main/openssl: add ircv3 tls-3.1 extension support to s_client

2 files changed, 60 insertions, 2 deletions

diff --git a/main/openssl/0005-s_client-ircv3-starttls.patch b/main/openssl/0005-s_client-ircv3-starttls.patch
new file mode 100644
index 000000000..880cbb651
--- /dev/null
+++ b/main/openssl/0005-s_client-ircv3-starttls.patch
@@ -0,0 +1,56 @@
+--- openssl-1.0.1c/apps/s_client.c
++++ openssl-1.0.1c.mod/apps/s_client.c
+@@ -344,7 +344,7 @@
+ 	BIO_printf(bio_err," -starttls prot - use the STARTTLS command before starting TLS\n");
+ 	BIO_printf(bio_err,"                 for those protocols that support it, where\n");
+ 	BIO_printf(bio_err,"                 'prot' defines which one to assume.  Currently,\n");
+-	BIO_printf(bio_err,"                 only \"smtp\", \"pop3\", \"imap\", \"ftp\" and \"xmpp\"\n");
++	BIO_printf(bio_err,"                 only \"smtp\", \"pop3\", \"imap\", \"ftp\", \"xmpp\" and \"ircv3\"\n");
+ 	BIO_printf(bio_err,"                 are supported.\n");
+ #ifndef OPENSSL_NO_ENGINE
+ 	BIO_printf(bio_err," -engine id    - Initialise and use the specified engine\n");
+@@ -546,7 +546,8 @@
+ 	PROTO_POP3,
+ 	PROTO_IMAP,
+ 	PROTO_FTP,
+-	PROTO_XMPP
++	PROTO_XMPP,
++	PROTO_IRCV3
+ };
+ 
+ int MAIN(int, char **);
+@@ -910,6 +911,8 @@
+ 				starttls_proto = PROTO_FTP;
+ 			else if (strcmp(*argv, "xmpp") == 0)
+ 				starttls_proto = PROTO_XMPP;
++			else if (strcmp(*argv, "ircv3") == 0)
++				starttls_proto = PROTO_IRCV3;
+ 			else
+ 				goto bad;
+ 			}
+@@ -1484,6 +1487,25 @@
+ 		sbuf[seen] = 0;
+ 		if (!strstr(sbuf, "<proceed"))
+ 			goto shut;
++		mbuf[0] = 0;
++		}
++	if (starttls_proto == PROTO_IRCV3)
++		{
++		int seen = 0;
++		BIO_printf(sbio,"CAP REQ :tls\r\n");
++		while (!strstr(mbuf,"CAP"))
++			{
++			seen = BIO_read(sbio,mbuf,BUFSIZZ);
++			mbuf[seen] = 0;
++			}
++		if (!strstr(mbuf,"ACK"))
++			goto shut;
++		BIO_printf(sbio,"CAP END\r\nSTARTTLS\r\n");
++		while (!strstr(sbuf, "670"))
++			{
++			seen = BIO_read(sbio,sbuf,BUFSIZZ);
++			sbuf[seen] = 0;
++			}
+ 		mbuf[0] = 0;
+ 		}
+ 
diff --git a/main/openssl/APKBUILD b/main/openssl/APKBUILD
index 5655fb4b0..526044d0b 100644
--- a/main/openssl/APKBUILD
+++ b/main/openssl/APKBUILD
@@ -1,7 +1,7 @@
 # Maintainer: Timo Teras <timo.teras@iki.fi>
 pkgname=openssl
 pkgver=1.0.1c
-pkgrel=2
+pkgrel=3
 pkgdesc="Toolkit for SSL v2/v3 and TLS v1"
 url="http://openssl.org"
 depends=
@@ -19,6 +19,7 @@ source="http://www.openssl.org/source/${pkgname}-${pkgver}.tar.gz
 	0002-engines-e_padlock-backport-cvs-head-changes.patch
 	0003-engines-e_padlock-implement-sha1-sha224-sha256-accel.patch
 	0004-crypto-engine-autoload-padlock-dynamic-engine.patch
+	0005-s_client-ircv3-starttls.patch
 	"
 
 _builddir="$srcdir"/$pkgname-$pkgver
@@ -74,4 +75,5 @@ c6a9857a5dbd30cead0404aa7dd73977  openssl-bb-basename.patch
 ddb5fc155145d5b852425adaec32234d  0001-crypto-hmac-support-EVP_MD_CTX_FLAG_ONESHOT-and-set-.patch
 4a7b9e20beb33a5e262ab64c2b8e5b48  0002-engines-e_padlock-backport-cvs-head-changes.patch
 d95bbaa38889836afd3c52f3962f3b54  0003-engines-e_padlock-implement-sha1-sha224-sha256-accel.patch
-c32f42451a07267ee5dfb3781fa40c00  0004-crypto-engine-autoload-padlock-dynamic-engine.patch"
+c32f42451a07267ee5dfb3781fa40c00  0004-crypto-engine-autoload-padlock-dynamic-engine.patch
+c5b1042a3acaf3591f3f5620b7086e12  0005-s_client-ircv3-starttls.patch"