From 8380d00c6f8b203d303205efcc4d62748e87b184 Mon Sep 17 00:00:00 2001
From: George Hazan <ghazan@miranda.im>
Date: Sun, 20 Jun 2021 18:04:43 +0300
Subject: =?UTF-8?q?fixes=20#2923=20(CurrencyRates:=20=D0=BD=D0=B5=20=D0=BE?=
 =?UTF-8?q?=D0=B1=D0=BD=D0=BE=D0=B2=D0=BB=D1=8F=D1=8E=D1=82=D1=81=D1=8F=20?=
 =?UTF-8?q?=D0=BA=D1=83=D1=80=D1=81=D1=8B=20=D0=B2=D0=B0=D0=BB=D1=8E=D1=82?=
 =?UTF-8?q?)?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 src/mir_app/src/netlib_ssl.cpp | 54 ++++++++++++++++++------------------------
 src/mir_app/src/stdafx.h       |  2 ++
 2 files changed, 25 insertions(+), 31 deletions(-)

(limited to 'src')

diff --git a/src/mir_app/src/netlib_ssl.cpp b/src/mir_app/src/netlib_ssl.cpp
index 1d752454df..9946658bde 100644
--- a/src/mir_app/src/netlib_ssl.cpp
+++ b/src/mir_app/src/netlib_ssl.cpp
@@ -101,28 +101,6 @@ static void ReportSslError(SECURITY_STATUS scRet, int line, bool = false)
 	PUShowMessageW(tszMsg.GetBuffer(), SM_WARNING);
 }
 
-static bool ClientConnect(SslHandle *ssl, const char*)
-{
-	{
-		mir_cslock lck(csSsl);
-		ssl->session = SSL_new(g_ctx);
-	}
-
-	if (!ssl->session) {
-		Netlib_Logf(nullptr, "SSL setup failure: session");
-		return false;
-	}
-	SSL_set_fd(ssl->session, ssl->s);
-
-	int err = SSL_connect(ssl->session);
-	if (err != 1) {
-		dump_error(ssl->session, err);
-		return false;
-	}
-
-	return true;
-}
-
 static PCCERT_CONTEXT SSL_X509ToCryptCert(X509 * x509)
 {
 	unsigned char *buf = nullptr;
@@ -251,22 +229,36 @@ cleanup:
 
 MIR_APP_DLL(HSSL) Netlib_SslConnect(SOCKET s, const char* host, int verify)
 {
-	SslHandle *ssl = new SslHandle();
+	std::unique_ptr<SslHandle> ssl(new SslHandle());
 	ssl->s = s;
-	bool res = ClientConnect(ssl, host);
+	{
+		mir_cslock lck(csSsl);
+		ssl->session = SSL_new(g_ctx);
+	}
+
+	if (!ssl->session) {
+		Netlib_Logf(nullptr, "SSL setup failure: session");
+		return false;
+	}
+	SSL_set_fd(ssl->session, ssl->s);
 
-	if (res && verify) {
+	SSL_set_tlsext_host_name(ssl->session, host);
+
+	int err = SSL_connect(ssl->session);
+	if (err != 1) {
+		dump_error(ssl->session, err);
+		return nullptr;
+	}
+
+	if (verify) {
 		DWORD dwFlags = 0;
 		if (!host || inet_addr(host) != INADDR_NONE)
 			dwFlags |= 0x00001000;
-		res = VerifyCertificate(ssl, host, dwFlags);
+		if (!VerifyCertificate(ssl.get(), host, dwFlags))
+			return nullptr;
 	}
 
-	if (res)
-		return ssl;
-
-	delete ssl;
-	return nullptr;
+	return ssl.release();
 }
 
 /////////////////////////////////////////////////////////////////////////////////////////
diff --git a/src/mir_app/src/stdafx.h b/src/mir_app/src/stdafx.h
index db5ce33430..221dc96031 100644
--- a/src/mir_app/src/stdafx.h
+++ b/src/mir_app/src/stdafx.h
@@ -60,6 +60,8 @@ typedef struct SslHandle *HSSL;
 #include <locale.h>
 #include <direct.h>
 
+#include <memory>
+
 #define __NO_CMPLUGIN_NEEDED
 #include <newpluginapi.h>
 #include <m_avatars.h>
-- 
cgit v1.2.3