cpet/openbsd-ports
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
openbsd-ports/x11/kde/base3/patches/patch-kcontrol_crypto_crypto_cpp
jasper 07f3a1c4cf Allow building against OpenSSL without SSLv2 support. 
from brad
2012-06-28 18:49:54 +00:00

239 lines
8.2 KiB
Plaintext
Raw Blame History

$OpenBSD: patch-kcontrol_crypto_crypto_cpp,v 1.3 2012/06/28 18:52:18 jasper Exp $
Allow building against OpenSSL without SSLv2 support.
--- kcontrol/crypto/crypto.cpp.orig Sun Oct 1 13:31:49 2006
+++ kcontrol/crypto/crypto.cpp Thu Jun 28 01:46:27 2012
@@ -272,33 +272,14 @@ QString whatstr;
" replaced SSL in protocols such as POP3 and SMTP.");
QWhatsThis::add(mUseTLS, whatstr);
- mUseSSLv2 = new QCheckBox(i18n("Enable SSLv&2"), tabSSL);
- connect(mUseSSLv2, SIGNAL(clicked()), SLOT(configChanged()));
- grid->addWidget(mUseSSLv2, 1, 0);
- whatstr = i18n("SSL v2 is the second revision of the SSL protocol."
- " It is most common to enable v2 and v3.");
- QWhatsThis::add(mUseSSLv2, whatstr);
-
mUseSSLv3 = new QCheckBox(i18n("Enable SSLv&3"), tabSSL);
connect(mUseSSLv3, SIGNAL(clicked()), SLOT(configChanged()));
grid->addWidget(mUseSSLv3, 1, 1);
whatstr = i18n("SSL v3 is the third revision of the SSL protocol."
- " It is most common to enable v2 and v3.");
+ " It is most common to enable v3.");
QWhatsThis::add(mUseSSLv3, whatstr);
-#ifdef HAVE_SSL
- SSLv2Box = new QListView(tabSSL, "v2ciphers");
- (void) SSLv2Box->addColumn(i18n("SSLv2 Ciphers to Use"));
- whatstr = i18n("Select the ciphers you wish to enable when using the"
- " SSL v2 protocol. The actual protocol used will be"
- " negotiated with the server at connection time.");
- QWhatsThis::add(SSLv2Box, whatstr);
- SSLv2Box->setSelectionMode(QListView::NoSelection);
-
- grid->addWidget( SSLv2Box, 2, 0 );
- connect( mUseSSLv2, SIGNAL( toggled( bool ) ),
- SSLv2Box, SLOT( setEnabled( bool )));
-#else
+#ifndef HAVE_SSL
QLabel *nossllabel = new QLabel(i18n("SSL ciphers cannot be configured"
" because this module was not linked"
" with OpenSSL."), tabSSL);
@@ -876,9 +857,6 @@ void KCryptoConfig::load( bool useDefaults )
config->setGroup("TLS");
mUseTLS->setChecked(config->readBoolEntry("Enabled", true));
- config->setGroup("SSLv2");
- mUseSSLv2->setChecked(config->readBoolEntry("Enabled", true));
-
config->setGroup("SSLv3");
mUseSSLv3->setChecked(config->readBoolEntry("Enabled", true));
@@ -913,23 +891,14 @@ void KCryptoConfig::load( bool useDefaults )
oPath->setURL(config->readPathEntry("Path"));
#endif
- config->setGroup("SSLv2");
- CipherItem *item = static_cast<CipherItem *>(SSLv2Box->firstChild());
- while ( item ) {
- item->setOn(config->readBoolEntry(item->configName(),
- item->bits() >= 56));
- item = static_cast<CipherItem *>(item->nextSibling());
- }
-
config->setGroup("SSLv3");
- item = static_cast<CipherItem *>(SSLv3Box->firstChild());
+ CipherItem *item = static_cast<CipherItem *>(SSLv3Box->firstChild());
while ( item ) {
item->setOn(config->readBoolEntry(item->configName(),
item->bits() >= 56));
item = static_cast<CipherItem *>(item->nextSibling());
}
- SSLv2Box->setEnabled( mUseSSLv2->isChecked() );
SSLv3Box->setEnabled( mUseSSLv3->isChecked() );
QStringList groups = policies->groupList();
@@ -1030,8 +999,7 @@ void KCryptoConfig::load( bool useDefaults )
void KCryptoConfig::save()
{
#ifdef HAVE_SSL
- if (!mUseSSLv2->isChecked() &&
- !mUseSSLv3->isChecked())
+ if (!mUseSSLv3->isChecked())
KMessageBox::information(this, i18n("If you do not select at least one"
" SSL algorithm, either SSL will not"
" work or the application may be"
@@ -1041,9 +1009,6 @@ void KCryptoConfig::save()
config->setGroup("TLS");
config->writeEntry("Enabled", mUseTLS->isChecked());
- config->setGroup("SSLv2");
- config->writeEntry("Enabled", mUseSSLv2->isChecked());
-
config->setGroup("SSLv3");
config->writeEntry("Enabled", mUseSSLv3->isChecked());
@@ -1072,25 +1037,8 @@ void KCryptoConfig::save()
#endif
int ciphercount = 0;
- config->setGroup("SSLv2");
- CipherItem *item = static_cast<CipherItem *>(SSLv2Box->firstChild());
- while ( item ) {
- if (item->isOn()) {
- config->writeEntry(item->configName(), true);
- ciphercount++;
- } else config->writeEntry(item->configName(), false);
-
- item = static_cast<CipherItem *>(item->nextSibling());
- }
-
- if (mUseSSLv2->isChecked() && ciphercount == 0)
- KMessageBox::information(this, i18n("If you do not select at least one"
- " cipher, SSLv2 will not work."),
- i18n("SSLv2 Ciphers"));
-
- ciphercount = 0;
config->setGroup("SSLv3");
- item = static_cast<CipherItem *>(SSLv3Box->firstChild());
+ CipherItem *item = static_cast<CipherItem *>(SSLv3Box->firstChild());
while ( item ) {
if (item->isOn()) {
config->writeEntry(item->configName(), true);
@@ -1251,18 +1199,12 @@ void KCryptoConfig::slotSelectCipher(int id) {
void KCryptoConfig::cwCompatible() {
#ifdef HAVE_SSL
CipherItem *item;
- for ( item = static_cast<CipherItem *>(SSLv2Box->firstChild()); item;
- item = static_cast<CipherItem *>(item->nextSibling()) ) {
- item->setOn( item->bits() >= 56 && item->bits() <= 128 );
- }
-
for ( item = static_cast<CipherItem *>(SSLv3Box->firstChild()); item;
item = static_cast<CipherItem *>(item->nextSibling()) ) {
item->setOn( item->bits() >= 56 && item->bits() <= 128 );
}
mUseTLS->setChecked(true);
- mUseSSLv2->setChecked(true);
mUseSSLv3->setChecked(true);
configChanged();
#endif
@@ -1272,11 +1214,6 @@ void KCryptoConfig::cwCompatible() {
void KCryptoConfig::cwUS() {
#ifdef HAVE_SSL
CipherItem *item;
- for ( item = static_cast<CipherItem *>(SSLv2Box->firstChild()); item;
- item = static_cast<CipherItem *>(item->nextSibling()) ) {
- item->setOn( item->bits() >= 128 );
- }
-
for ( item = static_cast<CipherItem *>(SSLv3Box->firstChild()); item;
item = static_cast<CipherItem *>(item->nextSibling()) ) {
item->setOn( item->bits() >= 128 );
@@ -1290,11 +1227,6 @@ void KCryptoConfig::cwUS() {
void KCryptoConfig::cwExp() {
#ifdef HAVE_SSL
CipherItem *item;
- for ( item = static_cast<CipherItem *>(SSLv2Box->firstChild()); item;
- item = static_cast<CipherItem *>(item->nextSibling()) ) {
- item->setOn( item->bits() <= 56 && item->bits() > 0);
- }
-
for ( item = static_cast<CipherItem *>(SSLv3Box->firstChild()); item;
item = static_cast<CipherItem *>(item->nextSibling()) ) {
item->setOn( item->bits() <= 56 && item->bits() > 0);
@@ -1308,18 +1240,12 @@ void KCryptoConfig::cwExp() {
void KCryptoConfig::cwAll() {
#ifdef HAVE_SSL
CipherItem *item;
- for ( item = static_cast<CipherItem *>(SSLv2Box->firstChild()); item;
- item = static_cast<CipherItem *>(item->nextSibling()) ) {
- item->setOn( true );
- }
-
for ( item = static_cast<CipherItem *>(SSLv3Box->firstChild()); item;
item = static_cast<CipherItem *>(item->nextSibling()) ) {
item->setOn( true );
}
mUseTLS->setChecked(true);
- mUseSSLv2->setChecked(true);
mUseSSLv3->setChecked(true);
configChanged();
#endif
@@ -2321,12 +2247,11 @@ bool KCryptoConfig::loadCiphers() {
unsigned int i;
SSL_CTX *ctx;
SSL *ssl;
-SSL_METHOD *meth;
+const SSL_METHOD *meth;
- SSLv2Box->clear();
SSLv3Box->clear();
- meth = SSLv2_client_method();
+ meth = SSLv3_client_method();
SSLeay_add_ssl_algorithms();
ctx = SSL_CTX_new(meth);
if (ctx == NULL) return false;
@@ -2337,35 +2262,7 @@ SSL_METHOD *meth;
CipherItem *item;
for (i=0; ; i++) {
int j, k;
- SSL_CIPHER *sc;
- sc = (meth->get_cipher)(i);
- if (!sc)
- break;
- // Leak of sc*?
- QString scn(sc->name);
- if (scn.contains("ADH-") || scn.contains("NULL-") || scn.contains("DES-CBC3-SHA") || scn.contains("FZA-")) {
- continue;
- }
- k = SSL_CIPHER_get_bits(sc, &j);
-
- item = new CipherItem( SSLv2Box, sc->name, k, j, this );
- }
-
- if (ctx) SSL_CTX_free(ctx);
- if (ssl) SSL_free(ssl);
-
- // We repeat for SSLv3
- meth = SSLv3_client_method();
- SSLeay_add_ssl_algorithms();
- ctx = SSL_CTX_new(meth);
- if (ctx == NULL) return false;
-
- ssl = SSL_new(ctx);
- if (!ssl) return false;
-
- for (i=0; ; i++) {
- int j, k;
- SSL_CIPHER *sc;
+ const SSL_CIPHER *sc;
sc = (meth->get_cipher)(i);
if (!sc)
break;
Reference in New Issue View Git Blame Copy Permalink