[packages/xchat-gnome.git] / xchat-gnome-openssl-1.1.patch

--- xchat-gnome-0.26.1/src/common/server.c.orig	2018-09-27 15:56:46.608064545 +0200
+++ xchat-gnome-0.26.1/src/common/server.c	2018-09-27 16:07:09.710698536 +0200
@@ -598,9 +598,9 @@
 	char buf[512];
 
 
-	X509_NAME_oneline (X509_get_subject_name (ctx->current_cert), subject,
+	X509_NAME_oneline (X509_get_subject_name (X509_STORE_CTX_get_current_cert(ctx)), subject,
 							 sizeof (subject));
-	X509_NAME_oneline (X509_get_issuer_name (ctx->current_cert), issuer,
+	X509_NAME_oneline (X509_get_issuer_name (X509_STORE_CTX_get_current_cert(ctx)), issuer,
 							 sizeof (issuer));
 
 	snprintf (buf, sizeof (buf), "* Subject: %s", subject);
@@ -751,7 +751,7 @@
 		return (0);					  /* remove it (0) */
 	} else
 	{
-		if (serv->ssl->session && serv->ssl->session->time + SSLTMOUT < time (NULL))
+		if (SSL_get_session(serv->ssl) && SSL_SESSION_get_time( SSL_get_session(serv->ssl) ) + SSLTMOUT < time (NULL))
 		{
 			snprintf (buf, sizeof (buf), "SSL handshake timed out");
 			EMIT_SIGNAL (XP_TE_CONNFAIL, serv->server_session, buf, NULL,
--- xchat-gnome-0.26.1/src/common/ssl.c.orig	2018-09-27 16:08:42.338868615 +0200
+++ xchat-gnome-0.26.1/src/common/ssl.c	2018-09-27 16:23:10.787612779 +0200
@@ -70,7 +70,7 @@
 
 	SSLeay_add_ssl_algorithms ();
 	SSL_load_error_strings ();
-	ctx = SSL_CTX_new (server ? SSLv3_server_method() : SSLv3_client_method ());
+	ctx = SSL_CTX_new (server ? TLS_server_method() : TLS_client_method ());
 
 	SSL_CTX_set_session_cache_mode (ctx, SSL_SESS_CACHE_BOTH);
 	SSL_CTX_set_timeout (ctx, 300);
@@ -136,6 +136,8 @@
 _SSL_get_cert_info (struct cert_info *cert_info, SSL * ssl)
 {
 	X509 *peer_cert;
+	X509_PUBKEY *key;
+	X509_ALGOR *algor = NULL;
 	EVP_PKEY *peer_pkey;
 	/* EVP_PKEY *ca_pkey; */
 	/* EVP_PKEY *tmp_pkey; */
@@ -155,8 +157,13 @@
 	broke_oneline (cert_info->subject, cert_info->subject_word);
 	broke_oneline (cert_info->issuer, cert_info->issuer_word);
 
-	alg = OBJ_obj2nid (peer_cert->cert_info->key->algor->algorithm);
-	sign_alg = OBJ_obj2nid (peer_cert->sig_alg->algorithm);
+	key = X509_get_X509_PUBKEY(peer_cert);
+	if (!X509_PUBKEY_get0_param(NULL, NULL, 0, &algor, key)) {
+		return 1;
+	}
+	alg = OBJ_obj2nid (algor->algorithm);
+		
+	sign_alg = X509_get_signature_nid(peer_cert);
 	ASN1_TIME_snprintf (notBefore, sizeof (notBefore),
 							  X509_get_notBefore (peer_cert));
 	ASN1_TIME_snprintf (notAfter, sizeof (notAfter),
@@ -281,7 +288,7 @@
 		__SSL_critical_error ("SSL_new");
 
 	SSL_set_fd (ssl, sd);
-	if (ctx->method == SSLv3_client_method())
+	if (SSL_CTX_get_ssl_method (ctx) == TLS_client_method())
 		SSL_set_connect_state (ssl);
 	else
 	        SSL_set_accept_state(ssl);
Commit	Line	Data
b4ad7762 AG	1	--- xchat-gnome-0.26.1/src/common/server.c.orig 2018-09-27 15:56:46.608064545 +0200
	2	+++ xchat-gnome-0.26.1/src/common/server.c 2018-09-27 16:07:09.710698536 +0200
	3	@@ -598,9 +598,9 @@
	4	char buf[512];
	5
	6
	7	- X509_NAME_oneline (X509_get_subject_name (ctx->current_cert), subject,
	8	+ X509_NAME_oneline (X509_get_subject_name (X509_STORE_CTX_get_current_cert(ctx)), subject,
	9	sizeof (subject));
	10	- X509_NAME_oneline (X509_get_issuer_name (ctx->current_cert), issuer,
	11	+ X509_NAME_oneline (X509_get_issuer_name (X509_STORE_CTX_get_current_cert(ctx)), issuer,
	12	sizeof (issuer));
	13
	14	snprintf (buf, sizeof (buf), "* Subject: %s", subject);
	15	@@ -751,7 +751,7 @@
	16	return (0); /* remove it (0) */
	17	} else
	18	{
	19	- if (serv->ssl->session && serv->ssl->session->time + SSLTMOUT < time (NULL))
	20	+ if (SSL_get_session(serv->ssl) && SSL_SESSION_get_time( SSL_get_session(serv->ssl) ) + SSLTMOUT < time (NULL))
	21	{
	22	snprintf (buf, sizeof (buf), "SSL handshake timed out");
	23	EMIT_SIGNAL (XP_TE_CONNFAIL, serv->server_session, buf, NULL,
	24	--- xchat-gnome-0.26.1/src/common/ssl.c.orig 2018-09-27 16:08:42.338868615 +0200
	25	+++ xchat-gnome-0.26.1/src/common/ssl.c 2018-09-27 16:23:10.787612779 +0200
	26	@@ -70,7 +70,7 @@
	27
	28	SSLeay_add_ssl_algorithms ();
	29	SSL_load_error_strings ();
	30	- ctx = SSL_CTX_new (server ? SSLv3_server_method() : SSLv3_client_method ());
	31	+ ctx = SSL_CTX_new (server ? TLS_server_method() : TLS_client_method ());
	32
	33	SSL_CTX_set_session_cache_mode (ctx, SSL_SESS_CACHE_BOTH);
	34	SSL_CTX_set_timeout (ctx, 300);
	35	@@ -136,6 +136,8 @@
	36	_SSL_get_cert_info (struct cert_info cert_info, SSL ssl)
	37	{
	38	X509 *peer_cert;
	39	+ X509_PUBKEY *key;
	40	+ X509_ALGOR *algor = NULL;
	41	EVP_PKEY *peer_pkey;
	42	/* EVP_PKEY ca_pkey; /
	43	/* EVP_PKEY tmp_pkey; /
	44	@@ -155,8 +157,13 @@
	45	broke_oneline (cert_info->subject, cert_info->subject_word);
	46	broke_oneline (cert_info->issuer, cert_info->issuer_word);
	47
	48	- alg = OBJ_obj2nid (peer_cert->cert_info->key->algor->algorithm);
	49	- sign_alg = OBJ_obj2nid (peer_cert->sig_alg->algorithm);
	50	+ key = X509_get_X509_PUBKEY(peer_cert);
	51	+ if (!X509_PUBKEY_get0_param(NULL, NULL, 0, &algor, key)) {
	52	+ return 1;
	53	+ }
	54	+ alg = OBJ_obj2nid (algor->algorithm);
	55	+
	56	+ sign_alg = X509_get_signature_nid(peer_cert);
	57	ASN1_TIME_snprintf (notBefore, sizeof (notBefore),
	58	X509_get_notBefore (peer_cert));
	59	ASN1_TIME_snprintf (notAfter, sizeof (notAfter),
	60	@@ -281,7 +288,7 @@
	61	__SSL_critical_error ("SSL_new");
	62
	63	SSL_set_fd (ssl, sd);
	64	- if (ctx->method == SSLv3_client_method())
65	+ if (SSL_CTX_get_ssl_method (ctx) == TLS_client_method())
66	SSL_set_connect_state (ssl);
67	else
68	SSL_set_accept_state(ssl);