1 Open SSL patch from Lutz Mändle < lmaendle at gmx dot net > available
2 here (http://www.clearskyinstitute.com/xephem/contrib/xephem-3.7.7_openssl.patch).
3 This is a new version dated Jan 2018 and replaces the previous one from
4 Oct 2016. Many thanks for Lutz continued interest in XEphem.
6 diff -Naur ./orig/xephem-3.7.7/GUI/xephem/auxil/mpcorb2edb.pl ./patched/xephem-3.7.7/GUI/xephem/auxil/mpcorb2edb.pl
\r
7 --- ./orig/xephem-3.7.7/GUI/xephem/auxil/mpcorb2edb.pl 2014-07-11 04:46:35.000000000 +0200
\r
8 +++ ./patched/xephem-3.7.7/GUI/xephem/auxil/mpcorb2edb.pl 2018-01-08 02:54:53.603935652 +0100
\r
11 my $dimmag = 13; # dimmest mag to be saved in "bright" file
\r
12 # set site and file in case of -f
\r
13 -my $MPCSITE = "http://www.minorplanetcenter.net";
\r
14 +my $MPCSITE = "https://www.minorplanetcenter.net";
\r
15 my $MPCFTPDIR = "/iau/MPCORB";
\r
16 my $MPCFILE = "MPCORB.DAT";
\r
17 my $MPCZIPFILE = "MPCORB.DAT.gz";
\r
18 diff -Naur ./orig/xephem-3.7.7/GUI/xephem/fallbacks.c ./patched/xephem-3.7.7/GUI/xephem/fallbacks.c
\r
19 --- ./orig/xephem-3.7.7/GUI/xephem/fallbacks.c 2015-04-09 02:20:19.000000000 +0200
\r
20 +++ ./patched/xephem-3.7.7/GUI/xephem/fallbacks.c 2018-01-08 21:26:23.529915768 +0100
\r
21 @@ -747,10 +747,10 @@
\r
22 "XEphem*WebDB*URL1.value: http://celestrak.com/NORAD/elements/science.txt",
\r
23 "XEphem*WebDB*URL2.value: http://celestrak.com/NORAD/elements/tle-new.txt",
\r
24 "XEphem*WebDB*URL3.value: http://celestrak.com/NORAD/elements/amateur.txt",
\r
25 - "XEphem*WebDB*URL4.value: http://www.minorplanetcenter.org/iau/Ephemerides/Comets/Soft03Cmt.txt",
\r
26 - "XEphem*WebDB*URL5.value: http://www.minorplanetcenter.org/iau/Ephemerides/CritList/Soft03CritList.txt",
\r
27 - "XEphem*WebDB*URL6.value: http://www.minorplanetcenter.org/iau/Ephemerides/Distant/Soft03Distant.txt",
\r
28 - "XEphem*WebDB*URL7.value: http://www.minorplanetcenter.org/iau/Ephemerides/Unusual/Soft03Unusual.txt",
\r
29 + "XEphem*WebDB*URL4.value: https://www.minorplanetcenter.org/iau/Ephemerides/Comets/Soft03Cmt.txt",
\r
30 + "XEphem*WebDB*URL5.value: https://www.minorplanetcenter.org/iau/Ephemerides/CritList/Soft03CritList.txt",
\r
31 + "XEphem*WebDB*URL6.value: https://www.minorplanetcenter.org/iau/Ephemerides/Distant/Soft03Distant.txt",
\r
32 + "XEphem*WebDB*URL7.value: https://www.minorplanetcenter.org/iau/Ephemerides/Unusual/Soft03Unusual.txt",
\r
33 "XEphem*WebDB.x: 200",
\r
34 "XEphem*WebDB.y: 200",
\r
35 "XEphem*WeekStart.Monday.set: False",
\r
36 diff -Naur ./orig/xephem-3.7.7/GUI/xephem/Makefile ./patched/xephem-3.7.7/GUI/xephem/Makefile
\r
37 --- ./orig/xephem-3.7.7/GUI/xephem/Makefile 2015-08-09 23:36:50.000000000 +0200
\r
38 +++ ./patched/xephem-3.7.7/GUI/xephem/Makefile 2018-01-08 21:20:45.200717791 +0100
\r
40 CFLAGS = $(LIBINC) $(CLDFLAGS) -O2 -Wall -I$(MOTIFI) -I/opt/X11/include
\r
41 LDFLAGS = $(LIBLNK) $(CLDFLAGS) -L$(MOTIFL) -L/opt/X11/lib
\r
42 XLIBS = -lXm -lXp -lXt -lXext -lXmu -lX11
\r
43 -LIBS = $(XLIBS) $(LIBLIB) -lm
\r
44 +LIBS = $(XLIBS) $(LIBLIB) -lm -lssl
\r
46 # static linking on Apple using X11 libs from ports
\r
48 diff -Naur ./orig/xephem-3.7.7/GUI/xephem/net.h ./patched/xephem-3.7.7/GUI/xephem/net.h
\r
49 --- ./orig/xephem-3.7.7/GUI/xephem/net.h 2005-03-20 12:04:50.000000000 +0100
\r
50 +++ ./patched/xephem-3.7.7/GUI/xephem/net.h 2018-01-08 19:45:27.561208366 +0100
\r
52 #include <sys/select.h>
\r
55 +#include <openssl/ssl.h>
\r
58 + int fd; //file desciptor for the underlying connection socket
\r
59 + SSL *ssl; //ssl connection for use with SSL_read( )and SSL_write()
\r
62 /* support functions */
\r
64 extern int httpGET (char *host, char *GETcmd, char msg[]);
\r
66 extern int recvline (int fd, char buf[], int max);
\r
67 extern int recvlineb (int sock, char *buf, int size);
\r
68 extern int sendbytes (int fd, unsigned char buf[], int n);
\r
71 +extern int httpsGET (char *host, char *GETcmd, char msg[], XE_SSL_FD *ssl_fd);
\r
72 +extern int ssl_recvbytes (XE_SSL_FD *ssl_fd, unsigned char buf[], int n);
\r
73 +extern int ssl_readbytes (XE_SSL_FD *ssl_fd, unsigned char buf[], int n);
\r
74 +extern int ssl_recvline (XE_SSL_FD *ssl_fd, char buf[], int max);
\r
75 +extern int ssl_recvlineb (XE_SSL_FD *ssl_fd, char *buf, int size);
\r
77 /* For RCS Only -- Do Not Edit
\r
78 * @(#) $RCSfile: net.h,v $ $Date: 2003/03/17 07:26:21 $ $Revision: 1.3 $ $Name: $
\r
79 diff -Naur ./orig/xephem-3.7.7/GUI/xephem/netmenu.c ./patched/xephem-3.7.7/GUI/xephem/netmenu.c
\r
80 --- ./orig/xephem-3.7.7/GUI/xephem/netmenu.c 2010-10-06 23:12:40.000000000 +0200
\r
81 +++ ./patched/xephem-3.7.7/GUI/xephem/netmenu.c 2018-01-08 22:02:16.090940142 +0100
\r
86 +#include <openssl/ssl.h>
\r
88 #include <Xm/Form.h>
\r
89 #include <Xm/Label.h>
\r
90 #include <Xm/PushB.h>
\r
93 static char netcategory[] = "Network"; /* Save category */
\r
95 +static SSL_METHOD *ssl_method; /* global ssl dispatch structure for creating a ssl context */
\r
96 +static SSL_CTX *ssl_ctx; /* global ssl context structure for creating ssl connections */
\r
98 /* call to set up without actually bringing up the menus.
\r
104 + if (SSL_library_init() < 0) {
\r
105 + fprintf (stderr, "Could not initialize the OpenSSL library !\n");
\r
107 + ssl_method = SSLv23_client_method(); /* deprecated since openssl 1.1.x */
\r
108 +// ssl_method = TLS_client_method(); /* since openssl 1.1.x */
\r
109 + ssl_ctx = SSL_CTX_new (ssl_method);
\r
110 + SSL_CTX_set_options (ssl_ctx, SSL_OP_NO_SSLv2);
\r
114 (void) net_save(); /* confirming here is just annoying */
\r
116 @@ -251,8 +265,8 @@
\r
118 unsigned char VN; /* version number */
\r
119 unsigned char CD; /* command code */
\r
120 - unsigned short DSTPORT; /* destination port */
\r
121 - unsigned long DSTIP; /* destination IP addres */
\r
122 + uint16_t DSTPORT; /* destination port */
\r
123 + uint32_t DSTIP; /* destination IP address */
\r
126 struct hostent *hs = gethostbyname (socks_host);
\r
127 @@ -390,7 +404,7 @@
\r
129 /* read up to and including the next '\n' from socket fd into buf[max].
\r
130 * we silently ignore all '\r'. we add a trailing '\0'.
\r
131 - * return line lenth (not counting \0) if all ok, else -1.
\r
132 + * return line length (not counting \0) if all ok, else -1.
\r
133 * N.B. this never reads ahead -- if that's ok, recvlineb() is better
\r
136 @@ -445,6 +459,216 @@
\r
147 + if ((c = rb_linebuf[rb_next++]) != '\r')
\r
150 + } while (buf-origbuf < size && c != '\n');
\r
152 + /* always give back a real line regardless, else status */
\r
155 + ok = buf - origbuf;
\r
161 +/* open the host, do the given GET cmd, and return a socket fd for the result.
\r
162 + * on success it fills the XE_SSL_FD structure for later use by SSL_read() and necessary cleanup.
\r
163 + * return -1 and with excuse in msg[], else 0 if ok.
\r
164 + * N.B. can be called before we are created if net set in app defaults.
\r
167 +httpsGET (char *host, char *GETcmd, char msg[], XE_SSL_FD *ssl_fd)
\r
175 + int httpsport = 443;
\r
177 + /* open connection */
\r
179 + fd = mkconnection (proxy_host, proxy_port, msg);
\r
183 + /* fill buf with CONNECT */
\r
184 + (void) sprintf (buf, "CONNECT %1$s:%2$d HTTP/1.0\r\nUser-Agent: xephem/%3$s\r\nHost: %1$s:%2$d\r\n\r\n", host, httpsport, PATCHLEVEL);
\r
186 + /* add proxy auth if enabled */
\r
188 + net_create_form();
\r
189 + if (XmToggleButtonGetState (auth_w))
\r
193 + xe_msg (0, "https proxy connect: %s", buf);
\r
196 + n = strlen (buf);
\r
197 + if (sendbytes(fd, (unsigned char *)buf, n) < 0) {
\r
198 + (void) sprintf (msg, "%s: send error: %s", proxy_host, syserrstr());
\r
199 + (void) close (fd);
\r
204 + while (recvline (fd, buf, sizeof(buf)) > 1) {
\r
205 + xe_msg (0, "Rcv: %s", buf);
\r
206 + if (strstr (buf, "200 "))
\r
209 + if (!connected) {
\r
210 + (void) sprintf (msg, "%s: connect error: %s", proxy_host, syserrstr());
\r
211 + (void) close (fd);
\r
215 + /* SOCKS or direct are both handled by mkconnection() */
\r
216 + fd = mkconnection (host, httpsport, msg);
\r
221 + /* fill buf with GETcmd */
\r
222 + (void) sprintf (buf, "%s", GETcmd);
\r
224 + /* start ssl connection */
\r
225 + ssl = SSL_new (ssl_ctx);
\r
226 + SSL_set_fd (ssl, fd);
\r
227 + SSL_connect (ssl);
\r
230 + xe_msg (0, "https: %s", buf);
\r
233 + n = strlen (buf);
\r
234 + ret = SSL_write (ssl, (unsigned char *)buf, n);
\r
236 + (void) sprintf (msg, "%s: ssl send error code: %d", host, SSL_get_error (ssl, ret));
\r
237 + (void) SSL_free (ssl);
\r
238 + (void) close (fd);
\r
242 + /* caller can read response */
\r
244 + ssl_fd->ssl = ssl;
\r
248 +/* receive exactly n bytes from ssl connection ssl_fd into buf.
\r
249 + * return -1, 0 or n.
\r
250 + * N.B. with fallback to ordinary read from socket if ssl_fd->ssl is NULL
\r
253 +ssl_recvbytes (XE_SSL_FD *ssl_fd, unsigned char buf[], int n)
\r
257 + for (tot = 0; tot < n; tot += ns) {
\r
258 + if (tout (TOUT, ssl_fd->fd, 0) < 0)
\r
261 + ns = SSL_read (ssl_fd->ssl, (void *)(buf+tot), n-tot);
\r
263 + ns = read (ssl_fd->fd, (void *)(buf+tot), n-tot);
\r
270 +/* like read(2) except we time out and allow user to cancel.
\r
271 + * receive up to n bytes from ssl connection ssl_fd into buf.
\r
272 + * return count, or 0 on eof or -1 on error.
\r
273 + * N.B. with fallback to ordinary read from socket if ssl_fd->ssl is NULL
\r
276 +ssl_readbytes (XE_SSL_FD *ssl_fd, unsigned char buf[], int n)
\r
280 + if (tout (TOUT, ssl_fd->fd, 0) < 0)
\r
283 + ns = SSL_read (ssl_fd->ssl, (void *)buf, n);
\r
285 + ns = read (ssl_fd->fd, (void *)buf, n);
\r
289 +/* read up to and including the next '\n' from ssl into buf[max].
\r
290 + * we silently ignore all '\r'. we add a trailing '\0'.
\r
291 + * return line length (not counting \0) if all ok, else -1.
\r
292 + * N.B. with fallback to ordinary read from socket if ssl_fd->ssl is NULL
\r
295 +ssl_recvline (XE_SSL_FD *ssl_fd, char buf[], int max)
\r
300 + max--; /* leave room for trailing \0 */
\r
302 + for (n = 0; n < max && ssl_recvbytes (ssl_fd, &c, 1) == 1; ) {
\r
315 +/* rather like ssl_recvline but reads ahead in big chunk for efficiency.
\r
316 + * return length if read a line ok, 0 if hit eof, -1 if error.
\r
317 + * N.B. we silently swallow all '\r'.
\r
318 + * N.B. we read ahead and can hide bytes after each call.
\r
319 + * N.B. with fallback to ordinary read from socket if ssl_fd->ssl is NULL
\r
322 +ssl_recvlineb (XE_SSL_FD *ssl_fd, char *buf, int size)
\r
324 + char *origbuf = buf; /* save to prevent overfilling buf */
\r
328 + /* always leave room for trailing \n */
\r
331 + /* read and copy linebuf[next] to buf until buf fills or copied a \n */
\r
334 + if (rb_next >= rb_unk) {
\r
335 + /* linebuf is empty -- refill */
\r
339 + if (tout (TOUT, ssl_fd->fd, 0) < 0) {
\r
344 + nr = SSL_read (ssl_fd->ssl, rb_linebuf, sizeof(rb_linebuf));
\r
346 + nr = read (ssl_fd->fd, rb_linebuf, sizeof(rb_linebuf));
\r
353 diff -Naur ./orig/xephem-3.7.7/GUI/xephem/sunmenu.c ./patched/xephem-3.7.7/GUI/xephem/sunmenu.c
\r
354 --- ./orig/xephem-3.7.7/GUI/xephem/sunmenu.c 2012-04-02 00:38:50.000000000 +0200
\r
355 +++ ./patched/xephem-3.7.7/GUI/xephem/sunmenu.c 2018-01-08 22:09:43.585825210 +0100
\r
356 @@ -884,9 +884,11 @@
\r
359 unsigned char *jpeg;
\r
360 + XE_SSL_FD ssl_fd;
\r
364 + memset(&ssl_fd, 0, sizeof(ssl_fd));
\r
365 memset(&tm, 0, sizeof(struct tm));
\r
367 /* get desired type and size */
\r
368 @@ -899,18 +901,18 @@
\r
370 /* build GET command */
\r
371 sprintf (get, "GET http://%s%s HTTP/1.0\r\nUser-Agent: xephem/%s\r\n\r\n", sohohost, fn, PATCHLEVEL);
\r
375 - fd = httpGET (sohohost, get, buf);
\r
376 + fd = httpsGET (sohohost, get, buf, &ssl_fd);
\r
378 - xe_msg (1, "http get: %s", buf);
\r
379 + xe_msg (1, "https get: %s", buf);
\r
383 /* read header (everything to first blank line), looking for jpeg */
\r
386 - while (recvline (fd, buf, sizeof(buf)) > 1) {
\r
387 + while (ssl_recvline (&ssl_fd, buf, sizeof(buf)) > 1) {
\r
388 xe_msg (0, "Rcv: %s", buf);
\r
389 if (strstr (buf, "Content-Type:") && strstr (buf, "image/jpeg"))
\r
391 @@ -923,15 +925,17 @@
\r
395 - while (recvline (fd, buf, sizeof(buf)) > 0)
\r
396 + while (ssl_recvline (&ssl_fd, buf, sizeof(buf)) > 0)
\r
397 xe_msg (0, "Rcv: %s", buf);
\r
398 xe_msg (1, "Error talking to SOHO .. see File->System log\n");
\r
400 + SSL_free (ssl_fd.ssl);
\r
401 + close (ssl_fd.fd);
\r
405 xe_msg (1, "No Content-Length in header");
\r
407 + SSL_free (ssl_fd.ssl);
\r
408 + close (ssl_fd.fd);
\r
412 @@ -941,20 +945,22 @@
\r
413 for (njpeg = 0; njpeg < jpegl; njpeg += nr) {
\r
414 pm_set (100*njpeg/jpegl);
\r
415 jpeg = (unsigned char *) XtRealloc ((char*)jpeg, njpeg+NSREAD);
\r
416 - nr = readbytes (fd, jpeg+njpeg, NSREAD);
\r
418 - xe_msg (1, "%s:\n%s", sohohost, syserrstr());
\r
419 + nr = SSL_read (ssl_fd.ssl, jpeg+njpeg, NSREAD);
\r
421 + xe_msg (1, "%s: ssl read error code: %d", sohohost, SSL_get_error(ssl_fd.ssl, nr));
\r
424 + SSL_free (ssl_fd.ssl);
\r
425 + close (ssl_fd.fd);
\r
433 + SSL_free (ssl_fd.ssl);
\r
434 + close (ssl_fd.fd);
\r
436 - sprintf (fn, "/%s_%s.jpg", filetime, filetype);
\r
437 + sprintf (fn, "/%s_%s.jpg", filetime, filetype);
\r
439 if (displayPic (fn, jpeg, njpeg) < 0)
\r
441 diff -Naur ./orig/xephem-3.7.7/GUI/xephem/ucac.c ./patched/xephem-3.7.7/GUI/xephem/ucac.c
\r
442 --- ./orig/xephem-3.7.7/GUI/xephem/ucac.c 2013-03-02 03:41:37.000000000 +0100
\r
443 +++ ./patched/xephem-3.7.7/GUI/xephem/ucac.c 2018-01-08 21:53:08.398538689 +0100
\r
444 @@ -18,15 +18,15 @@
\r
446 #define MAXFOV 15.0 /* max fov, degs */
\r
448 -typedef unsigned char UC; /* byte */
\r
449 -typedef unsigned int UI; /* unsigned integer */
\r
450 +typedef unsigned char XE_UC; /* byte */
\r
451 +typedef unsigned int XE_UI; /* unsigned integer */
\r
453 /* access an I*2 or I*4 at offset i in UC array a in little-endian byte order.
\r
454 * a bit slow but ultra portable.
\r
456 -#define I2(a,i) ((int)(short)((((UI)(a)[i]) | (((UI)(a)[i+1])<<8))))
\r
457 -#define I4(a,i) ((int)((((UI)(a)[i]) | (((UI)(a)[i+1])<<8) | \
\r
458 - (((UI)(a)[i+2])<<16) | (((UI)(a)[i+3])<<24))))
\r
459 +#define I2(a,i) ((int)(short)((((XE_UI)(a)[i]) | (((XE_UI)(a)[i+1])<<8))))
\r
460 +#define I4(a,i) ((int)((((XE_UI)(a)[i]) | (((XE_UI)(a)[i+1])<<8) | \
\r
461 + (((XE_UI)(a)[i+2])<<16) | (((XE_UI)(a)[i+3])<<24))))
\r
463 /* keep track of an array of ObjF */
\r
467 #define DPMAS (1.0/3600000.0) /* degrees per milliarcsecond */
\r
469 -typedef UC U2Star[44]; /* UCAC2 record */
\r
470 -typedef UC U3Star[84]; /* UCAC3 record */
\r
471 -typedef UC U4Star[78]; /* UCAC4 record */
\r
472 +typedef XE_UC U2Star[44]; /* UCAC2 record */
\r
473 +typedef XE_UC U3Star[84]; /* UCAC3 record */
\r
474 +typedef XE_UC U4Star[78]; /* UCAC4 record */
\r
475 static char *basedir; /* full dir with zone files and index */
\r
476 static FILE *indexfp; /* index file handle */
\r
478 @@ -293,7 +293,7 @@
\r
479 read4Index (int rz, int dz, int *nskip, int *nnew)
\r
485 offset = (rz*NZH4 + dz)*sizeof(i4);
\r
486 if (fseek (indexfp, offset, SEEK_SET) < 0) {
\r
487 @@ -508,7 +508,7 @@
\r
488 read3Index (int rz, int dz, int *nskip, int *nnew)
\r
494 offset = (rz*NZH + dz)*sizeof(i4);
\r
495 if (fseek (indexfp, offset, SEEK_SET) < 0) {
\r
496 @@ -663,7 +663,7 @@
\r
497 get2N (int rz, int dz, int *idp)
\r
503 offset = (dz*NZW + rz)*sizeof(nat);
\r
504 if (fseek (indexfp, offset, SEEK_SET) < 0)
\r
505 diff -Naur ./orig/xephem-3.7.7/GUI/xephem/usno.c ./patched/xephem-3.7.7/GUI/xephem/usno.c
\r
506 --- ./orig/xephem-3.7.7/GUI/xephem/usno.c 2005-03-20 12:04:51.000000000 +0100
\r
507 +++ ./patched/xephem-3.7.7/GUI/xephem/usno.c 2016-10-26 18:59:16.469149437 +0200
\r
509 #define CATBPR 12 /* bytes per star record in .cat file */
\r
510 #define ACCBPR 30 /* bytes per record in .acc file */
\r
512 -typedef unsigned int UI;
\r
513 -typedef unsigned char UC;
\r
514 +typedef unsigned int XE_UI;
\r
515 +typedef unsigned char XE_UC;
\r
517 /* One Field star */
\r
520 double lr[2], int *nd, double fd[2], double ld[2], int zone[2], char msg[]);
\r
521 static int fetchSwath (int zone, double maxmag, double fr, double lr,
\r
522 double fd, double ld, StarArray *sap, char msg[]);
\r
523 -static int crackCatBuf (UC buf[CATBPR], FieldStar *fsp);
\r
524 +static int crackCatBuf (XE_UC buf[CATBPR], FieldStar *fsp);
\r
525 static int addGS (StarArray *sap, FieldStar *fsp);
\r
527 static char *cdpath; /* where CD rom is mounted */
\r
528 @@ -236,7 +236,7 @@
\r
532 - UC catbuf[CATBPR];
\r
533 + XE_UC catbuf[CATBPR];
\r
537 @@ -314,13 +314,13 @@
\r
538 * return 0 if ok, else -1.
\r
541 -crackCatBuf (UC buf[CATBPR], FieldStar *fsp)
\r
542 +crackCatBuf (XE_UC buf[CATBPR], FieldStar *fsp)
\r
544 -#define BEUPACK(b) (((UI)((b)[0])<<24) | ((UI)((b)[1])<<16) | ((UI)((b)[2])<<8)\
\r
545 - | ((UI)((b)[3])))
\r
546 +#define BEUPACK(b) (((XE_UI)((b)[0])<<24) | ((XE_UI)((b)[1])<<16) | ((XE_UI)((b)[2])<<8)\
\r
547 + | ((XE_UI)((b)[3])))
\r
553 /* first 4 bytes are packed RA, big-endian */
\r
554 ra = BEUPACK(buf)/(100.0*3600.0*15.0);
\r
555 diff -Naur ./orig/xephem-3.7.7/GUI/xephem/webdbmenu.c ./patched/xephem-3.7.7/GUI/xephem/webdbmenu.c
\r
556 --- ./orig/xephem-3.7.7/GUI/xephem/webdbmenu.c 2012-11-23 06:22:09.000000000 +0100
\r
557 +++ ./patched/xephem-3.7.7/GUI/xephem/webdbmenu.c 2018-01-08 21:58:01.975042039 +0100
\r
558 @@ -404,6 +404,10 @@
\r
561 static char http[] = "http://";
\r
562 + static char https[] = "https://";
\r
563 + char *transport = http;
\r
564 + int ltransport = strlen (transport);
\r
566 char buf[512], msg[1024];
\r
567 char l0[512], l1[512], l2[512];
\r
568 char *l0p = l0, *l1p = l1, *l2p = l2;
\r
569 @@ -411,21 +415,31 @@
\r
571 char filename[256];
\r
573 + XE_SSL_FD ssl_fd;
\r
577 + memset(&ssl_fd, 0, sizeof(ssl_fd));
\r
581 l0[0] = l1[0] = l2[0] = '\0';
\r
583 /* find transport and host */
\r
584 - if (strncmp (url, http, 7)) {
\r
585 - xe_msg (1, "URL must begin with %s", http);
\r
586 + if (!strncmp (url, transport, ltransport)) {
\r
589 + transport = https;
\r
590 + ltransport = strlen (transport);
\r
593 + if ((!ishttp) && (strncmp (url, transport, ltransport))) {
\r
594 + xe_msg (1, "URL must begin with %s or %s", http, https);
\r
599 - slash = strchr (url+7, '/');
\r
600 + slash = strchr (url+ltransport, '/');
\r
601 dot = strrchr (url, '.');
\r
602 if (!slash || !dot) {
\r
603 xe_msg (1, "Badly formed URL");
\r
604 @@ -434,11 +448,16 @@
\r
607 /* connect to check url */
\r
608 - sprintf (host, "%.*s", (int)(slash-url-7), url+7);
\r
609 + sprintf (host, "%.*s", (int)(slash-url-ltransport), url+ltransport);
\r
610 sprintf (buf, "GET %s HTTP/1.1\r\nHost: %s\r\nConnection: close\r\nUser-Agent: xephem/%s\r\n\r\n",
\r
611 url, host, PATCHLEVEL);
\r
613 - sockfd = httpGET (host, buf, msg);
\r
615 + sockfd = httpGET (host, buf, msg);
\r
616 + ssl_fd.fd = sockfd;
\r
618 + sockfd = httpsGET (host, buf, msg, &ssl_fd);
\r
621 xe_msg (1, "http GET to %s failed: %s%s\n", host, buf, msg);
\r
623 @@ -447,20 +466,22 @@
\r
626 /* create local file */
\r
627 - slash = strrchr (url+7, '/');
\r
628 + slash = strrchr (url+ltransport, '/');
\r
629 sprintf (filename, "%s/%.*sedb", getPrivateDir(), (int)(dot-slash), slash+1);
\r
630 fp = fopen (filename, "w");
\r
632 xe_msg (1, "%s:\n%s", filename, syserrstr());
\r
636 + SSL_free (ssl_fd.ssl);
\r
637 + close (ssl_fd.fd);
\r
641 /* copy to file, insuring only .edb lines.
\r
644 - while (recvlineb (sockfd, l2p, sizeof(l2)) > 0) {
\r
645 + while (ssl_recvlineb (&ssl_fd, l2p, sizeof(l2)) > 0) {
\r
649 @@ -484,7 +505,9 @@
\r
651 /* tidy up and done */
\r
655 + SSL_free (ssl_fd.ssl);
\r
656 + close (ssl_fd.fd);
\r
658 xe_msg (1, "No objects in file");
\r
660 diff -Naur ./orig/xephem-3.7.7/GUI/xephem/xephem.h ./patched/xephem-3.7.7/GUI/xephem/xephem.h
\r
661 --- ./orig/xephem-3.7.7/GUI/xephem/xephem.h 2012-12-30 18:01:12.000000000 +0100
\r
662 +++ ./patched/xephem-3.7.7/GUI/xephem/xephem.h 2016-10-26 20:09:47.000000000 +0200
\r
663 @@ -12,12 +12,12 @@
\r
665 #include <stdarg.h> /* be kind to those who don't use xe_msg() */
\r
667 +#include "net.h" /* has to be included before astro.h because of openssl */
\r
671 /* local glue files */
\r
674 #include "patchlevel.h"
\r
675 #include "preferences.h"
\r