From af9396ed143e08a018641597b61f678b8a99811a Mon Sep 17 00:00:00 2001
From: Ren RenJuan <jdaugherty@noojuan.thoughtcrime.biz>
Date: Tue, 7 Jan 2014 18:58:20 +0000
Subject: [PATCH] Backout changes which SSL 1.0 forced. SSL 0.98 was always
 being used on dnseppus.mop.biz

---
 AusRegEPPTK/session/TLSContext.cpp | 34 ++++++++++++------------------
 1 file changed, 13 insertions(+), 21 deletions(-)

diff --git a/AusRegEPPTK/session/TLSContext.cpp b/AusRegEPPTK/session/TLSContext.cpp
index 517c4d6..de5cf85 100644
--- a/AusRegEPPTK/session/TLSContext.cpp
+++ b/AusRegEPPTK/session/TLSContext.cpp
@@ -8,14 +8,6 @@
 #include <unistd.h>
 #include <sys/socket.h>
 
-#if (PRODUCTION==1)
-#define sslCast
-#define sslUncast
-#else
-#define sslCast const
-#define sslUncast (SSL_CTX *)
-#endif
-
 using namespace std;
 
 namespace {
@@ -41,36 +33,36 @@ TLSContext::TLSContext(const string& private_key_file,
     SSL_load_error_strings();
     SSL_library_init();
 
-    sslCast SSL_METHOD *meth = TLSv1_client_method();
+     SSL_METHOD *meth = TLSv1_client_method();
     if (meth == NULL)
         throw SSLException("Error initialising SSL method");
     
     // SSL Context
-    sslCast SSL_CTX *local_ctx = SSL_CTX_new(meth);
+     SSL_CTX *local_ctx = SSL_CTX_new(meth);
     if (local_ctx == NULL)
     {
         throw SSLException ("Error initialising SSL context");
     }
     
     // SSL Ciphers
-    int i = SSL_CTX_set_cipher_list( sslUncast local_ctx, "TLSv1");
+    int i = SSL_CTX_set_cipher_list(  local_ctx, "TLSv1");
     if (i == -1)
     {
-        SSL_CTX_free( sslUncast local_ctx);
+        SSL_CTX_free(  local_ctx);
         throw SSLException(
                 "There was a problem initialising the SSL cipher list");
     }
 
-    SSL_CTX_set_default_passwd_cb_userdata( sslUncast local_ctx,
+    SSL_CTX_set_default_passwd_cb_userdata(  local_ctx,
             static_cast<void*>(const_cast<char*>(password.c_str())));
-    SSL_CTX_set_default_passwd_cb( sslUncast local_ctx, getPassword);
+    SSL_CTX_set_default_passwd_cb(  local_ctx, getPassword);
 
-    i = SSL_CTX_use_PrivateKey_file( sslUncast local_ctx,
+    i = SSL_CTX_use_PrivateKey_file(  local_ctx,
                                     private_key_file.c_str(),
                                     SSL_FILETYPE_PEM);
     if (i == -1)
     {
-        SSL_CTX_free( sslUncast local_ctx);
+        SSL_CTX_free(  local_ctx);
         throw SSLException(
                 "There was a problem initialising SSL the private key '"
                 + private_key_file + "'");
@@ -78,23 +70,23 @@ TLSContext::TLSContext(const string& private_key_file,
 
     // Load the public certificate for our key.
     // Replace with 
-    i = SSL_CTX_use_certificate_chain_file( sslUncast local_ctx, cert_file.c_str());
+    i = SSL_CTX_use_certificate_chain_file(  local_ctx, cert_file.c_str());
     if (i == -1)
     {
-        SSL_CTX_free( sslUncast local_ctx);
+        SSL_CTX_free(  local_ctx);
         throw SSLException("Error loading cert_file '" + cert_file + "'");
     }
 
     // Load the CA certificate(s)
-    i = SSL_CTX_load_verify_locations ( sslUncast local_ctx, ca_file.c_str(), NULL);
+    i = SSL_CTX_load_verify_locations (  local_ctx, ca_file.c_str(), NULL);
 
     if (i == -1)
     {
-        SSL_CTX_free( sslUncast local_ctx);
+        SSL_CTX_free(  local_ctx);
         throw EPPException ("Could not load CA file '" + ca_file +"'");
     }
 
-    ctx = sslUncast local_ctx;
+    ctx =  local_ctx;
 }