net-libs/c-client: Fixed build with openssl-1.1

Closes: https://bugs.gentoo.org/647616
Signed-off-by: Lars Wendler <polynomial-c@gentoo.org>
Package-Manager: Portage-2.3.51, Repoman-2.3.11

1 files changed, 66 insertions, 0 deletions

diff --git a/net-libs/c-client/files/c-client-2007f-openssl-1.1.patch b/net-libs/c-client/files/c-client-2007f-openssl-1.1.patch
new file mode 100644
index 000000000000..918f0bd3fbd5
--- /dev/null
+++ b/net-libs/c-client/files/c-client-2007f-openssl-1.1.patch
@@ -0,0 +1,66 @@
+diff -Nru a/src/osdep/unix/ssl_unix.c b/src/osdep/unix/ssl_unix.c
+--- a/src/osdep/unix/ssl_unix.c	2011-07-23 02:20:10.000000000 +0200
++++ b/src/osdep/unix/ssl_unix.c	2018-09-22 09:34:26.492765776 +0200
+@@ -59,7 +59,7 @@
+ static SSLSTREAM *ssl_start(TCPSTREAM *tstream,char *host,unsigned long flags);
+ static char *ssl_start_work (SSLSTREAM *stream,char *host,unsigned long flags);
+ static int ssl_open_verify (int ok,X509_STORE_CTX *ctx);
+-static char *ssl_validate_cert (X509 *cert,char *host);
++static char *ssl_validate_cert (X509 *cert,char *host, char *cert_subj);
+ static long ssl_compare_hostnames (unsigned char *s,unsigned char *pat);
+ static char *ssl_getline_work (SSLSTREAM *stream,unsigned long *size,
+ 			       long *contd);
+@@ -210,6 +210,7 @@
+   BIO *bio;
+   X509 *cert;
+   unsigned long sl,tl;
++  char cert_subj[250];
+   char *s,*t,*err,tmp[MAILTMPLEN];
+   sslcertificatequery_t scq =
+     (sslcertificatequery_t) mail_parameters (NIL,GET_SSLCERTIFICATEQUERY,NIL);
+@@ -266,13 +267,17 @@
+   if (SSL_write (stream->con,"",0) < 0)
+     return ssl_last_error ? ssl_last_error : "SSL negotiation failed";
+ 				/* need to validate host names? */
+-  if (!(flags & NET_NOVALIDATECERT) &&
+-      (err = ssl_validate_cert (cert = SSL_get_peer_certificate (stream->con),
+-				host))) {
+-				/* application callback */
+-    if (scq) return (*scq) (err,host,cert ? cert->name : "???") ? NIL : "";
+-				/* error message to return via mm_log() */
+-    sprintf (tmp,"*%.128s: %.255s",err,cert ? cert->name : "???");
++  if (!(flags & NET_NOVALIDATECERT)) {
++    cert_subj[0] = '\0';
++    cert = SSL_get_peer_certificate(stream->con);
++    if (cert)
++      X509_NAME_oneline(X509_get_subject_name(cert), cert_subj, sizeof(cert_subj));
++    err = ssl_validate_cert (cert, host, cert_subj);
++    if (err)
++      /* application callback */
++      if (scq) return (*scq) (err,host,cert ? cert_subj : "???") ? NIL : "";
++    /* error message to return via mm_log() */
++    sprintf (tmp,"*%.128s: %.255s",err,cert ? cert_subj : "???");
+     return ssl_last_error = cpystr (tmp);
+   }
+   return NIL;
+@@ -313,7 +318,7 @@
+  * Returns: NIL if validated, else string of error message
+  */
+ 
+-static char *ssl_validate_cert (X509 *cert,char *host)
++static char *ssl_validate_cert (X509 *cert,char *host, char *cert_subj)
+ {
+   int i,n;
+   char *s,*t,*ret;
+@@ -322,9 +327,9 @@
+ 				/* make sure have a certificate */
+   if (!cert) ret = "No certificate from server";
+ 				/* and that it has a name */
+-  else if (!cert->name) ret = "No name in certificate";
++  else if (cert_subj[0] == '\0') ret = "No name in certificate";
+ 				/* locate CN */
+-  else if (s = strstr (cert->name,"/CN=")) {
++  else if (s = strstr (cert_subj,"/CN=")) {
+     if (t = strchr (s += 4,'/')) *t = '\0';
+ 				/* host name matches pattern? */
+     ret = ssl_compare_hostnames (host,s) ? NIL :