xchat-gnome-openssl-1.1.patch

   1 --- xchat-gnome-0.26.1/src/common/server.c.orig 2018-09-27 15:56:46.608064545 +0200
   2 +++ xchat-gnome-0.26.1/src/common/server.c      2018-09-27 16:07:09.710698536 +0200
   3 @@ -598,9 +598,9 @@
   4         char buf[512];
   5
   6
   7 -       X509_NAME_oneline (X509_get_subject_name (ctx->current_cert), subject,
   8 +       X509_NAME_oneline (X509_get_subject_name (X509_STORE_CTX_get_current_cert(ctx)), subject,
   9                                                          sizeof (subject));
  10 -       X509_NAME_oneline (X509_get_issuer_name (ctx->current_cert), issuer,
  11 +       X509_NAME_oneline (X509_get_issuer_name (X509_STORE_CTX_get_current_cert(ctx)), issuer,
  12                                                          sizeof (issuer));
  13
  14         snprintf (buf, sizeof (buf), "* Subject: %s", subject);
  15 @@ -751,7 +751,7 @@
  16                 return (0);                                       /* remove it (0) */
  17         } else
  18         {
  19 -               if (serv->ssl->session && serv->ssl->session->time + SSLTMOUT < time (NULL))
  20 +               if (SSL_get_session(serv->ssl) && SSL_SESSION_get_time( SSL_get_session(serv->ssl) ) + SSLTMOUT < time (NULL))
  21                 {
  22                         snprintf (buf, sizeof (buf), "SSL handshake timed out");
  23                         EMIT_SIGNAL (XP_TE_CONNFAIL, serv->server_session, buf, NULL,
  24 --- xchat-gnome-0.26.1/src/common/ssl.c.orig    2018-09-27 16:08:42.338868615 +0200
  25 +++ xchat-gnome-0.26.1/src/common/ssl.c 2018-09-27 16:23:10.787612779 +0200
  26 @@ -70,7 +70,7 @@
  27
  28         SSLeay_add_ssl_algorithms ();
  29         SSL_load_error_strings ();
  30 -       ctx = SSL_CTX_new (server ? SSLv3_server_method() : SSLv3_client_method ());
  31 +       ctx = SSL_CTX_new (server ? TLS_server_method() : TLS_client_method ());
  32
  33         SSL_CTX_set_session_cache_mode (ctx, SSL_SESS_CACHE_BOTH);
  34         SSL_CTX_set_timeout (ctx, 300);
  35 @@ -136,6 +136,8 @@
  36  _SSL_get_cert_info (struct cert_info *cert_info, SSL * ssl)
  37  {
  38         X509 *peer_cert;
  39 +       X509_PUBKEY *key;
  40 +       X509_ALGOR *algor = NULL;
  41         EVP_PKEY *peer_pkey;
  42         /* EVP_PKEY *ca_pkey; */
  43         /* EVP_PKEY *tmp_pkey; */
  44 @@ -155,8 +157,13 @@
  45         broke_oneline (cert_info->subject, cert_info->subject_word);
  46         broke_oneline (cert_info->issuer, cert_info->issuer_word);
  47
  48 -       alg = OBJ_obj2nid (peer_cert->cert_info->key->algor->algorithm);
  49 -       sign_alg = OBJ_obj2nid (peer_cert->sig_alg->algorithm);
  50 +       key = X509_get_X509_PUBKEY(peer_cert);
  51 +       if (!X509_PUBKEY_get0_param(NULL, NULL, 0, &algor, key)) {
  52 +               return 1;
  53 +       }
  54 +       alg = OBJ_obj2nid (algor->algorithm);
  55 +
  56 +       sign_alg = X509_get_signature_nid(peer_cert);
  57         ASN1_TIME_snprintf (notBefore, sizeof (notBefore),
  58                                                           X509_get_notBefore (peer_cert));
  59         ASN1_TIME_snprintf (notAfter, sizeof (notAfter),
  60 @@ -281,7 +288,7 @@
  61                 __SSL_critical_error ("SSL_new");
  62
  63         SSL_set_fd (ssl, sd);
  64 -       if (ctx->method == SSLv3_client_method())
  65 +       if (SSL_CTX_get_ssl_method (ctx) == TLS_client_method())
  66                 SSL_set_connect_state (ssl);
  67         else
  68                 SSL_set_accept_state(ssl);