o Security fix: "Konqueror (kssl to be precisely) fails to detect
certificates as invalid that have been signed by an issuer who is not allowed to do so. A patch for this problem has been commited to both the CVS HEAD branch and the KDE_3_0_BRANCH" from message by [1] o Bump PORTREVISION Submitted by: Andy Fawcett <andy@athame.co.uk>, Waldo Bastian <bastian@kde.org> [1] Reviewed by: kde Approved by: kde Obtained from: KDE CVS HEAD
This commit is contained in:
parent
5305a255f0
commit
7a3194891b
Notes:
svn2git
2021-03-31 03:12:20 +00:00
svn path=/head/; revision=64458
@ -7,6 +7,7 @@
|
||||
|
||||
PORTNAME= kdelibs
|
||||
PORTVERSION= ${KDE_VERSION}
|
||||
PORTREVISION= 1
|
||||
CATEGORIES?= x11 kde
|
||||
MASTER_SITES= ${MASTER_SITE_KDE}
|
||||
MASTER_SITE_SUBDIR= stable/${PORTVERSION}/src
|
||||
|
35
x11/kdelibs3/files/patch-kopenssl.cc
Normal file
35
x11/kdelibs3/files/patch-kopenssl.cc
Normal file
@ -0,0 +1,35 @@
|
||||
Index: kio/kssl/kopenssl.cc
|
||||
===================================================================
|
||||
RCS file: /home/kde/kdelibs/kio/kssl/kopenssl.cc,v
|
||||
retrieving revision 1.58.2.1
|
||||
retrieving revision 1.58.2.2
|
||||
diff -u -3 -p -r1.58.2.1 -r1.58.2.2
|
||||
--- kio/kssl/kopenssl.cc 2002/04/10 22:00:44 1.58.2.1
|
||||
+++ kio/kssl/kopenssl.cc 2002/08/12 16:45:14 1.58.2.2
|
||||
@@ -105,6 +105,7 @@ static int (*K_SSL_CTX_use_certificate)
|
||||
static int (*K_SSL_get_error) (SSL*, int) = NULL;
|
||||
static STACK_OF(X509)* (*K_SSL_get_peer_cert_chain) (SSL*) = NULL;
|
||||
static void (*K_X509_STORE_CTX_set_chain) (X509_STORE_CTX *, STACK_OF(X509)*) = NULL;
|
||||
+static void (*K_X509_STORE_CTX_set_purpose) (X509_STORE_CTX *, int) = NULL;
|
||||
static void (*K_sk_free) (STACK*) = NULL;
|
||||
static int (*K_sk_num) (STACK*) = NULL;
|
||||
static char* (*K_sk_pop) (STACK*) = NULL;
|
||||
@@ -348,6 +349,7 @@ KConfig *cfg;
|
||||
K_X509_REQ_free = (void (*)(X509_REQ*)) _cryptoLib->symbol("X509_REQ_free");
|
||||
K_X509_REQ_new = (X509_REQ* (*)()) _cryptoLib->symbol("X509_REQ_new");
|
||||
K_X509_STORE_CTX_set_chain = (void (*)(X509_STORE_CTX *, STACK_OF(X509)*)) _cryptoLib->symbol("X509_STORE_CTX_set_chain");
|
||||
+ K_X509_STORE_CTX_set_purpose = (void (*)(X509_STORE_CTX *, int)) _cryptoLib->symbol("X509_STORE_CTX_set_purpose");
|
||||
K_sk_free = (void (*) (STACK *)) _cryptoLib->symbol("sk_free");
|
||||
K_sk_num = (int (*) (STACK *)) _cryptoLib->symbol("sk_num");
|
||||
K_sk_pop = (char* (*) (STACK *)) _cryptoLib->symbol("sk_pop");
|
||||
@@ -930,6 +932,10 @@ char *KOpenSSLProxy::sk_value(STACK *s,
|
||||
|
||||
void KOpenSSLProxy::X509_STORE_CTX_set_chain(X509_STORE_CTX *v, STACK_OF(X509)* x) {
|
||||
if (K_X509_STORE_CTX_set_chain) (K_X509_STORE_CTX_set_chain)(v,x);
|
||||
+}
|
||||
+
|
||||
+void KOpenSSLProxy::X509_STORE_CTX_set_purpose(X509_STORE_CTX *v, int purpose) {
|
||||
+ if (K_X509_STORE_CTX_set_purpose) (K_X509_STORE_CTX_set_purpose)(v,purpose);
|
||||
}
|
||||
|
||||
|
19
x11/kdelibs3/files/patch-kopenssl.h
Normal file
19
x11/kdelibs3/files/patch-kopenssl.h
Normal file
@ -0,0 +1,19 @@
|
||||
Index: kio/kssl/kopenssl.h
|
||||
===================================================================
|
||||
RCS file: /home/kde/kdelibs/kio/kssl/kopenssl.h,v
|
||||
retrieving revision 1.37.2.1
|
||||
retrieving revision 1.37.2.2
|
||||
diff -u -3 -p -r1.37.2.1 -r1.37.2.2
|
||||
--- kio/kssl/kopenssl.h 2002/04/10 22:00:44 1.37.2.1
|
||||
+++ kio/kssl/kopenssl.h 2002/08/12 16:45:14 1.37.2.2
|
||||
@@ -309,6 +309,10 @@ public:
|
||||
*/
|
||||
void X509_STORE_CTX_set_chain(X509_STORE_CTX *v, STACK_OF(X509)* x);
|
||||
|
||||
+ /*
|
||||
+ * X509_STORE_CTX_set_purpose - set the purpose of the certificate
|
||||
+ */
|
||||
+ void X509_STORE_CTX_set_purpose(X509_STORE_CTX *v, int purpose);
|
||||
|
||||
/*
|
||||
* X509_verify_cert - verify the certificate
|
10
x11/kdelibs3/files/patch-ksslcertificate.cc
Normal file
10
x11/kdelibs3/files/patch-ksslcertificate.cc
Normal file
@ -0,0 +1,10 @@
|
||||
--- kio/kssl/ksslcertificate.cc.orig Sat Dec 1 01:30:03 2001
|
||||
+++ kio/kssl/ksslcertificate.cc Mon Aug 12 22:28:40 2002
|
||||
@@ -544,6 +544,7 @@
|
||||
//
|
||||
|
||||
// int X509_STORE_CTX_set_purpose(X509_STORE_CTX *ctx, int purpose);
|
||||
+ d->kossl->X509_STORE_CTX_set_purpose(certStoreCTX, X509_PURPOSE_SSL_SERVER);
|
||||
|
||||
//kdDebug(7029) << "KSSL verifying.............." << endl;
|
||||
certStoreCTX->error = X509_V_OK;
|
@ -7,6 +7,7 @@
|
||||
|
||||
PORTNAME= kdelibs
|
||||
PORTVERSION= ${KDE_VERSION}
|
||||
PORTREVISION= 1
|
||||
CATEGORIES?= x11 kde
|
||||
MASTER_SITES= ${MASTER_SITE_KDE}
|
||||
MASTER_SITE_SUBDIR= stable/${PORTVERSION}/src
|
||||
|
35
x11/kdelibs4/files/patch-kopenssl.cc
Normal file
35
x11/kdelibs4/files/patch-kopenssl.cc
Normal file
@ -0,0 +1,35 @@
|
||||
Index: kio/kssl/kopenssl.cc
|
||||
===================================================================
|
||||
RCS file: /home/kde/kdelibs/kio/kssl/kopenssl.cc,v
|
||||
retrieving revision 1.58.2.1
|
||||
retrieving revision 1.58.2.2
|
||||
diff -u -3 -p -r1.58.2.1 -r1.58.2.2
|
||||
--- kio/kssl/kopenssl.cc 2002/04/10 22:00:44 1.58.2.1
|
||||
+++ kio/kssl/kopenssl.cc 2002/08/12 16:45:14 1.58.2.2
|
||||
@@ -105,6 +105,7 @@ static int (*K_SSL_CTX_use_certificate)
|
||||
static int (*K_SSL_get_error) (SSL*, int) = NULL;
|
||||
static STACK_OF(X509)* (*K_SSL_get_peer_cert_chain) (SSL*) = NULL;
|
||||
static void (*K_X509_STORE_CTX_set_chain) (X509_STORE_CTX *, STACK_OF(X509)*) = NULL;
|
||||
+static void (*K_X509_STORE_CTX_set_purpose) (X509_STORE_CTX *, int) = NULL;
|
||||
static void (*K_sk_free) (STACK*) = NULL;
|
||||
static int (*K_sk_num) (STACK*) = NULL;
|
||||
static char* (*K_sk_pop) (STACK*) = NULL;
|
||||
@@ -348,6 +349,7 @@ KConfig *cfg;
|
||||
K_X509_REQ_free = (void (*)(X509_REQ*)) _cryptoLib->symbol("X509_REQ_free");
|
||||
K_X509_REQ_new = (X509_REQ* (*)()) _cryptoLib->symbol("X509_REQ_new");
|
||||
K_X509_STORE_CTX_set_chain = (void (*)(X509_STORE_CTX *, STACK_OF(X509)*)) _cryptoLib->symbol("X509_STORE_CTX_set_chain");
|
||||
+ K_X509_STORE_CTX_set_purpose = (void (*)(X509_STORE_CTX *, int)) _cryptoLib->symbol("X509_STORE_CTX_set_purpose");
|
||||
K_sk_free = (void (*) (STACK *)) _cryptoLib->symbol("sk_free");
|
||||
K_sk_num = (int (*) (STACK *)) _cryptoLib->symbol("sk_num");
|
||||
K_sk_pop = (char* (*) (STACK *)) _cryptoLib->symbol("sk_pop");
|
||||
@@ -930,6 +932,10 @@ char *KOpenSSLProxy::sk_value(STACK *s,
|
||||
|
||||
void KOpenSSLProxy::X509_STORE_CTX_set_chain(X509_STORE_CTX *v, STACK_OF(X509)* x) {
|
||||
if (K_X509_STORE_CTX_set_chain) (K_X509_STORE_CTX_set_chain)(v,x);
|
||||
+}
|
||||
+
|
||||
+void KOpenSSLProxy::X509_STORE_CTX_set_purpose(X509_STORE_CTX *v, int purpose) {
|
||||
+ if (K_X509_STORE_CTX_set_purpose) (K_X509_STORE_CTX_set_purpose)(v,purpose);
|
||||
}
|
||||
|
||||
|
19
x11/kdelibs4/files/patch-kopenssl.h
Normal file
19
x11/kdelibs4/files/patch-kopenssl.h
Normal file
@ -0,0 +1,19 @@
|
||||
Index: kio/kssl/kopenssl.h
|
||||
===================================================================
|
||||
RCS file: /home/kde/kdelibs/kio/kssl/kopenssl.h,v
|
||||
retrieving revision 1.37.2.1
|
||||
retrieving revision 1.37.2.2
|
||||
diff -u -3 -p -r1.37.2.1 -r1.37.2.2
|
||||
--- kio/kssl/kopenssl.h 2002/04/10 22:00:44 1.37.2.1
|
||||
+++ kio/kssl/kopenssl.h 2002/08/12 16:45:14 1.37.2.2
|
||||
@@ -309,6 +309,10 @@ public:
|
||||
*/
|
||||
void X509_STORE_CTX_set_chain(X509_STORE_CTX *v, STACK_OF(X509)* x);
|
||||
|
||||
+ /*
|
||||
+ * X509_STORE_CTX_set_purpose - set the purpose of the certificate
|
||||
+ */
|
||||
+ void X509_STORE_CTX_set_purpose(X509_STORE_CTX *v, int purpose);
|
||||
|
||||
/*
|
||||
* X509_verify_cert - verify the certificate
|
10
x11/kdelibs4/files/patch-ksslcertificate.cc
Normal file
10
x11/kdelibs4/files/patch-ksslcertificate.cc
Normal file
@ -0,0 +1,10 @@
|
||||
--- kio/kssl/ksslcertificate.cc.orig Sat Dec 1 01:30:03 2001
|
||||
+++ kio/kssl/ksslcertificate.cc Mon Aug 12 22:28:40 2002
|
||||
@@ -544,6 +544,7 @@
|
||||
//
|
||||
|
||||
// int X509_STORE_CTX_set_purpose(X509_STORE_CTX *ctx, int purpose);
|
||||
+ d->kossl->X509_STORE_CTX_set_purpose(certStoreCTX, X509_PURPOSE_SSL_SERVER);
|
||||
|
||||
//kdDebug(7029) << "KSSL verifying.............." << endl;
|
||||
certStoreCTX->error = X509_V_OK;
|
Loading…
Reference in New Issue
Block a user