From 624478c73d59ce4d4d0b231c91b1481925f0080d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Sl=C3=A1vek=20Banko?= <slavek.banko@axis.cz>
Date: Thu, 6 Apr 2017 04:40:26 +0200
Subject: kcontrol/crypto: Disable SSLv3, if is not supported by OpenSSL
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Slávek Banko <slavek.banko@axis.cz>
---
 kcontrol/crypto/crypto.cpp | 23 ++++++++++++++++++++++-
 1 file changed, 22 insertions(+), 1 deletion(-)

diff --git a/kcontrol/crypto/crypto.cpp b/kcontrol/crypto/crypto.cpp
index 8da5c99d4..55536b21e 100644
--- a/kcontrol/crypto/crypto.cpp
+++ b/kcontrol/crypto/crypto.cpp
@@ -885,6 +885,10 @@ void KCryptoConfig::load( bool useDefaults )
 
   config->setGroup("SSLv3");
   mUseSSLv3->setChecked(config->readBoolEntry("Enabled", true));
+#if defined(OPENSSL_NO_SSL3)
+  mUseSSLv3->setChecked(false);
+  mUseSSLv3->setEnabled(false);
+#endif
 
   config->setGroup("Warnings");
   mWarnOnEnter->setChecked(config->readBoolEntry("OnEnter", false));
@@ -938,7 +942,11 @@ void KCryptoConfig::load( bool useDefaults )
 #else
   SSLv2Box->setEnabled( mUseSSLv2->isChecked() );
 #endif
+#if defined(OPENSSL_NO_SSL3)
+  SSLv3Box->setEnabled( false );
+#else
   SSLv3Box->setEnabled( mUseSSLv3->isChecked() );
+#endif
 
   TQStringList groups = policies->groupList();
 
@@ -1038,7 +1046,8 @@ void KCryptoConfig::load( bool useDefaults )
 void KCryptoConfig::save()
 {
 #ifdef HAVE_SSL
-  if (!mUseSSLv2->isChecked() &&
+  if (!mUseTLS->isChecked() &&
+      !mUseSSLv2->isChecked() &&
       !mUseSSLv3->isChecked())
     KMessageBox::information(this, i18n("If you do not select at least one"
                                        " SSL algorithm, either SSL will not"
@@ -1057,7 +1066,11 @@ void KCryptoConfig::save()
 #endif
 
   config->setGroup("SSLv3");
+#if defined(OPENSSL_NO_SSL3)
+  config->writeEntry("Enabled", false);
+#else
   config->writeEntry("Enabled", mUseSSLv3->isChecked());
+#endif
 
   config->setGroup("Warnings");
   config->writeEntry("OnEnter", mWarnOnEnter->isChecked());
@@ -1298,7 +1311,11 @@ void KCryptoConfig::cwCompatible() {
 #else
   mUseSSLv2->setChecked(true);
 #endif
+#if defined(OPENSSL_NO_SSL3)
+  mUseSSLv3->setChecked(false);
+#else
   mUseSSLv3->setChecked(true);
+#endif
   configChanged();
   #endif
 }
@@ -1359,7 +1376,11 @@ void KCryptoConfig::cwAll() {
 #else
   mUseSSLv2->setChecked(true);
 #endif
+#if defined(OPENSSL_NO_SSL3)
+  mUseSSLv3->setChecked(false);
+#else
   mUseSSLv3->setChecked(true);
+#endif
   configChanged();
   #endif
 }
-- 
cgit v1.2.3