freefilesync/debian/patches/ffs_libssl.patch


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53

Author: bgstack15
Message: Revert freefilesync 10.22 zen/open_ssl.cpp which depends on openssl 1.1.1e which is not available in this distro yet.
Date: 2020-03-18
diff --git a/zen/open_ssl.cpp b/zen/open_ssl.cpp
index 0f1da3fc..b823f8ca 100644
--- a/zen/open_ssl.cpp
+++ b/zen/open_ssl.cpp
@@ -18,7 +18,7 @@ using namespace zen;
     #error FFS, we are royally screwed!
 #endif
 
-static_assert(OPENSSL_VERSION_NUMBER >= 0x1010105fL, "OpenSSL version too old");
+static_assert(OPENSSL_VERSION_NUMBER >= 0x10100000L, "OpenSSL version too old");
 
 
 void zen::openSslInit()
@@ -68,7 +68,7 @@ std::wstring formatOpenSSLError(const std::wstring& functionName, unsigned long
 
 std::wstring formatLastOpenSSLError(const std::wstring& functionName)
 {
-    const auto ec = ::ERR_peek_last_error();
+    const unsigned long ec = ::ERR_peek_last_error();
     ::ERR_clear_error(); //clean up for next OpenSSL operation on this thread
     return formatOpenSSLError(functionName, ec);
 }
@@ -566,16 +566,9 @@ public:
         if (rv != 1)
         {
             const int sslError = ::SSL_get_error(ssl_, rv);
-            if (sslError == SSL_ERROR_ZERO_RETURN)
-                return 0; //EOF + close_notify alert
-
-            warn_static("find a better solution for SSL_read_ex + EOF")
-            //"sslError == SSL_ERROR_SYSCALL && ::ERR_peek_last_error() == 0" => obsolete as of OpenSSL 1.1.1e
-            //https://github.com/openssl/openssl/issues/10880#issuecomment-575746226
-            const auto ec = ::ERR_peek_last_error();
-            if (sslError == SSL_ERROR_SSL && ERR_GET_REASON(ec) == SSL_R_UNEXPECTED_EOF_WHILE_READING) //EOF: only expected for HTTP/1.0
+            if (sslError == SSL_ERROR_ZERO_RETURN || //EOF + close_notify alert
+                (sslError == SSL_ERROR_SYSCALL && ::ERR_peek_last_error() == 0)) //EOF: only expected for HTTP/1.0
                 return 0;
-
             throw SysError(formatLastOpenSSLError(L"SSL_read_ex") + L' ' + formatSslErrorCode(sslError));
         }
         assert(bytesReceived > 0); //SSL_read_ex() considers EOF an error!
@@ -771,7 +764,7 @@ std::string zen::convertPuttyKeyToPkix(const std::string& keyStream, const std::
 
     auto numToBeString = [](size_t n) -> std::string
     {
-        static_assert(usingLittleEndian()&& sizeof(n) >= 4);
+        static_assert(usingLittleEndian() && sizeof(n) >= 4);
         const char* numStr = reinterpret_cast<const char*>(&n);
         return { numStr[3], numStr[2], numStr[1], numStr[0] }; //big endian!
     };