summaryrefslogtreecommitdiffstats
path: root/tdeio/kssl/kssl.cc
diff options
context:
space:
mode:
Diffstat (limited to 'tdeio/kssl/kssl.cc')
-rw-r--r--tdeio/kssl/kssl.cc37
1 files changed, 20 insertions, 17 deletions
diff --git a/tdeio/kssl/kssl.cc b/tdeio/kssl/kssl.cc
index 874da6aa6..c579471b0 100644
--- a/tdeio/kssl/kssl.cc
+++ b/tdeio/kssl/kssl.cc
@@ -51,7 +51,6 @@
#include <tdelocale.h>
#include <ksocks.h>
-#define sk_dup d->kossl->sk_dup
class KSSLPrivate {
public:
@@ -180,7 +179,7 @@ bool KSSL::initialize() {
d->m_meth = d->kossl->TLSv1_client_method();
else if (!m_cfg->tlsv1() && m_cfg->sslv3() && !m_cfg->sslv2())
d->m_meth = d->kossl->SSLv3_client_method();
- else d->m_meth = d->kossl->SSLv23_client_method();
+ else d->m_meth = d->kossl->TLS_client_method();
/*
if (m_cfg->sslv2() && m_cfg->sslv3()) kdDebug(7029) << "Double method" << endl;
@@ -207,7 +206,7 @@ return false;
}
-bool KSSL::setSession(const KSSLSession *session) {
+bool KSSL::takeSession(KSSLSession *session) {
#ifdef KSSL_HAVE_SSL
if (!session) {
delete d->session;
@@ -215,11 +214,10 @@ bool KSSL::setSession(const KSSLSession *session) {
return true;
}
- // Obtain a reference by incrementing the reference count. Yuck.
- static_cast<SSL_SESSION*>(session->_session)->references++;
-
+ // Take session reference
d->session = new KSSLSession;
d->session->_session = session->_session;
+ session->_session = 0L;
return true;
#else
@@ -284,12 +282,16 @@ int rc;
return -1;
if (d->session) {
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
if (static_cast<SSL_SESSION*>(d->session->_session)->sess_cert == 0)
{
kdDebug(7029) << "Can't reuse session, no certificate." << endl;
delete d->session;
d->session = 0;
- } else if (1 == d->kossl->SSL_set_session(d->m_ssl,
+ }
+ else
+#endif
+ if (1 == d->kossl->SSL_set_session(d->m_ssl,
static_cast<SSL_SESSION*>(d->session->_session))) {
kdDebug(7029) << "Session ID is being reused." << endl;
} else {
@@ -316,7 +318,7 @@ int rc;
if (!m_cfg->sslv2())
off |= SSL_OP_NO_SSLv2;
- d->kossl->SSL_set_options(d->m_ssl, off);
+ d->kossl->_SSL_set_options(d->m_ssl, off);
rc = d->kossl->SSL_set_fd(d->m_ssl, sock);
if (rc == 0) {
@@ -341,7 +343,7 @@ int rc;
return -1;
}
- if (!d->kossl->SSL_session_reused(d->m_ssl)) {
+ if (!d->kossl->_SSL_session_reused(d->m_ssl)) {
if (d->session) {
kdDebug(7029) << "Session reuse failed. New session used instead." << endl;
delete d->session;
@@ -375,12 +377,16 @@ int rc;
return -1;
if (d->session) {
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
if (static_cast<SSL_SESSION*>(d->session->_session)->sess_cert == 0)
{
kdDebug(7029) << "Can't reuse session, no certificate." << endl;
delete d->session;
d->session = 0;
- } else if (1 == d->kossl->SSL_set_session(d->m_ssl,
+ }
+ else
+#endif
+ if (1 == d->kossl->SSL_set_session(d->m_ssl,
static_cast<SSL_SESSION*>(d->session->_session))) {
kdDebug(7029) << "Session ID is being reused." << endl;
} else {
@@ -407,7 +413,7 @@ int rc;
if (!m_cfg->sslv2())
off |= SSL_OP_NO_SSLv2;
- d->kossl->SSL_set_options(d->m_ssl, off);
+ d->kossl->_SSL_set_options(d->m_ssl, off);
rc = d->kossl->SSL_set_fd(d->m_ssl, sock);
if (rc == 0) {
@@ -441,7 +447,7 @@ connect_again:
}
}
- if (!d->kossl->SSL_session_reused(d->m_ssl)) {
+ if (!d->kossl->_SSL_session_reused(d->m_ssl)) {
if (d->session) {
kdDebug(7029) << "Session reuse failed. New session used instead." << endl;
delete d->session;
@@ -613,7 +619,7 @@ void KSSL::setPeerInfo() {
m_pi.m_cert.setCert(d->kossl->SSL_get_peer_certificate(d->m_ssl));
STACK_OF(X509) *xs = d->kossl->SSL_get_peer_cert_chain(d->m_ssl);
if (xs)
- xs = sk_X509_dup(xs); // Leak?
+ xs = reinterpret_cast<STACK_OF(X509)*>(d->kossl->OPENSSL_sk_dup(xs)); // Leak?
m_pi.m_cert.setChain((void *)xs);
#endif
}
@@ -671,18 +677,15 @@ EVP_PKEY *k = pkcs->getPrivateKey();
#endif
}
-#undef sk_dup
-
const KSSLSession* KSSL::session() const {
return d->session;
}
bool KSSL::reusingSession() const {
#ifdef KSSL_HAVE_SSL
- return (d->m_ssl && d->kossl->SSL_session_reused(d->m_ssl));
+ return (d->m_ssl && d->kossl->_SSL_session_reused(d->m_ssl));
#else
return false;
#endif
}
-