View Issue Details

IDProjectCategoryView StatusLast Update
0031244FPCPackagespublic2019-11-02 16:56
ReporterUdo SchmalAssigned ToMichael Van Canneyt 
PrioritynormalSeverityminorReproducibilityalways
Status resolvedResolutionfixed 
PlatformallOSOS Version
Product VersionProduct Build 
Target Version3.2.0Fixed in Version3.1.1 
Summary0031244: package openssl does not support TLS 1.2
Descriptionattached patch for TLS 1.1 and 1.2
checkt with OpenSSL 1.0.2j-fips 26 Sep 2016
TagsNo tags attached.
Fixed in Revision35324
FPCOldBugId
FPCTarget
Attached Files
  • openssl.patch (3,780 bytes)
    Index: src/fpopenssl.pp
    ===================================================================
    --- src/fpopenssl.pp	(Revision 35310)
    +++ src/fpopenssl.pp	(Arbeitskopie)
    @@ -21,7 +21,7 @@
     uses
       Classes, SysUtils, openssl, ctypes;
     Type
    -  TSSLType = (stAny,stSSLv2,stSSLv3,stTLSv1);
    +  TSSLType = (stAny,stSSLv2,stSSLv3,stTLSv1,stTLSv1_1,stTLSv1_2);
     
       //  PASN1_INTEGER = SslPtr;
     
    @@ -145,6 +145,8 @@
         stSSLv2: C := SslCtxNew(SslMethodV2);
         stSSLv3: C := SslCtxNew(SslMethodV3);
         stTLSv1: C := SslCtxNew(SslMethodTLSV1);
    +    stTLSv1_1: C := SslCtxNew(SslMethodTLSV1_1);
    +    stTLSv1_2: C := SslCtxNew(SslMethodTLSV1_2);
       end;
       if (C=Nil) then
          Raise ESSL.Create(SErrCountNotGetContext);
    Index: src/openssl.pas
    ===================================================================
    --- src/openssl.pas	(Revision 35310)
    +++ src/openssl.pas	(Arbeitskopie)
    @@ -661,6 +661,8 @@
       SSL_OP_NO_SSLv2 = $01000000;
       SSL_OP_NO_SSLv3 = $02000000;
       SSL_OP_NO_TLSv1 = $04000000;
    +  SSL_OP_NO_TLSv1_1 = $08000000;
    +  SSL_OP_NO_TLSv1_2 = $10000000;
       SSL_OP_ALL = $000FFFFF;
       SSL_VERIFY_NONE = $00;
       SSL_VERIFY_PEER = $01;
    @@ -864,6 +866,8 @@
       function SslMethodV2:PSSL_METHOD;
       function SslMethodV3:PSSL_METHOD;
       function SslMethodTLSV1:PSSL_METHOD;
    +  function SslMethodTLSV1_1:PSSL_METHOD;
    +  function SslMethodTLSV1_2:PSSL_METHOD;
       function SslMethodV23:PSSL_METHOD;
       function SslCtxUsePrivateKey(ctx: PSSL_CTX; pkey: SslPtr):cInt;
       function SslCtxUsePrivateKeyASN1(pk: cInt; ctx: PSSL_CTX; d: String; len: cLong):cInt;
    @@ -1261,6 +1265,8 @@
       TSslMethodV2 = function:PSSL_METHOD; cdecl;
       TSslMethodV3 = function:PSSL_METHOD; cdecl;
       TSslMethodTLSV1 = function:PSSL_METHOD; cdecl;
    +  TSslMethodTLSV1_1 = function:PSSL_METHOD; cdecl;
    +  TSslMethodTLSV1_2 = function:PSSL_METHOD; cdecl;
       TSslMethodV23 = function:PSSL_METHOD; cdecl;
       TSslCtxUsePrivateKey = function(ctx: PSSL_CTX; pkey: sslptr):cInt; cdecl;
       TSslCtxUsePrivateKeyASN1 = function(pk: cInt; ctx: PSSL_CTX; d: sslptr; len: cInt):cInt; cdecl;
    @@ -1475,6 +1481,8 @@
       _SslMethodV2: TSslMethodV2 = nil;
       _SslMethodV3: TSslMethodV3 = nil;
       _SslMethodTLSV1: TSslMethodTLSV1 = nil;
    +  _SslMethodTLSV1_1: TSslMethodTLSV1_1 = nil;
    +  _SslMethodTLSV1_2: TSslMethodTLSV1_2 = nil;
       _SslMethodV23: TSslMethodV23 = nil;
       _SslCtxUsePrivateKey: TSslCtxUsePrivateKey = nil;
       _SslCtxUsePrivateKeyASN1: TSslCtxUsePrivateKeyASN1 = nil;
    @@ -1870,6 +1878,22 @@
         Result := nil;
     end;
     
    +function SslMethodTLSV1_1:PSSL_METHOD;
    +begin
    +  if InitSSLInterface and Assigned(_SslMethodTLSV1_1) then
    +    Result := _SslMethodTLSV1_1
    +  else
    +    Result := nil;
    +end;
    +
    +function SslMethodTLSV1_2:PSSL_METHOD;
    +begin
    +  if InitSSLInterface and Assigned(_SslMethodTLSV1_2) then
    +    Result := _SslMethodTLSV1_2
    +  else
    +    Result := nil;
    +end;
    +
     function SslMethodV23:PSSL_METHOD;
     begin
       if InitSSLInterface and Assigned(_SslMethodV23) then
    @@ -3801,6 +3825,8 @@
       _SslMethodV2 := GetProcAddr(SSLLibHandle, 'SSLv2_method');
       _SslMethodV3 := GetProcAddr(SSLLibHandle, 'SSLv3_method');
       _SslMethodTLSV1 := GetProcAddr(SSLLibHandle, 'TLSv1_method');
    +  _SslMethodTLSV1_1 := GetProcAddr(SSLLibHandle, 'TLSv1_1_method');
    +  _SslMethodTLSV1_2 := GetProcAddr(SSLLibHandle, 'TLSv1_2_method');
       _SslMethodV23 := GetProcAddr(SSLLibHandle, 'SSLv23_method');
       _SslCtxUsePrivateKey := GetProcAddr(SSLLibHandle, 'SSL_CTX_use_PrivateKey');
       _SslCtxUsePrivateKeyASN1 := GetProcAddr(SSLLibHandle, 'SSL_CTX_use_PrivateKey_ASN1');
    @@ -4080,6 +4106,8 @@
       _SslMethodV2 := nil;
       _SslMethodV3 := nil;
       _SslMethodTLSV1 := nil;
    +  _SslMethodTLSV1_1 := nil;
    +  _SslMethodTLSV1_2 := nil;
       _SslMethodV23 := nil;
       _SslCtxUsePrivateKey := nil;
       _SslCtxUsePrivateKeyASN1 := nil;
    
    openssl.patch (3,780 bytes)
  • openssl2.patch (6,396 bytes)
    Index: src/fpopenssl.pp
    ===================================================================
    --- src/fpopenssl.pp	(Revision 35310)
    +++ src/fpopenssl.pp	(Arbeitskopie)
    @@ -21,7 +21,7 @@
     uses
       Classes, SysUtils, openssl, ctypes;
     Type
    -  TSSLType = (stAny,stSSLv2,stSSLv3,stTLSv1);
    +  TSSLType = (stAny,stSSLv2,stSSLv3,stTLSv1,stTLSv1_1,stTLSv1_2);
     
       //  PASN1_INTEGER = SslPtr;
     
    @@ -66,6 +66,7 @@
         function LoadVerifyLocations(const CAfile: String; const CApath: String):cInt;
         function LoadPFX(Const S,APassword : AnsiString) : cint;
         function LoadPFX(Data : TSSLData; Const APAssword : Ansistring) : cint;
    +    function SetOptions(AOptions: cLong): cLong;
         Property CTX: PSSL_CTX Read FCTX;
       end;
     
    @@ -140,11 +141,14 @@
       C : PSSL_CTX;
     
     begin
    +  C := nil;
       Case AType of
         stAny:  C := SslCtxNew(SslMethodV23);
         stSSLv2: C := SslCtxNew(SslMethodV2);
         stSSLv3: C := SslCtxNew(SslMethodV3);
         stTLSv1: C := SslCtxNew(SslMethodTLSV1);
    +    stTLSv1_1: C := SslCtxNew(SslMethodTLSV1_1);
    +    stTLSv1_2: C := SslCtxNew(SslMethodTLSV1_2);
       end;
       if (C=Nil) then
          Raise ESSL.Create(SErrCountNotGetContext);
    @@ -327,6 +331,10 @@
       end;
     end;
     
    +function TSSLContext.SetOptions(AOptions: cLong): cLong;
    +begin
    +  result := SslCtxCtrl(FCTX, SSL_CTRL_OPTIONS, AOptions, nil);
    +end;
     
     { TSSLData }
     
    Index: src/openssl.pas
    ===================================================================
    --- src/openssl.pas	(Revision 35310)
    +++ src/openssl.pas	(Arbeitskopie)
    @@ -658,10 +658,39 @@
       SSL_MODE_AUTO_RETRY = 4;
       SSL_MODE_NO_AUTO_CHAIN = 8;
     
    -  SSL_OP_NO_SSLv2 = $01000000;
    -  SSL_OP_NO_SSLv3 = $02000000;
    -  SSL_OP_NO_TLSv1 = $04000000;
    -  SSL_OP_ALL = $000FFFFF;
    +  SSL_OP_MICROSOFT_SESS_ID_BUG                  = $00000001;
    +  SSL_OP_NETSCAPE_CHALLENGE_BUG                 = $00000002;
    +  SSL_OP_LEGACY_SERVER_CONNECT                  = $00000004;
    +  SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG       = $00000008;
    +  SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG            = $00000010;
    +  SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER             = $00000020;
    +  SSL_OP_MSIE_SSLV2_RSA_PADDING                 = $00000040;
    +  SSL_OP_SSLEAY_080_CLIENT_DH_BUG               = $00000080;
    +  SSL_OP_TLS_D5_BUG                             = $00000100;
    +  SSL_OP_TLS_BLOCK_PADDING_BUG                  = $00000200;
    +  SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS            = $00000800;
    +  SSL_OP_NO_QUERY_MTU                           = $00001000;
    +  SSL_OP_COOKIE_EXCHANGE                        = $00002000;
    +  SSL_OP_NO_TICKET                              = $00004000;
    +  SSL_OP_CISCO_ANYCONNECT                       = $00008000;
    +  SSL_OP_ALL                                    = $000FFFFF;
    +  SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION = $00010000;
    +  SSL_OP_NO_COMPRESSION                         = $00020000;
    +  SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION      = $00040000;
    +  SSL_OP_SINGLE_ECDH_USE                        = $00080000;
    +  SSL_OP_SINGLE_DH_USE                          = $00100000;
    +  SSL_OP_EPHEMERAL_RSA                          = $00200000;
    +  SSL_OP_CIPHER_SERVER_PREFERENCE               = $00400000;
    +  SSL_OP_TLS_ROLLBACK_BUG                       = $00800000;
    +  SSL_OP_NO_SSLv2                               = $01000000;
    +  SSL_OP_NO_SSLv3                               = $02000000;
    +  SSL_OP_NO_TLSv1                               = $04000000;
    +  SSL_OP_NO_TLSv1_2                             = $08000000;
    +  SSL_OP_NO_TLSv1_1                             = $10000000;
    +  SSL_OP_NETSCAPE_CA_DN_BUG                     = $20000000;
    +  SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG        = $40000000;
    +  SSL_OP_CRYPTOPRO_TLSEXT_BUG                   = $80000000;
    +
       SSL_VERIFY_NONE = $00;
       SSL_VERIFY_PEER = $01;
     
    @@ -864,6 +893,8 @@
       function SslMethodV2:PSSL_METHOD;
       function SslMethodV3:PSSL_METHOD;
       function SslMethodTLSV1:PSSL_METHOD;
    +  function SslMethodTLSV1_1:PSSL_METHOD;
    +  function SslMethodTLSV1_2:PSSL_METHOD;
       function SslMethodV23:PSSL_METHOD;
       function SslCtxUsePrivateKey(ctx: PSSL_CTX; pkey: SslPtr):cInt;
       function SslCtxUsePrivateKeyASN1(pk: cInt; ctx: PSSL_CTX; d: String; len: cLong):cInt;
    @@ -1261,6 +1292,8 @@
       TSslMethodV2 = function:PSSL_METHOD; cdecl;
       TSslMethodV3 = function:PSSL_METHOD; cdecl;
       TSslMethodTLSV1 = function:PSSL_METHOD; cdecl;
    +  TSslMethodTLSV1_1 = function:PSSL_METHOD; cdecl;
    +  TSslMethodTLSV1_2 = function:PSSL_METHOD; cdecl;
       TSslMethodV23 = function:PSSL_METHOD; cdecl;
       TSslCtxUsePrivateKey = function(ctx: PSSL_CTX; pkey: sslptr):cInt; cdecl;
       TSslCtxUsePrivateKeyASN1 = function(pk: cInt; ctx: PSSL_CTX; d: sslptr; len: cInt):cInt; cdecl;
    @@ -1475,6 +1508,8 @@
       _SslMethodV2: TSslMethodV2 = nil;
       _SslMethodV3: TSslMethodV3 = nil;
       _SslMethodTLSV1: TSslMethodTLSV1 = nil;
    +  _SslMethodTLSV1_1: TSslMethodTLSV1_1 = nil;
    +  _SslMethodTLSV1_2: TSslMethodTLSV1_2 = nil;
       _SslMethodV23: TSslMethodV23 = nil;
       _SslCtxUsePrivateKey: TSslCtxUsePrivateKey = nil;
       _SslCtxUsePrivateKeyASN1: TSslCtxUsePrivateKeyASN1 = nil;
    @@ -1870,6 +1905,22 @@
         Result := nil;
     end;
     
    +function SslMethodTLSV1_1:PSSL_METHOD;
    +begin
    +  if InitSSLInterface and Assigned(_SslMethodTLSV1_1) then
    +    Result := _SslMethodTLSV1_1
    +  else
    +    Result := nil;
    +end;
    +
    +function SslMethodTLSV1_2:PSSL_METHOD;
    +begin
    +  if InitSSLInterface and Assigned(_SslMethodTLSV1_2) then
    +    Result := _SslMethodTLSV1_2
    +  else
    +    Result := nil;
    +end;
    +
     function SslMethodV23:PSSL_METHOD;
     begin
       if InitSSLInterface and Assigned(_SslMethodV23) then
    @@ -3801,6 +3852,8 @@
       _SslMethodV2 := GetProcAddr(SSLLibHandle, 'SSLv2_method');
       _SslMethodV3 := GetProcAddr(SSLLibHandle, 'SSLv3_method');
       _SslMethodTLSV1 := GetProcAddr(SSLLibHandle, 'TLSv1_method');
    +  _SslMethodTLSV1_1 := GetProcAddr(SSLLibHandle, 'TLSv1_1_method');
    +  _SslMethodTLSV1_2 := GetProcAddr(SSLLibHandle, 'TLSv1_2_method');
       _SslMethodV23 := GetProcAddr(SSLLibHandle, 'SSLv23_method');
       _SslCtxUsePrivateKey := GetProcAddr(SSLLibHandle, 'SSL_CTX_use_PrivateKey');
       _SslCtxUsePrivateKeyASN1 := GetProcAddr(SSLLibHandle, 'SSL_CTX_use_PrivateKey_ASN1');
    @@ -4080,6 +4133,8 @@
       _SslMethodV2 := nil;
       _SslMethodV3 := nil;
       _SslMethodTLSV1 := nil;
    +  _SslMethodTLSV1_1 := nil;
    +  _SslMethodTLSV1_2 := nil;
       _SslMethodV23 := nil;
       _SslCtxUsePrivateKey := nil;
       _SslCtxUsePrivateKeyASN1 := nil;
    
    openssl2.patch (6,396 bytes)

Activities

Udo Schmal

2017-01-17 16:29

reporter  

openssl.patch (3,780 bytes)
Index: src/fpopenssl.pp
===================================================================
--- src/fpopenssl.pp	(Revision 35310)
+++ src/fpopenssl.pp	(Arbeitskopie)
@@ -21,7 +21,7 @@
 uses
   Classes, SysUtils, openssl, ctypes;
 Type
-  TSSLType = (stAny,stSSLv2,stSSLv3,stTLSv1);
+  TSSLType = (stAny,stSSLv2,stSSLv3,stTLSv1,stTLSv1_1,stTLSv1_2);
 
   //  PASN1_INTEGER = SslPtr;
 
@@ -145,6 +145,8 @@
     stSSLv2: C := SslCtxNew(SslMethodV2);
     stSSLv3: C := SslCtxNew(SslMethodV3);
     stTLSv1: C := SslCtxNew(SslMethodTLSV1);
+    stTLSv1_1: C := SslCtxNew(SslMethodTLSV1_1);
+    stTLSv1_2: C := SslCtxNew(SslMethodTLSV1_2);
   end;
   if (C=Nil) then
      Raise ESSL.Create(SErrCountNotGetContext);
Index: src/openssl.pas
===================================================================
--- src/openssl.pas	(Revision 35310)
+++ src/openssl.pas	(Arbeitskopie)
@@ -661,6 +661,8 @@
   SSL_OP_NO_SSLv2 = $01000000;
   SSL_OP_NO_SSLv3 = $02000000;
   SSL_OP_NO_TLSv1 = $04000000;
+  SSL_OP_NO_TLSv1_1 = $08000000;
+  SSL_OP_NO_TLSv1_2 = $10000000;
   SSL_OP_ALL = $000FFFFF;
   SSL_VERIFY_NONE = $00;
   SSL_VERIFY_PEER = $01;
@@ -864,6 +866,8 @@
   function SslMethodV2:PSSL_METHOD;
   function SslMethodV3:PSSL_METHOD;
   function SslMethodTLSV1:PSSL_METHOD;
+  function SslMethodTLSV1_1:PSSL_METHOD;
+  function SslMethodTLSV1_2:PSSL_METHOD;
   function SslMethodV23:PSSL_METHOD;
   function SslCtxUsePrivateKey(ctx: PSSL_CTX; pkey: SslPtr):cInt;
   function SslCtxUsePrivateKeyASN1(pk: cInt; ctx: PSSL_CTX; d: String; len: cLong):cInt;
@@ -1261,6 +1265,8 @@
   TSslMethodV2 = function:PSSL_METHOD; cdecl;
   TSslMethodV3 = function:PSSL_METHOD; cdecl;
   TSslMethodTLSV1 = function:PSSL_METHOD; cdecl;
+  TSslMethodTLSV1_1 = function:PSSL_METHOD; cdecl;
+  TSslMethodTLSV1_2 = function:PSSL_METHOD; cdecl;
   TSslMethodV23 = function:PSSL_METHOD; cdecl;
   TSslCtxUsePrivateKey = function(ctx: PSSL_CTX; pkey: sslptr):cInt; cdecl;
   TSslCtxUsePrivateKeyASN1 = function(pk: cInt; ctx: PSSL_CTX; d: sslptr; len: cInt):cInt; cdecl;
@@ -1475,6 +1481,8 @@
   _SslMethodV2: TSslMethodV2 = nil;
   _SslMethodV3: TSslMethodV3 = nil;
   _SslMethodTLSV1: TSslMethodTLSV1 = nil;
+  _SslMethodTLSV1_1: TSslMethodTLSV1_1 = nil;
+  _SslMethodTLSV1_2: TSslMethodTLSV1_2 = nil;
   _SslMethodV23: TSslMethodV23 = nil;
   _SslCtxUsePrivateKey: TSslCtxUsePrivateKey = nil;
   _SslCtxUsePrivateKeyASN1: TSslCtxUsePrivateKeyASN1 = nil;
@@ -1870,6 +1878,22 @@
     Result := nil;
 end;
 
+function SslMethodTLSV1_1:PSSL_METHOD;
+begin
+  if InitSSLInterface and Assigned(_SslMethodTLSV1_1) then
+    Result := _SslMethodTLSV1_1
+  else
+    Result := nil;
+end;
+
+function SslMethodTLSV1_2:PSSL_METHOD;
+begin
+  if InitSSLInterface and Assigned(_SslMethodTLSV1_2) then
+    Result := _SslMethodTLSV1_2
+  else
+    Result := nil;
+end;
+
 function SslMethodV23:PSSL_METHOD;
 begin
   if InitSSLInterface and Assigned(_SslMethodV23) then
@@ -3801,6 +3825,8 @@
   _SslMethodV2 := GetProcAddr(SSLLibHandle, 'SSLv2_method');
   _SslMethodV3 := GetProcAddr(SSLLibHandle, 'SSLv3_method');
   _SslMethodTLSV1 := GetProcAddr(SSLLibHandle, 'TLSv1_method');
+  _SslMethodTLSV1_1 := GetProcAddr(SSLLibHandle, 'TLSv1_1_method');
+  _SslMethodTLSV1_2 := GetProcAddr(SSLLibHandle, 'TLSv1_2_method');
   _SslMethodV23 := GetProcAddr(SSLLibHandle, 'SSLv23_method');
   _SslCtxUsePrivateKey := GetProcAddr(SSLLibHandle, 'SSL_CTX_use_PrivateKey');
   _SslCtxUsePrivateKeyASN1 := GetProcAddr(SSLLibHandle, 'SSL_CTX_use_PrivateKey_ASN1');
@@ -4080,6 +4106,8 @@
   _SslMethodV2 := nil;
   _SslMethodV3 := nil;
   _SslMethodTLSV1 := nil;
+  _SslMethodTLSV1_1 := nil;
+  _SslMethodTLSV1_2 := nil;
   _SslMethodV23 := nil;
   _SslCtxUsePrivateKey := nil;
   _SslCtxUsePrivateKeyASN1 := nil;
openssl.patch (3,780 bytes)

Udo Schmal

2017-01-20 13:47

reporter   ~0097608

Last edited: 2017-01-20 14:18

View 2 revisions

// openssl2.patch add also
// enable TLS 1.0, 1.1 and 1.2 on OpenSSL

    FCTX := TSSLContext.Create(stAny);
    FCTX.SetOptions(SSL_OP_NO_SSLv2 or SSL_OP_NO_SSLv3 or SSL_OP_NO_COMPRESSION);

Udo Schmal

2017-01-20 13:48

reporter  

openssl2.patch (6,396 bytes)
Index: src/fpopenssl.pp
===================================================================
--- src/fpopenssl.pp	(Revision 35310)
+++ src/fpopenssl.pp	(Arbeitskopie)
@@ -21,7 +21,7 @@
 uses
   Classes, SysUtils, openssl, ctypes;
 Type
-  TSSLType = (stAny,stSSLv2,stSSLv3,stTLSv1);
+  TSSLType = (stAny,stSSLv2,stSSLv3,stTLSv1,stTLSv1_1,stTLSv1_2);
 
   //  PASN1_INTEGER = SslPtr;
 
@@ -66,6 +66,7 @@
     function LoadVerifyLocations(const CAfile: String; const CApath: String):cInt;
     function LoadPFX(Const S,APassword : AnsiString) : cint;
     function LoadPFX(Data : TSSLData; Const APAssword : Ansistring) : cint;
+    function SetOptions(AOptions: cLong): cLong;
     Property CTX: PSSL_CTX Read FCTX;
   end;
 
@@ -140,11 +141,14 @@
   C : PSSL_CTX;
 
 begin
+  C := nil;
   Case AType of
     stAny:  C := SslCtxNew(SslMethodV23);
     stSSLv2: C := SslCtxNew(SslMethodV2);
     stSSLv3: C := SslCtxNew(SslMethodV3);
     stTLSv1: C := SslCtxNew(SslMethodTLSV1);
+    stTLSv1_1: C := SslCtxNew(SslMethodTLSV1_1);
+    stTLSv1_2: C := SslCtxNew(SslMethodTLSV1_2);
   end;
   if (C=Nil) then
      Raise ESSL.Create(SErrCountNotGetContext);
@@ -327,6 +331,10 @@
   end;
 end;
 
+function TSSLContext.SetOptions(AOptions: cLong): cLong;
+begin
+  result := SslCtxCtrl(FCTX, SSL_CTRL_OPTIONS, AOptions, nil);
+end;
 
 { TSSLData }
 
Index: src/openssl.pas
===================================================================
--- src/openssl.pas	(Revision 35310)
+++ src/openssl.pas	(Arbeitskopie)
@@ -658,10 +658,39 @@
   SSL_MODE_AUTO_RETRY = 4;
   SSL_MODE_NO_AUTO_CHAIN = 8;
 
-  SSL_OP_NO_SSLv2 = $01000000;
-  SSL_OP_NO_SSLv3 = $02000000;
-  SSL_OP_NO_TLSv1 = $04000000;
-  SSL_OP_ALL = $000FFFFF;
+  SSL_OP_MICROSOFT_SESS_ID_BUG                  = $00000001;
+  SSL_OP_NETSCAPE_CHALLENGE_BUG                 = $00000002;
+  SSL_OP_LEGACY_SERVER_CONNECT                  = $00000004;
+  SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG       = $00000008;
+  SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG            = $00000010;
+  SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER             = $00000020;
+  SSL_OP_MSIE_SSLV2_RSA_PADDING                 = $00000040;
+  SSL_OP_SSLEAY_080_CLIENT_DH_BUG               = $00000080;
+  SSL_OP_TLS_D5_BUG                             = $00000100;
+  SSL_OP_TLS_BLOCK_PADDING_BUG                  = $00000200;
+  SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS            = $00000800;
+  SSL_OP_NO_QUERY_MTU                           = $00001000;
+  SSL_OP_COOKIE_EXCHANGE                        = $00002000;
+  SSL_OP_NO_TICKET                              = $00004000;
+  SSL_OP_CISCO_ANYCONNECT                       = $00008000;
+  SSL_OP_ALL                                    = $000FFFFF;
+  SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION = $00010000;
+  SSL_OP_NO_COMPRESSION                         = $00020000;
+  SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION      = $00040000;
+  SSL_OP_SINGLE_ECDH_USE                        = $00080000;
+  SSL_OP_SINGLE_DH_USE                          = $00100000;
+  SSL_OP_EPHEMERAL_RSA                          = $00200000;
+  SSL_OP_CIPHER_SERVER_PREFERENCE               = $00400000;
+  SSL_OP_TLS_ROLLBACK_BUG                       = $00800000;
+  SSL_OP_NO_SSLv2                               = $01000000;
+  SSL_OP_NO_SSLv3                               = $02000000;
+  SSL_OP_NO_TLSv1                               = $04000000;
+  SSL_OP_NO_TLSv1_2                             = $08000000;
+  SSL_OP_NO_TLSv1_1                             = $10000000;
+  SSL_OP_NETSCAPE_CA_DN_BUG                     = $20000000;
+  SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG        = $40000000;
+  SSL_OP_CRYPTOPRO_TLSEXT_BUG                   = $80000000;
+
   SSL_VERIFY_NONE = $00;
   SSL_VERIFY_PEER = $01;
 
@@ -864,6 +893,8 @@
   function SslMethodV2:PSSL_METHOD;
   function SslMethodV3:PSSL_METHOD;
   function SslMethodTLSV1:PSSL_METHOD;
+  function SslMethodTLSV1_1:PSSL_METHOD;
+  function SslMethodTLSV1_2:PSSL_METHOD;
   function SslMethodV23:PSSL_METHOD;
   function SslCtxUsePrivateKey(ctx: PSSL_CTX; pkey: SslPtr):cInt;
   function SslCtxUsePrivateKeyASN1(pk: cInt; ctx: PSSL_CTX; d: String; len: cLong):cInt;
@@ -1261,6 +1292,8 @@
   TSslMethodV2 = function:PSSL_METHOD; cdecl;
   TSslMethodV3 = function:PSSL_METHOD; cdecl;
   TSslMethodTLSV1 = function:PSSL_METHOD; cdecl;
+  TSslMethodTLSV1_1 = function:PSSL_METHOD; cdecl;
+  TSslMethodTLSV1_2 = function:PSSL_METHOD; cdecl;
   TSslMethodV23 = function:PSSL_METHOD; cdecl;
   TSslCtxUsePrivateKey = function(ctx: PSSL_CTX; pkey: sslptr):cInt; cdecl;
   TSslCtxUsePrivateKeyASN1 = function(pk: cInt; ctx: PSSL_CTX; d: sslptr; len: cInt):cInt; cdecl;
@@ -1475,6 +1508,8 @@
   _SslMethodV2: TSslMethodV2 = nil;
   _SslMethodV3: TSslMethodV3 = nil;
   _SslMethodTLSV1: TSslMethodTLSV1 = nil;
+  _SslMethodTLSV1_1: TSslMethodTLSV1_1 = nil;
+  _SslMethodTLSV1_2: TSslMethodTLSV1_2 = nil;
   _SslMethodV23: TSslMethodV23 = nil;
   _SslCtxUsePrivateKey: TSslCtxUsePrivateKey = nil;
   _SslCtxUsePrivateKeyASN1: TSslCtxUsePrivateKeyASN1 = nil;
@@ -1870,6 +1905,22 @@
     Result := nil;
 end;
 
+function SslMethodTLSV1_1:PSSL_METHOD;
+begin
+  if InitSSLInterface and Assigned(_SslMethodTLSV1_1) then
+    Result := _SslMethodTLSV1_1
+  else
+    Result := nil;
+end;
+
+function SslMethodTLSV1_2:PSSL_METHOD;
+begin
+  if InitSSLInterface and Assigned(_SslMethodTLSV1_2) then
+    Result := _SslMethodTLSV1_2
+  else
+    Result := nil;
+end;
+
 function SslMethodV23:PSSL_METHOD;
 begin
   if InitSSLInterface and Assigned(_SslMethodV23) then
@@ -3801,6 +3852,8 @@
   _SslMethodV2 := GetProcAddr(SSLLibHandle, 'SSLv2_method');
   _SslMethodV3 := GetProcAddr(SSLLibHandle, 'SSLv3_method');
   _SslMethodTLSV1 := GetProcAddr(SSLLibHandle, 'TLSv1_method');
+  _SslMethodTLSV1_1 := GetProcAddr(SSLLibHandle, 'TLSv1_1_method');
+  _SslMethodTLSV1_2 := GetProcAddr(SSLLibHandle, 'TLSv1_2_method');
   _SslMethodV23 := GetProcAddr(SSLLibHandle, 'SSLv23_method');
   _SslCtxUsePrivateKey := GetProcAddr(SSLLibHandle, 'SSL_CTX_use_PrivateKey');
   _SslCtxUsePrivateKeyASN1 := GetProcAddr(SSLLibHandle, 'SSL_CTX_use_PrivateKey_ASN1');
@@ -4080,6 +4133,8 @@
   _SslMethodV2 := nil;
   _SslMethodV3 := nil;
   _SslMethodTLSV1 := nil;
+  _SslMethodTLSV1_1 := nil;
+  _SslMethodTLSV1_2 := nil;
   _SslMethodV23 := nil;
   _SslCtxUsePrivateKey := nil;
   _SslCtxUsePrivateKeyASN1 := nil;
openssl2.patch (6,396 bytes)

Michael Van Canneyt

2017-01-21 13:29

administrator   ~0097617

Applied, thank you very much!

Issue History

Date Modified Username Field Change
2017-01-17 16:29 Udo Schmal New Issue
2017-01-17 16:29 Udo Schmal File Added: openssl.patch
2017-01-17 18:07 Michael Van Canneyt Assigned To => Michael Van Canneyt
2017-01-17 18:07 Michael Van Canneyt Status new => assigned
2017-01-20 13:47 Udo Schmal Note Added: 0097608
2017-01-20 13:48 Udo Schmal File Added: openssl2.patch
2017-01-20 14:18 Udo Schmal Note Edited: 0097608 View Revisions
2017-01-21 13:29 Michael Van Canneyt Fixed in Revision => 35324
2017-01-21 13:29 Michael Van Canneyt Note Added: 0097617
2017-01-21 13:29 Michael Van Canneyt Status assigned => resolved
2017-01-21 13:29 Michael Van Canneyt Fixed in Version => 3.1.1
2017-01-21 13:29 Michael Van Canneyt Resolution open => fixed
2017-01-21 13:29 Michael Van Canneyt Target Version => 3.2.0