept - initiate the TLS/SSL handshake with an TLS/SSL server -+ */ -+ int SSL_accept(SSL *ssl); -+ -+ /* -+ * SSL_get_error - get the error code -+ */ -+ int SSL_get_error(SSL *ssl, int rc); -+ -+ /* -+ * SSL_read - read bytes from a TLS/SSL connection. -+ */ -+ int SSL_read(SSL *ssl, void *buf, int num); -+ -+ /* -+ * SSL_write - write bytes to a TLS/SSL connection. -+ */ -+ int SSL_write(SSL *ssl, const void *buf, int num); -+ -+ /* -+ * SSL_new - create a new SSL structure for a connection -+ */ -+ SSL *SSL_new(SSL_CTX *ctx); -+ -+ /* -+ * SSL_free - free an allocated SSL structure -+ */ -+ void SSL_free(SSL *ssl); -+ -+ /* -+ * SSL_shutdown - shutdown an allocated SSL connection -+ */ -+ int SSL_shutdown(SSL *ssl); -+ -+ /* -+ * SSL_CTX_new - create a new SSL_CTX object as framework for TLS/SSL enabled functions -+ */ -+ SSL_CTX *SSL_CTX_new(const SSL_METHOD *method); -+ -+ /* -+ * SSL_CTX_free - free an allocated SSL_CTX object -+ */ -+ void SSL_CTX_free(SSL_CTX *ctx); -+ -+ /* -+ * SSL_set_fd - connect the SSL object with a file descriptor -+ */ -+ int SSL_set_fd(SSL *ssl, int fd); -+ -+ /* -+ * SSL_pending - obtain number of readable bytes buffered in an SSL object -+ */ -+ int SSL_pending(SSL *ssl); -+ -+ /* -+ * SSL_peek - obtain bytes buffered in an SSL object -+ */ -+ int SSL_peek(SSL *ssl, void *buf, int num); -+ -+ /* -+ * SSL_CTX_set_cipher_list - choose list of available SSL_CIPHERs -+ */ -+ int SSL_CTX_set_cipher_list(SSL_CTX *ctx, const char *str); -+ -+ /* -+ * SSL_CTX_set_verify - set peer certificate verification parameters -+ */ -+ void SSL_CTX_set_verify(SSL_CTX *ctx, int mode, -+ int (*verify_callback)(int, X509_STORE_CTX *)); -+ -+ /* -+ * SSL_use_certificate - load certificate -+ */ -+ int SSL_use_certificate(SSL *ssl, X509 *x); -+ -+ /* -+ * SSL_get_current_cipher - get SSL_CIPHER of a connection -+ */ -+ const SSL_CIPHER *SSL_get_current_cipher(SSL *ssl); -+ -+ /* -+ * SSL_set_options - manipulate SSL engine options -+ * Note: These are all mapped to SSL_ctrl so call them as the comment -+ * specifies but know that they use SSL_ctrl. They are #define -+ * so they will map to the one in this class if called as a -+ * member function of this class. -+ */ -+ /* long SSL_set_options(SSL *ssl, long options); */ -+ /* Returns 0 if not reused, 1 if session id is reused */ -+ /* int SSL_session_reused(SSL *ssl); */ -+ long SSL_ctrl(SSL *ssl, int cmd, long larg, char *parg); -+ -+ /* -+ * RAND_egd - set the path to the EGD -+ */ -+ int RAND_egd(const char *path); -+ -+ /* -+ * RAND_file_name -+ */ -+ const char *RAND_file_name(char *buf, size_t num); -+ -+ /* -+ * RAND_load_file -+ */ -+ int RAND_load_file(const char *filename, long max_bytes); -+ -+ /* -+ * RAND_write_file -+ */ -+ int RAND_write_file(const char *filename); -+ -+ /* -+ * TLSv1_client_method - return a TLSv1 client method object -+ */ -+ const SSL_METHOD *TLSv1_client_method(); -+ -+ /* -+ * SSLv23_client_method - return a SSLv23 client method object -+ */ -+ const SSL_METHOD *SSLv23_client_method(); -+ -+ /* -+ * SSL_get_peer_certificate - return the peer's certificate -+ */ -+ X509 *SSL_get_peer_certificate(SSL *s); -+ -+ /* -+ * SSL_get_peer_cert_chain - get the peer's certificate chain -+ */ -+ STACK_OF(X509) *SSL_get_peer_cert_chain(SSL *s); -+ -+ /* -+ * SSL_CIPHER_get_bits - get the number of bits in this cipher -+ */ -+ int SSL_CIPHER_get_bits(SSL_CIPHER *c, int *alg_bits); -+ -+ /* -+ * SSL_CIPHER_get_version - get the version of this cipher -+ */ -+ const char *SSL_CIPHER_get_version(SSL_CIPHER *c); -+ -+ /* -+ * SSL_CIPHER_get_name - get the name of this cipher -+ */ -+ const char *SSL_CIPHER_get_name(SSL_CIPHER *c); -+ -+ /* -+ * SSL_CIPHER_description - get the description of this cipher -+ */ -+ char *SSL_CIPHER_description(SSL_CIPHER *, char *buf, int size); -+ -+ /* -+ * SSL_CTX_use_PrivateKey - set the private key for the session. -+ * - for use with client certificates -+ */ -+ int SSL_CTX_use_PrivateKey(SSL_CTX *ctx, EVP_PKEY *pkey); -+ -+ /* -+ * SSL_CTX_use_certificate - set the client certificate for the session. -+ */ -+ int SSL_CTX_use_certificate(SSL_CTX *ctx, X509 *x); -+ -+ /* -+ * d2i_X509 - Convert a text representation of X509 to an X509 object -+ */ -+ X509 *d2i_X509(X509 **a, const unsigned char **pp, long length); -+ -+ /* -+ * i2d_X509 - Convert an X509 object into a text representation -+ */ -+ int i2d_X509(X509 *a, unsigned char **pp); -+ -+ /* -+ * X509_cmp - compare two X509 objects -+ */ -+ int X509_cmp(X509 *a, X509 *b); -+ -+ /* -+ * X509_dup - duplicate an X509 object -+ */ -+ X509 *X509_dup(X509 *x509); -+ -+ /* -+ * X509_STORE_CTX_new - create an X509 store context -+ */ -+ X509_STORE_CTX *X509_STORE_CTX_new(void); -+ -+ /* -+ * X509_STORE_CTX_free - free up an X509 store context -+ */ -+ void X509_STORE_CTX_free(X509_STORE_CTX *v); -+ -+ /* -+ * X509_STORE_CTX_set_chain - set the certificate chain -+ */ -+ void X509_STORE_CTX_set_chain(X509_STORE_CTX *v, STACK_OF(X509)* x); -+ -+ /* -+ * X509_STORE_CTX_set_purpose - set the purpose of the certificate -+ */ -+ void X509_STORE_CTX_set_purpose(X509_STORE_CTX *v, int purpose); -+ -+ /* -+ * X509_verify_cert - verify the certificate -+ */ -+ int X509_verify_cert(X509_STORE_CTX *v); -+ -+ /* -+ * X509_STORE_new - create an X509 store -+ */ -+ X509_STORE *X509_STORE_new(void); -+ -+ /* -+ * X509_STORE_free - free up an X509 store -+ */ -+ void X509_STORE_free(X509_STORE *v); -+ -+ /* -+ * X509_free - free up an X509 -+ */ -+ void X509_free(X509 *v); -+ -+ /* -+ * X509_NAME_oneline - return the X509 data in a string -+ */ -+ char *X509_NAME_oneline(X509_NAME *a, char *buf, int size); -+ -+ /* -+ * X509_get_subject_name - return the X509_NAME for the subject field -+ */ -+ X509_NAME *X509_get_subject_name(X509 *a); -+ -+ /* -+ * X509_get_issuer_name - return the X509_NAME for the issuer field -+ */ -+ X509_NAME *X509_get_issuer_name(X509 *a); -+ -+ /* -+ * X509_STORE_add_lookup - add a lookup file/method to an X509 store -+ */ -+ X509_LOOKUP *X509_STORE_add_lookup(X509_STORE *v, X509_LOOKUP_METHOD *m); -+ -+ /* -+ * X509_LOOKUP_file - Definition of the LOOKUP_file method -+ */ -+ X509_LOOKUP_METHOD *X509_LOOKUP_file(void); -+ -+ /* -+ * X509_LOOKUP_free - Free an X509_LOOKUP -+ */ -+ void X509_LOOKUP_free(X509_LOOKUP *x); -+ -+ /* -+ * X509_LOOKUP_ctrl - This is not normally called directly (use macros) -+ */ -+ int X509_LOOKUP_ctrl(X509_LOOKUP *ctx, int cmd, const char *argc, long argl, char **ret); -+ -+ /* -+ * X509_STORE_CTX_init - initialize an X509 STORE context -+ */ -+ void X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store, X509 *x509, STACK_OF(X509) *chain); -+ -+ /* -+ * CRYPTO_free - free up an internally allocated object -+ */ -+ void CRYPTO_free(void *x); -+ -+ /* -+ * BIO_new - create new BIO -+ */ -+ BIO *BIO_new(BIO_METHOD *type); -+ -+ /* -+ * BIO methods - only one defined here yet -+ */ -+ const BIO_METHOD *BIO_s_mem(void); -+ -+ /* -+ * BIO_new_fp - nastiness called BIO - used to create BIO* from FILE* -+ */ -+ BIO *BIO_new_fp(FILE *stream, int close_flag); -+ -+ /* -+ * BIO_new_mem_buf - read only BIO from memory region -+ */ -+ BIO *BIO_new_mem_buf(void *buf, int len); -+ -+ /* -+ * BIO_free - nastiness called BIO - used to destroy BIO* -+ */ -+ int BIO_free(BIO *a); -+ -+ /* -+ * BIO_ctrl - BIO control method -+ */ -+ long BIO_ctrl(BIO *bp, int cmd, long larg, void *parg); -+ -+ /* -+ * BIO_write - equivalent to ::write for BIO -+ */ -+ int BIO_write(BIO *b, const void *data, int len); -+ -+ /* -+ * PEM_write_bio_X509 - write a PEM encoded cert to a BIO* -+ */ -+ int PEM_write_bio_X509(BIO *bp, X509 *x); -+ -+ /* -+ * ASN1_d2i_fp - read an X509 from a DER encoded file (buf can be NULL) -+ */ -+ X509 *X509_d2i_fp(FILE *out, X509 **buf); -+ -+ /* -+ * X509_print - print the text form of an X509 -+ */ -+ int X509_print(FILE *fp, X509 *x); -+ -+ /* -+ * Read a PKCS#12 cert from fp -+ */ -+ PKCS12 *d2i_PKCS12_fp(FILE *fp, PKCS12 **p12); -+ -+ /* -+ * Change the password on a PKCS#12 cert -+ */ -+ int PKCS12_newpass(PKCS12 *p12, char *oldpass, char *newpass); -+ -+ /* -+ * Write a PKCS#12 to mem -+ */ -+ int i2d_PKCS12(PKCS12 *p12, unsigned char **p); -+ -+ /* -+ * Write a PKCS#12 to FILE* -+ */ -+ int i2d_PKCS12_fp(FILE *fp, PKCS12 *p12); -+ -+ /* -+ * Create a new PKCS#12 object -+ */ -+ PKCS12 *PKCS12_new(void); -+ -+ /* -+ * Destroy that PKCS#12 that you created! -+ */ -+ void PKCS12_free(PKCS12 *a); -+ -+ /* -+ * Parse the PKCS#12 -+ */ -+ int PKCS12_parse(PKCS12 *p12, const char *pass, EVP_PKEY **pkey, -+ X509 **cert, STACK_OF(X509) **ca); -+ -+ /* -+ * Free the Private Key -+ */ -+ void EVP_PKEY_free(EVP_PKEY *x); -+ -+ /* -+ * Pop off the stack -+ */ -+ char *sk_pop(STACK *s); -+ -+ /* -+ * Free the stack -+ */ -+ void sk_free(STACK *s); - - #if OPENSSL_VERSION_NUMBER >= 0x10000000L -- void sk_free(void *s) { return sk_free(reinterpret_cast<STACK*>(s)); } -+ void sk_free(void *s) -+ { -+ return sk_free(reinterpret_cast<STACK *>(s)); -+ } - #endif - -- /* -- * Number of elements in the stack -- */ -- int sk_num(STACK *s); -- -- -- /* -- * Value of element n in the stack -- */ -- char *sk_value(STACK *s, int n); -+ /* -+ * Number of elements in the stack -+ */ -+ int sk_num(STACK *s); -+ -+ /* -+ * Value of element n in the stack -+ */ -+ char *sk_value(STACK *s, int n); - - #if OPENSSL_VERSION_NUMBER >= 0x10000000L -- char *sk_value(void *s, int n) { return sk_value(reinterpret_cast<STACK*>(s), n); } -+ char *sk_value(void *s, int n) -+ { -+ return sk_value(reinterpret_cast<STACK *>(s), n); -+ } - #endif - -- /* -- * Create a new stack -- */ -- STACK *sk_new(int (*cmp)()); -- -- -- /* -- * Add an element to the stack -- */ -- int sk_push(STACK *s, char *d); -+ /* -+ * Create a new stack -+ */ -+ STACK *sk_new(OPENSSL_sk_compfunc cmp); -+ -+ /* -+ * Add an element to the stack -+ */ -+ int sk_push(STACK *s, char *d); - - #if OPENSSL_VERSION_NUMBER >= 0x10000000L -- int sk_push(void *s, void *d) { return sk_push(reinterpret_cast<STACK*>(s), reinterpret_cast<char*>(d)); } -+ int sk_push(void *s, void *d) -+ { -+ return sk_push(reinterpret_cast<STACK *>(s), reinterpret_cast<char *>(d)); -+ } - #endif - -+ /* -+ * Duplicate the stack -+ */ -+ STACK *sk_dup(STACK *s); -+ -+ /* -+ * Convert an ASN1_INTEGER to its text form -+ */ -+ char *i2s_ASN1_INTEGER(X509V3_EXT_METHOD *meth, ASN1_INTEGER *aint); -+ -+ /* -+ * Get the certificate's serial number -+ */ -+ ASN1_INTEGER *X509_get_serialNumber(X509 *x); -+ -+ /* -+ * Get the certificate's public key -+ */ -+ EVP_PKEY *X509_get_pubkey(X509 *x); -+ -+ /* -+ * Convert the public key to a decimal form -+ */ -+ int i2d_PublicKey(EVP_PKEY *a, unsigned char **pp); -+ -+ /* -+ * Check the private key of a PKCS bundle against the X509 -+ */ -+ int X509_check_private_key(X509 *x, EVP_PKEY *p); -+ -+ /* -+ * Convert a BIGNUM to a hex string -+ */ -+ char *BN_bn2hex(const BIGNUM *a); -+ -+ /* -+ * Compute the digest of an X.509 -+ */ -+ int X509_digest(const X509 *x, const EVP_MD *t, unsigned char *md, unsigned int *len); -+ -+ /* -+ * EVP_md5 -+ */ -+ const EVP_MD *EVP_md5(); -+ -+ /* -+ * ASN1_INTEGER free -+ */ -+ void ASN1_INTEGER_free(ASN1_INTEGER *x); -+ -+ /* -+ * ASN1_STRING_data -+ */ -+ unsigned char *ASN1_STRING_data(ASN1_STRING *x); -+ -+ /* -+ * ASN1_STRING_length -+ */ -+ int ASN1_STRING_length(ASN1_STRING *x); -+ -+ /* -+ * -+ */ -+ int OBJ_obj2nid(ASN1_OBJECT *o); -+ -+ /* -+ * -+ */ -+ const char *OBJ_nid2ln(int n); -+ -+ /* -+ * get the number of extensions -+ */ -+ int X509_get_ext_count(X509 *x); -+ -+ /* -+ * -+ */ -+ int X509_get_ext_by_NID(X509 *x, int nid, int lastpos); -+ -+ /* -+ * -+ */ -+ int X509_get_ext_by_OBJ(X509 *x, ASN1_OBJECT *obj, int lastpos); -+ -+ /* -+ * -+ */ -+ X509_EXTENSION *X509_get_ext(X509 *x, int loc); -+ -+ /* -+ * -+ */ -+ X509_EXTENSION *X509_delete_ext(X509 *x, int loc); -+ -+ /* -+ * -+ */ -+ int X509_add_ext(X509 *x, X509_EXTENSION *ex, int loc); -+ -+ /* -+ * -+ */ -+ void *X509_get_ext_d2i(X509 *x, int nid, int *crit, int *idx); -+ -+ /* -+ * -+ */ -+ char *i2s_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method, ASN1_OCTET_STRING *ia5); -+ -+ /* -+ * -+ */ -+ int ASN1_BIT_STRING_get_bit(ASN1_BIT_STRING *a, int n); -+ -+ /* -+ * -+ */ -+ PKCS7 *PKCS7_new(void); -+ -+ /* -+ * -+ */ -+ void PKCS7_free(PKCS7 *a); -+ -+ /* -+ * -+ */ -+ void PKCS7_content_free(PKCS7 *a); -+ -+ /* -+ * -+ */ -+ int i2d_PKCS7(PKCS7 *a, unsigned char **pp); -+ -+ /* -+ * -+ */ -+ PKCS7 *d2i_PKCS7(PKCS7 **a, const unsigned char **pp, long length); -+ -+ /* -+ * -+ */ -+ int i2d_PKCS7_fp(FILE *fp, PKCS7 *p7); -+ -+ /* -+ * -+ */ -+ PKCS7 *d2i_PKCS7_fp(FILE *fp, PKCS7 **p7); -+ -+ /* -+ * -+ */ -+ int i2d_PKCS7_bio(BIO *bp, PKCS7 *p7); -+ -+ /* -+ * -+ */ -+ PKCS7 *d2i_PKCS7_bio(BIO *bp, PKCS7 **p7); -+ -+ /* -+ * -+ */ -+ PKCS7 *PKCS7_dup(PKCS7 *p7); -+ -+ /* -+ * Create a PKCS7 signature / signed message -+ */ -+ PKCS7 *PKCS7_sign(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs, -+ BIO *data, int flags); -+ -+ /* -+ * Verify a PKCS7 signature. -+ */ -+ int PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store, -+ BIO *indata, BIO *out, int flags); -+ -+ /* -+ * Get signers of a verified PKCS7 signature -+ */ -+ STACK_OF(X509) *PKCS7_get0_signers(PKCS7 *p7, STACK_OF(X509) *certs, int flags); -+ -+ /* -+ * PKCS7 encrypt message -+ */ -+ PKCS7 *PKCS7_encrypt(STACK_OF(X509) *certs, BIO *in, EVP_CIPHER *cipher, -+ int flags); -+ -+ /* -+ * decrypt PKCS7 message -+ */ -+ int PKCS7_decrypt(PKCS7 *p7, EVP_PKEY *pkey, X509 *cert, BIO *data, int flags); -+ -+ /* -+ * Load a CA list file. -+ */ -+ STACK_OF(X509_NAME) *SSL_load_client_CA_file(const char *file); -+ -+ /* -+ * Load a file of PEM encoded objects. -+ */ -+ STACK_OF(X509_INFO) *PEM_X509_INFO_read(FILE *fp, STACK_OF(X509_INFO) *sk, -+ pem_password_cb *cb, void *u); -+ -+ /* -+ * Get the number of purposes available -+ */ -+ int X509_PURPOSE_get_count(); -+ -+ /* -+ * Get the ID of a purpose -+ */ -+ int X509_PURPOSE_get_id(X509_PURPOSE *); -+ -+ /* -+ * Check the existence of purpose id "id" in x. for CA, set ca = 1, else 0 -+ */ -+ int X509_check_purpose(X509 *x, int id, int ca); -+ -+ /* -+ * Get the purpose with index #idx -+ */ -+ X509_PURPOSE *X509_PURPOSE_get0(int idx); -+ -+ /* -+ * Create a new Private KEY -+ */ -+ EVP_PKEY *EVP_PKEY_new(); -+ -+ /* -+ * Assign a private key -+ */ -+ int EVP_PKEY_assign(EVP_PKEY *pkey, int type, char *key); -+ -+ /* -+ * Generate a RSA key -+ */ -+ RSA *RSA_generate_key(int bits, unsigned long e, void -+ (*callback)(int, int, void *), void *cb_arg); -+ -+ /* -+ * Create/destroy a certificate request -+ */ -+ X509_REQ *X509_REQ_new(); -+ void X509_REQ_free(X509_REQ *a); -+ -+ /* -+ * Set the public key in the REQ object -+ */ -+ int X509_REQ_set_pubkey(X509_REQ *x, EVP_PKEY *pkey); -+ -+ /* for testing */ -+ int i2d_X509_REQ_fp(FILE *fp, X509_REQ *x); -+ -+ /* SMime support */ -+ STACK *X509_get1_email(X509 *x); -+ void X509_email_free(STACK *sk); -+ -+ /* Ciphers needed for SMime */ -+ const EVP_CIPHER *EVP_des_ede3_cbc(); -+ const EVP_CIPHER *EVP_des_cbc(); -+ const EVP_CIPHER *EVP_rc2_cbc(); -+ const EVP_CIPHER *EVP_rc2_64_cbc(); -+ const EVP_CIPHER *EVP_rc2_40_cbc(); -+ -+ /* clear the current error - use this often*/ -+ void ERR_clear_error(); -+ -+ /* retrieve the latest error */ -+ unsigned long ERR_get_error(); -+ -+ /* Print the errors to this stream */ -+ void ERR_print_errors_fp(FILE *fp); -+ -+ /* Get a pointer to the SSL session id (reference counted) */ -+ SSL_SESSION *SSL_get1_session(SSL *ssl); -+ -+ /* Frees a pointer to the SSL session id (reference decremented if needed) */ -+ void SSL_SESSION_free(SSL_SESSION *session); -+ -+ /* Set the SSL session to reuse. */ -+ int SSL_set_session(SSL *ssl, SSL_SESSION *session); -+ -+ /* Decode ASN.1 to SSL_SESSION */ -+ SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp, long length); -+ /* Encode SSL_SESSION to ASN.1 */ -+ int i2d_SSL_SESSION(SSL_SESSION *in, unsigned char **pp); -+ -+ /* Write privatekey to FILE stream */ -+ int i2d_PrivateKey_fp(FILE *, EVP_PKEY *); -+ -+ /* Write PKCS#8privatekey to FILE stream */ -+ int i2d_PKCS8PrivateKey_fp(FILE *, EVP_PKEY *, const EVP_CIPHER *, char *, int, pem_password_cb *, void *); -+ -+ /* Free RSA structure */ -+ void RSA_free(RSA *); -+ -+ /* Get a blowfish CBC pointer */ -+ const EVP_CIPHER *EVP_bf_cbc(); -+ -+ /* Sign a CSR */ -+ int X509_REQ_sign(X509_REQ *, EVP_PKEY *, const EVP_MD *); -+ -+ /* add a name entry */ -+ int X509_NAME_add_entry_by_txt(X509_NAME *, char *, int, unsigned char *, int, int, int); - -- /* -- * Duplicate the stack -- */ -- STACK *sk_dup(STACK *s); -- -- -- /* -- * Convert an ASN1_INTEGER to its text form -- */ -- char *i2s_ASN1_INTEGER(X509V3_EXT_METHOD *meth, ASN1_INTEGER *aint); -- -- -- /* -- * Get the certificate's serial number -- */ -- ASN1_INTEGER *X509_get_serialNumber(X509 *x); -- -- -- /* -- * Get the certificate's public key -- */ -- EVP_PKEY *X509_get_pubkey(X509 *x); -- -- -- /* -- * Convert the public key to a decimal form -- */ -- int i2d_PublicKey(EVP_PKEY *a, unsigned char **pp); -- -- -- /* -- * Check the private key of a PKCS bundle against the X509 -- */ -- int X509_check_private_key(X509 *x, EVP_PKEY *p); -- -- -- /* -- * Convert a BIGNUM to a hex string -- */ -- char *BN_bn2hex(const BIGNUM *a); -- -- -- /* -- * Compute the digest of an X.509 -- */ -- int X509_digest(const X509 *x,const EVP_MD *t, unsigned char *md, unsigned int *len); -- -- -- /* -- * EVP_md5 -- */ -- EVP_MD *EVP_md5(); -- -- -- /* -- * ASN1_INTEGER free -- */ -- void ASN1_INTEGER_free(ASN1_INTEGER *x); -- -- -- /* -- * ASN1_STRING_data -- */ -- unsigned char *ASN1_STRING_data(ASN1_STRING *x); -- -- /* -- * ASN1_STRING_length -- */ -- int ASN1_STRING_length(ASN1_STRING *x); -- -- /* -- * -- */ -- int OBJ_obj2nid(ASN1_OBJECT *o); -- -- /* -- * -- */ -- const char * OBJ_nid2ln(int n); -- -- /* -- * get the number of extensions -- */ -- int X509_get_ext_count(X509 *x); -- -- /* -- * -- */ -- int X509_get_ext_by_NID(X509 *x, int nid, int lastpos); -- -- /* -- * -- */ -- int X509_get_ext_by_OBJ(X509 *x,ASN1_OBJECT *obj,int lastpos); -- -- /* -- * -- */ -- X509_EXTENSION *X509_get_ext(X509 *x, int loc); -- -- /* -- * -- */ -- X509_EXTENSION *X509_delete_ext(X509 *x, int loc); -- -- /* -- * -- */ -- int X509_add_ext(X509 *x, X509_EXTENSION *ex, int loc); -- -- /* -- * -- */ -- void *X509_get_ext_d2i(X509 *x, int nid, int *crit, int *idx); -- -- /* -- * -- */ -- char *i2s_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method, ASN1_OCTET_STRING *ia5); -- -- /* -- * -- */ -- int ASN1_BIT_STRING_get_bit(ASN1_BIT_STRING *a, int n); -- -- /* -- * -- */ -- PKCS7 *PKCS7_new(void); -- -- /* -- * -- */ -- void PKCS7_free(PKCS7 *a); -- -- /* -- * -- */ -- void PKCS7_content_free(PKCS7 *a); -- -- /* -- * -- */ -- int i2d_PKCS7(PKCS7 *a, unsigned char **pp); -- -- /* -- * -- */ -- PKCS7 *d2i_PKCS7(PKCS7 **a, unsigned char **pp,long length); -- -- /* -- * -- */ -- int i2d_PKCS7_fp(FILE *fp,PKCS7 *p7); -- -- /* -- * -- */ -- PKCS7 *d2i_PKCS7_fp(FILE *fp,PKCS7 **p7); -- -- /* -- * -- */ -- int i2d_PKCS7_bio(BIO *bp,PKCS7 *p7); -- -- /* -- * -- */ -- PKCS7 *d2i_PKCS7_bio(BIO *bp,PKCS7 **p7); -- -- /* -- * -- */ -- PKCS7 *PKCS7_dup(PKCS7 *p7); -- -- /* -- * Create a PKCS7 signature / signed message -- */ -- PKCS7 *PKCS7_sign(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs, -- BIO *data, int flags); -- -- /* -- * Verify a PKCS7 signature. -- */ -- int PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store, -- BIO *indata, BIO *out, int flags); -- -- /* -- * Get signers of a verified PKCS7 signature -- */ -- STACK_OF(X509) *PKCS7_get0_signers(PKCS7 *p7, STACK_OF(X509) *certs, int flags); -- -- /* -- * PKCS7 encrypt message -- */ -- PKCS7 *PKCS7_encrypt(STACK_OF(X509) *certs, BIO *in, EVP_CIPHER *cipher, -- int flags); -- -- /* -- * decrypt PKCS7 message -- */ -- int PKCS7_decrypt(PKCS7 *p7, EVP_PKEY *pkey, X509 *cert, BIO *data, int flags); -- -- -- /* -- * Load a CA list file. -- */ -- STACK_OF(X509_NAME) *SSL_load_client_CA_file(const char *file); -- -- /* -- * Load a file of PEM encoded objects. -- */ -- STACK_OF(X509_INFO) *PEM_X509_INFO_read(FILE *fp, STACK_OF(X509_INFO) *sk, -- pem_password_cb *cb, void *u); -- -- /* -- * Get the number of purposes available -- */ -- int X509_PURPOSE_get_count(); -- -- -- /* -- * Get the ID of a purpose -- */ -- int X509_PURPOSE_get_id(X509_PURPOSE *); -- -- -- /* -- * Check the existence of purpose id "id" in x. for CA, set ca = 1, else 0 -- */ -- int X509_check_purpose(X509 *x, int id, int ca); -- -- -- /* -- * Get the purpose with index #idx -- */ -- X509_PURPOSE * X509_PURPOSE_get0(int idx); -- -- -- /* -- * Create a new Private KEY -- */ -- EVP_PKEY* EVP_PKEY_new(); -- -- -- /* -- * Assign a private key -- */ -- int EVP_PKEY_assign(EVP_PKEY *pkey, int type, char *key); -- -- -- /* -- * Generate a RSA key -- */ -- RSA *RSA_generate_key(int bits, unsigned long e, void -- (*callback)(int,int,void *), void *cb_arg); -- -- -- /* -- * Create/destroy a certificate request -- */ -- X509_REQ *X509_REQ_new(); -- void X509_REQ_free(X509_REQ *a); -- -- -- /* -- * Set the public key in the REQ object -- */ -- int X509_REQ_set_pubkey(X509_REQ *x, EVP_PKEY *pkey); -- -- /* for testing */ -- int i2d_X509_REQ_fp(FILE *fp, X509_REQ *x); -- -- /* SMime support */ -- STACK *X509_get1_email(X509 *x); -- void X509_email_free(STACK *sk); -- -- /* Ciphers needed for SMime */ -- EVP_CIPHER *EVP_des_ede3_cbc(); -- EVP_CIPHER *EVP_des_cbc(); -- EVP_CIPHER *EVP_rc2_cbc(); -- EVP_CIPHER *EVP_rc2_64_cbc(); -- EVP_CIPHER *EVP_rc2_40_cbc(); -- -- /* clear the current error - use this often*/ -- void ERR_clear_error(); -- -- /* retrieve the latest error */ -- unsigned long ERR_get_error(); -- -- /* Print the errors to this stream */ -- void ERR_print_errors_fp(FILE *fp); -- -- /* Get a pointer to the SSL session id (reference counted) */ -- SSL_SESSION *SSL_get1_session(SSL *ssl); -- -- /* Frees a pointer to the SSL session id (reference decremented if needed) */ -- void SSL_SESSION_free(SSL_SESSION *session); -- -- /* Set the SSL session to reuse. */ -- int SSL_set_session(SSL *ssl, SSL_SESSION *session); -- -- /* Decode ASN.1 to SSL_SESSION */ -- SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a, unsigned char **pp, long length); -- /* Encode SSL_SESSION to ASN.1 */ -- int i2d_SSL_SESSION(SSL_SESSION *in, unsigned char **pp); -- -- /* Write privatekey to FILE stream */ -- int i2d_PrivateKey_fp(FILE*, EVP_PKEY*); -- -- /* Write PKCS#8privatekey to FILE stream */ -- int i2d_PKCS8PrivateKey_fp(FILE*, EVP_PKEY*, const EVP_CIPHER*, char*, int, pem_password_cb*, void*); -- -- /* Free RSA structure */ -- void RSA_free(RSA*); -- -- /* Get a blowfish CBC pointer */ -- EVP_CIPHER *EVP_bf_cbc(); -- -- /* Sign a CSR */ -- int X509_REQ_sign(X509_REQ*, EVP_PKEY*, const EVP_MD*); -- -- /* add a name entry */ -- int X509_NAME_add_entry_by_txt(X509_NAME*, char*, int, unsigned char*, int, int, int); -- -- /* Create a name */ -- X509_NAME *X509_NAME_new(); -+ /* Create a name */ -+ X509_NAME *X509_NAME_new(); - -- /* Set the subject */ -- int X509_REQ_set_subject_name(X509_REQ*,X509_NAME*); -+ /* Set the subject */ -+ int X509_REQ_set_subject_name(X509_REQ *, X509_NAME *); - -- /* get list of available SSL_CIPHER's sorted by preference */ -- STACK_OF(SSL_CIPHER) *SSL_get_ciphers(const SSL* ssl); -+ /* get list of available SSL_CIPHER's sorted by preference */ -+ STACK_OF(SSL_CIPHER) *SSL_get_ciphers(const SSL *ssl); - - #endif - - private: -- friend class KOpenSSLProxyPrivate; -- KOpenSSLProxy(); -- ~KOpenSSLProxy(); -- KOpenSSLProxyPrivate * const d; -+ friend class KOpenSSLProxyPrivate; -+ KOpenSSLProxy(); -+ ~KOpenSSLProxy(); -+ KOpenSSLProxyPrivate *const d; - }; - - #endif ---- kdelibs-4.14.26/kio/kssl/ksslcallback.c.omv~ 2016-11-14 21:58:51.376629071 +0100 -+++ kdelibs-4.14.26/kio/kssl/ksslcallback.c 2016-11-14 22:35:01.105257670 +0100 -@@ -28,7 +28,7 @@ bool KSSL_X509CallBack_ca_found; - extern "C" { - static int X509Callback(int ok, X509_STORE_CTX *ctx) { - -- kDebug(7029) << "X509Callback: ok = " << ok << " error = " << ctx->error << " depth = " << ctx->error_depth; -+ //kDebug(7029) << "X509Callback: ok = " << ok << " error = " << ctx->error << " depth = " << ctx->error_depth; - // Here is how this works. We put "ok = 1;" in any case that we - // don't consider to be an error. In that case, it will return OK - // for the certificate check as long as there are no other critical -@@ -39,14 +39,14 @@ static int X509Callback(int ok, X509_STO - - if (KSSL_X509CallBack_ca) - { -- if (KOSSL::self()->X509_cmp(ctx->current_cert, KSSL_X509CallBack_ca) != 0) -+ if (KOSSL::self()->X509_cmp(X509_STORE_CTX_get0_cert(ctx), KSSL_X509CallBack_ca) != 0) - return 1; // Ignore errors for this certificate - - KSSL_X509CallBack_ca_found = true; - } - - if (!ok) { -- switch (ctx->error) { -+ switch (X509_STORE_CTX_get_error(ctx)) { - case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT: - case X509_V_ERR_UNABLE_TO_GET_CRL: - case X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE: ---- kdelibs-4.14.26/kio/kssl/ksslcertchain.cpp.omv~ 2016-11-14 21:58:51.376629071 +0100 -+++ kdelibs-4.14.26/kio/kssl/ksslcertchain.cpp 2016-11-14 22:06:34.088906036 +0100 -@@ -44,16 +44,6 @@ - #include <kdebug.h> - #include <QtCore/QStringList> - --#ifdef KSSL_HAVE_SSL --#define sk_new d->kossl->sk_new --#define sk_push d->kossl->sk_push --#define sk_free d->kossl->sk_free --#define sk_value d->kossl->sk_value --#define sk_num d->kossl->sk_num --#define sk_dup d->kossl->sk_dup --#define sk_pop d->kossl->sk_pop --#endif -- - class KSSLCertChainPrivate { - public: - KSSLCertChainPrivate() { ---- kdelibs-4.14.26/kio/kssl/ksslcertificate.cpp.omv~ 2016-11-07 00:11:51.000000000 +0100 -+++ kdelibs-4.14.26/kio/kssl/ksslcertificate.cpp 2016-11-14 22:36:42.514225601 +0100 -@@ -150,7 +150,7 @@ KSSLCertificate *KSSLCertificate::fromSt - } - - QByteArray qba = QByteArray::fromBase64(cert); -- unsigned char *qbap = reinterpret_cast<unsigned char *>(qba.data()); -+ const unsigned char *qbap = reinterpret_cast<unsigned char *>(qba.data()); - X509 *x5c = KOSSL::self()->d2i_X509(NULL, &qbap, qba.size()); - if (!x5c) { - return NULL; -@@ -173,7 +173,7 @@ QString KSSLCertificate::getSubject() co - return rc; - } - rc = t; -- d->kossl->OPENSSL_free(t); -+ OPENSSL_free(t); - #endif - return rc; - } -@@ -200,14 +200,19 @@ QString KSSLCertificate::getSignatureTex - char *s; - int n, i; - -- i = d->kossl->OBJ_obj2nid(d->m_cert->sig_alg->algorithm); -+ i = X509_get_signature_nid(d->m_cert); - rc = i18n("Signature Algorithm: "); - rc += (i == NID_undef)?i18n("Unknown"):QString(d->kossl->OBJ_nid2ln(i)); - - rc += '\n'; - rc += i18n("Signature Contents:"); -- n = d->m_cert->signature->length; -- s = (char *)d->m_cert->signature->data; -+ -+ const ASN1_BIT_STRING *sig; -+ const X509_ALGOR *alg; -+ X509_get0_signature(&sig, &alg, d->m_cert); -+ n = sig->length; -+ s = (char*)sig->data; -+ - for (i = 0; i < n; ++i) { - if (i%20 != 0) { - rc += ':'; -@@ -234,7 +239,7 @@ void KSSLCertificate::getEmails(QStringL - - STACK *s = d->kossl->X509_get1_email(d->m_cert); - if (s) { -- for(int n=0; n < s->num; n++) { -+ for(int n=0; n < OPENSSL_sk_num(s); n++) { - to.append(d->kossl->sk_value(s,n)); - } - d->kossl->X509_email_free(s); -@@ -317,13 +322,13 @@ QString rc = ""; - EVP_PKEY *pkey = d->kossl->X509_get_pubkey(d->m_cert); - if (pkey) { - #ifndef NO_RSA -- if (pkey->type == EVP_PKEY_RSA) { -+ if (EVP_PKEY_id(pkey) == EVP_PKEY_RSA) { - rc = "RSA"; - } - else - #endif - #ifndef NO_DSA -- if (pkey->type == EVP_PKEY_DSA) { -+ if (EVP_PKEY_id(pkey) == EVP_PKEY_DSA) { - rc = "DSA"; - } - else -@@ -347,8 +352,10 @@ char *x = NULL; - if (pkey) { - rc = i18nc("Unknown", "Unknown key algorithm"); - #ifndef NO_RSA -- if (pkey->type == EVP_PKEY_RSA) { -- x = d->kossl->BN_bn2hex(pkey->pkey.rsa->n); -+ if (EVP_PKEY_id(pkey) == EVP_PKEY_RSA) { -+ const BIGNUM *n, *e; -+ RSA_get0_key(EVP_PKEY_get1_RSA(pkey), &n, &e, NULL); -+ x = d->kossl->BN_bn2hex(n); - rc = i18n("Key type: RSA (%1 bit)", strlen(x)*4) + '\n'; - - rc += i18n("Modulus: "); -@@ -362,17 +369,19 @@ char *x = NULL; - rc += x[i]; - } - rc += '\n'; -- d->kossl->OPENSSL_free(x); -+ ::OPENSSL_free(x); - -- x = d->kossl->BN_bn2hex(pkey->pkey.rsa->e); -+ x = d->kossl->BN_bn2hex(e); - rc += i18n("Exponent: 0x") + QLatin1String(x) + - QLatin1String("\n"); -- d->kossl->OPENSSL_free(x); -+ ::OPENSSL_free(x); - } - #endif - #ifndef NO_DSA -- if (pkey->type == EVP_PKEY_DSA) { -- x = d->kossl->BN_bn2hex(pkey->pkey.dsa->p); -+ if (EVP_PKEY_id(pkey) == EVP_PKEY_DSA) { -+ const BIGNUM *p, *q, *g; -+ DSA_get0_pqg(EVP_PKEY_get1_DSA(pkey), &p, &q, &g); -+ x = d->kossl->BN_bn2hex(p); - // hack - this may not be always accurate - rc = i18n("Key type: DSA (%1 bit)", strlen(x)*4) + '\n'; - -@@ -387,9 +396,9 @@ char *x = NULL; - rc += x[i]; - } - rc += '\n'; -- d->kossl->OPENSSL_free(x); -+ ::OPENSSL_free(x); - -- x = d->kossl->BN_bn2hex(pkey->pkey.dsa->q); -+ x = d->kossl->BN_bn2hex(q); - rc += i18n("160 bit prime factor: "); - for (unsigned int i = 0; i < strlen(x); i++) { - if (i%40 != 0 && i%2 == 0) { -@@ -401,9 +410,9 @@ char *x = NULL; - rc += x[i]; - } - rc += '\n'; -- d->kossl->OPENSSL_free(x); -+ ::OPENSSL_free(x); - -- x = d->kossl->BN_bn2hex(pkey->pkey.dsa->g); -+ x = d->kossl->BN_bn2hex(g); - rc += QString("g: "); - for (unsigned int i = 0; i < strlen(x); i++) { - if (i%40 != 0 && i%2 == 0) { -@@ -415,9 +424,11 @@ char *x = NULL; - rc += x[i]; - } - rc += '\n'; -- d->kossl->OPENSSL_free(x); -+ ::OPENSSL_free(x); - -- x = d->kossl->BN_bn2hex(pkey->pkey.dsa->pub_key); -+ const BIGNUM *pub; -+ DSA_get0_key(EVP_PKEY_get1_DSA(pkey), &pub, NULL); -+ x = d->kossl->BN_bn2hex(pub); - rc += i18n("Public key: "); - for (unsigned int i = 0; i < strlen(x); i++) { - if (i%40 != 0 && i%2 == 0) { -@@ -429,7 +440,7 @@ char *x = NULL; - rc += x[i]; - } - rc += '\n'; -- d->kossl->OPENSSL_free(x); -+ ::OPENSSL_free(x); - } - #endif - d->kossl->EVP_PKEY_free(pkey); -@@ -452,7 +463,7 @@ QString rc = ""; - } - - rc = t; -- d->kossl->OPENSSL_free(t); -+ OPENSSL_free(t); - #endif - - return rc; -@@ -724,9 +735,9 @@ KSSLCertificate::KSSLValidationList KSSL - KSSL_X509CallBack_ca = ca ? ca->d->m_cert : 0; - KSSL_X509CallBack_ca_found = false; - -- certStoreCTX->error = X509_V_OK; -+ X509_STORE_CTX_set_error(certStoreCTX, X509_V_OK); - rc = d->kossl->X509_verify_cert(certStoreCTX); -- int errcode = certStoreCTX->error; -+ int errcode = X509_STORE_CTX_get_error(certStoreCTX); - if (ca && !KSSL_X509CallBack_ca_found) { - ksslv = KSSLCertificate::Irrelevant; - } else { -@@ -739,9 +750,9 @@ KSSLCertificate::KSSLValidationList KSSL - d->kossl->X509_STORE_CTX_set_purpose(certStoreCTX, - X509_PURPOSE_NS_SSL_SERVER); - -- certStoreCTX->error = X509_V_OK; -+ X509_STORE_CTX_set_error(certStoreCTX, X509_V_OK); - rc = d->kossl->X509_verify_cert(certStoreCTX); -- errcode = certStoreCTX->error; -+ errcode = X509_STORE_CTX_get_error(certStoreCTX); - ksslv = processError(errcode); - } - d->kossl->X509_STORE_CTX_free(certStoreCTX); -@@ -1210,7 +1221,7 @@ typedef struct NETSCAPE_X509_st - // what a piece of crap this is - QByteArray KSSLCertificate::toNetscape() { - QByteArray qba; --#ifdef KSSL_HAVE_SSL -+#if defined(KSSL_HAVE_SSL) && OPENSSL_VERSION_NUMBER < 0x01001000L - NETSCAPE_X509 nx; - ASN1_OCTET_STRING hdr; - KTemporaryFile ktf; -@@ -1262,7 +1273,7 @@ bool KSSLCertificate::setCert(const QStr - #ifdef KSSL_HAVE_SSL - QByteArray qba, qbb = cert.toLocal8Bit(); - qba = QByteArray::fromBase64(qbb); -- unsigned char *qbap = reinterpret_cast<unsigned char *>(qba.data()); -+ const unsigned char *qbap = reinterpret_cast<const unsigned char *>(qba.data()); - X509 *x5c = KOSSL::self()->d2i_X509(NULL, &qbap, qba.size()); - if (x5c) { - setCert(x5c); -@@ -1293,7 +1304,7 @@ QStringList KSSLCertificate::subjAltName - return rc; - } - -- int cnt = d->kossl->sk_GENERAL_NAME_num(names); -+ int cnt = sk_GENERAL_NAME_num(names); - - for (int i = 0; i < cnt; i++) { - const GENERAL_NAME *val = (const GENERAL_NAME *)d->kossl->sk_value(names, i); ---- kdelibs-4.14.26/kio/kssl/kssl.cpp.omv~ 2016-11-14 21:58:51.377629047 +0100 -+++ kdelibs-4.14.26/kio/kssl/kssl.cpp 2016-11-14 22:12:02.469660694 +0100 -@@ -70,7 +70,7 @@ public: - #ifdef KSSL_HAVE_SSL - SSL *m_ssl; - SSL_CTX *m_ctx; -- SSL_METHOD *m_meth; -+ const SSL_METHOD *m_meth; - #endif - KOSSL *kossl; - }; ---- kdelibs-4.14.26/kio/kssl/ksslutils.cpp.omv~ 2016-11-14 21:58:51.377629047 +0100 -+++ kdelibs-4.14.26/kio/kssl/ksslutils.cpp 2016-11-14 22:37:20.481117236 +0100 -@@ -84,7 +84,7 @@ QString ASN1_UTCTIME_QString(ASN1_UTCTIM - QString ASN1_INTEGER_QString(ASN1_INTEGER *aint) { - char *rep = KOSSL::self()->i2s_ASN1_INTEGER(NULL, aint); - QString yy = rep; --KOSSL::self()->OPENSSL_free(rep); -+::OPENSSL_free(rep); - return yy; - } - |