diff options
| author | George Hazan <ghazan@miranda.im> | 2020-10-08 22:56:11 +0300 |
|---|---|---|
| committer | George Hazan <ghazan@miranda.im> | 2020-10-08 22:56:11 +0300 |
| commit | 3ec716dc906a43d155ab6222856c5a606f491bc8 (patch) | |
| tree | a8b304c095d1a6379d1ca704f23a8cdef5af52e8 /plugins/OpenSSL | |
| parent | fed9983880d41c33892e645d40fe48de69b1e9d4 (diff) | |
OpenSSL upgraded to 1.1.1
Diffstat (limited to 'plugins/OpenSSL')
| -rw-r--r-- | plugins/OpenSSL/OpenSSL.vcxproj | 2 | ||||
| -rw-r--r-- | plugins/OpenSSL/src/ssl_openssl.cpp | 10 |
2 files changed, 5 insertions, 7 deletions
diff --git a/plugins/OpenSSL/OpenSSL.vcxproj b/plugins/OpenSSL/OpenSSL.vcxproj index 7df123331d..e7d62d396e 100644 --- a/plugins/OpenSSL/OpenSSL.vcxproj +++ b/plugins/OpenSSL/OpenSSL.vcxproj @@ -39,7 +39,7 @@ </ItemGroup>
<ItemDefinitionGroup>
<Link>
- <AdditionalDependencies>libeay32.lib;ssleay32.lib;crypt32.lib;%(AdditionalDependencies)</AdditionalDependencies>
+ <AdditionalDependencies>libcrypto.lib;libssl.lib;crypt32.lib;%(AdditionalDependencies)</AdditionalDependencies>
</Link>
</ItemDefinitionGroup>
</Project>
\ No newline at end of file diff --git a/plugins/OpenSSL/src/ssl_openssl.cpp b/plugins/OpenSSL/src/ssl_openssl.cpp index 144cd2da1e..f6dc6da4dd 100644 --- a/plugins/OpenSSL/src/ssl_openssl.cpp +++ b/plugins/OpenSSL/src/ssl_openssl.cpp @@ -74,7 +74,6 @@ static bool SSL_library_load(void) if (!bSslInitDone) { // init OpenSSL SSL_library_init(); SSL_load_error_strings(); - CRYPTO_set_mem_functions(mir_calloc, mir_realloc, mir_free); // FIXME check errors bSslInitDone = true; @@ -147,8 +146,7 @@ static bool ClientConnect(SslHandle *ssl, const char*) Netlib_Logf(nullptr, "SSL setup failure: context"); return false; } - // disable dangerous cipher suites - SSL_CTX_ctrl(ssl->ctx, SSL_CTRL_OPTIONS, SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3, nullptr); + // SSL_read/write should transparently handle renegotiations SSL_CTX_ctrl(ssl->ctx, SSL_CTRL_MODE, SSL_MODE_AUTO_RETRY, nullptr); @@ -183,7 +181,7 @@ static PCCERT_CONTEXT SSL_X509ToCryptCert(X509 * x509) if ((len >= 0) && buf) { pCertContext = CertCreateCertificateContext(X509_ASN_ENCODING | PKCS_7_ASN_ENCODING, buf, len); - CRYPTO_free(buf); + CRYPTO_free(buf, __FILE__, __LINE__); } return pCertContext; } @@ -207,8 +205,8 @@ static PCCERT_CONTEXT SSL_CertChainToCryptAnchor(SSL* session) // add all remaining certs to store (note: stack needs not be freed, it is not a copy) STACK_OF(X509) *server_chain = SSL_get_peer_cert_chain(session); if (server_chain) { - for (int i = 0; i < server_chain->stack.num; i++) { - X509 *next_cert = (X509 *)server_chain->stack.data[i]; + for (int i = 0; i < OPENSSL_sk_num((OPENSSL_STACK *)server_chain); i++) { + X509 *next_cert = (X509 *)OPENSSL_sk_value((OPENSSL_STACK *)server_chain, i); CertAddCertificateContextToStore(store, SSL_X509ToCryptCert(next_cert), CERT_STORE_ADD_USE_EXISTING, nullptr); } } |