diff options
Diffstat (limited to 'kio/kssl/kssl.cc')
| -rw-r--r-- | kio/kssl/kssl.cc | 37 |
1 files changed, 20 insertions, 17 deletions
diff --git a/kio/kssl/kssl.cc b/kio/kssl/kssl.cc index 66cc503d5..4dc35248d 100644 --- a/kio/kssl/kssl.cc +++ b/kio/kssl/kssl.cc @@ -51,7 +51,6 @@ #include <klocale.h> #include <ksocks.h> -#define sk_dup d->kossl->sk_dup class KSSLPrivate { public: @@ -180,7 +179,7 @@ bool KSSL::initialize() { d->m_meth = d->kossl->TLSv1_client_method(); else if (!m_cfg->tlsv1() && m_cfg->sslv3() && !m_cfg->sslv2()) d->m_meth = d->kossl->SSLv3_client_method(); - else d->m_meth = d->kossl->SSLv23_client_method(); + else d->m_meth = d->kossl->TLS_client_method(); /* if (m_cfg->sslv2() && m_cfg->sslv3()) kdDebug(7029) << "Double method" << endl; @@ -207,7 +206,7 @@ return false; } -bool KSSL::setSession(const KSSLSession *session) { +bool KSSL::takeSession(KSSLSession *session) { #ifdef KSSL_HAVE_SSL if (!session) { delete d->session; @@ -215,11 +214,10 @@ bool KSSL::setSession(const KSSLSession *session) { return true; } - // Obtain a reference by incrementing the reference count. Yuck. - static_cast<SSL_SESSION*>(session->_session)->references++; - + // Take session reference d->session = new KSSLSession; d->session->_session = session->_session; + session->_session = 0L; return true; #else @@ -284,12 +282,16 @@ int rc; return -1; if (d->session) { +#if OPENSSL_VERSION_NUMBER < 0x10100000L if (static_cast<SSL_SESSION*>(d->session->_session)->sess_cert == 0) { kdDebug(7029) << "Can't reuse session, no certificate." << endl; delete d->session; d->session = 0; - } else if (1 == d->kossl->SSL_set_session(d->m_ssl, + } + else +#endif + if (1 == d->kossl->SSL_set_session(d->m_ssl, static_cast<SSL_SESSION*>(d->session->_session))) { kdDebug(7029) << "Session ID is being reused." << endl; } else { @@ -316,7 +318,7 @@ int rc; if (!m_cfg->sslv2()) off |= SSL_OP_NO_SSLv2; - d->kossl->SSL_set_options(d->m_ssl, off); + d->kossl->_SSL_set_options(d->m_ssl, off); rc = d->kossl->SSL_set_fd(d->m_ssl, sock); if (rc == 0) { @@ -341,7 +343,7 @@ int rc; return -1; } - if (!d->kossl->SSL_session_reused(d->m_ssl)) { + if (!d->kossl->_SSL_session_reused(d->m_ssl)) { if (d->session) { kdDebug(7029) << "Session reuse failed. New session used instead." << endl; delete d->session; @@ -375,12 +377,16 @@ int rc; return -1; if (d->session) { +#if OPENSSL_VERSION_NUMBER < 0x10100000L if (static_cast<SSL_SESSION*>(d->session->_session)->sess_cert == 0) { kdDebug(7029) << "Can't reuse session, no certificate." << endl; delete d->session; d->session = 0; - } else if (1 == d->kossl->SSL_set_session(d->m_ssl, + } + else +#endif + if (1 == d->kossl->SSL_set_session(d->m_ssl, static_cast<SSL_SESSION*>(d->session->_session))) { kdDebug(7029) << "Session ID is being reused." << endl; } else { @@ -407,7 +413,7 @@ int rc; if (!m_cfg->sslv2()) off |= SSL_OP_NO_SSLv2; - d->kossl->SSL_set_options(d->m_ssl, off); + d->kossl->_SSL_set_options(d->m_ssl, off); rc = d->kossl->SSL_set_fd(d->m_ssl, sock); if (rc == 0) { @@ -441,7 +447,7 @@ connect_again: } } - if (!d->kossl->SSL_session_reused(d->m_ssl)) { + if (!d->kossl->_SSL_session_reused(d->m_ssl)) { if (d->session) { kdDebug(7029) << "Session reuse failed. New session used instead." << endl; delete d->session; @@ -613,7 +619,7 @@ void KSSL::setPeerInfo() { m_pi.m_cert.setCert(d->kossl->SSL_get_peer_certificate(d->m_ssl)); STACK_OF(X509) *xs = d->kossl->SSL_get_peer_cert_chain(d->m_ssl); if (xs) - xs = sk_X509_dup(xs); // Leak? + xs = reinterpret_cast<STACK_OF(X509)*>(d->kossl->OPENSSL_sk_dup(xs)); // Leak? m_pi.m_cert.setChain((void *)xs); #endif } @@ -671,18 +677,15 @@ EVP_PKEY *k = pkcs->getPrivateKey(); #endif } -#undef sk_dup - const KSSLSession* KSSL::session() const { return d->session; } bool KSSL::reusingSession() const { #ifdef KSSL_HAVE_SSL - return (d->m_ssl && d->kossl->SSL_session_reused(d->m_ssl)); + return (d->m_ssl && d->kossl->_SSL_session_reused(d->m_ssl)); #else return false; #endif } - |