From e0d4c4c4d58a7cfd5e6f4fbc9e2e72830a1e43ad Mon Sep 17 00:00:00 2001
From: Jason Cox <jason@jasonacox.com>
Date: Sat, 30 Mar 2024 11:22:29 -0700
Subject: [PATCH] Fix SSLv3 support and warning #70

---
 archive/release-template.md                   | 16 ++++++++-----
 build.sh                                      | 11 +++++++--
 curl/libcurl-build.sh                         |  3 ++-
 curl/sslv3.patch                              |  2 +-
 .../iOS Test App/Base.lproj/Main.storyboard   | 24 ++++++++++++++-----
 example/iOS Test App/include/curl/curl.h      |  3 ++-
 example/iOS Test App/include/curl/curlver.h   | 10 ++++----
 .../include/openssl/configuration.h           |  6 -----
 8 files changed, 47 insertions(+), 28 deletions(-)

diff --git a/archive/release-template.md b/archive/release-template.md
index 5d05afa..4991b52 100644
--- a/archive/release-template.md
+++ b/archive/release-template.md
@@ -63,18 +63,22 @@ This directory contains the curl and openssl headers (in the `include` folder),
                 |__ tvos-arm64/
                 |__ tvos-arm64_x86_64-simulator/
 
+## Usage
+
 ## Usage
 
  1. Copy headers to your project.
- 2. Import appropriate libraries: "libssl.a", "libcrypto.a", "libcurl.a", "libnghttp2.a" *or*
-    **XCFrameworks Alternative**: Import appropriate *xcframework* folders into your project in Xcode.
+ 2.   Import **XCFrameworks**: Import appropriate *xcframework* folders into your project in Xcode.
+       Alternative: Import appropriate libraries: "libssl.a", "libcrypto.a", "libcurl.a", "libnghttp2.a"
  3. Reference Headers.
- 4. Specifying the flag  "-lz" in "Other Linker Flags" (OTHER_LDFLAGS) setting in the "Linking" section in the Build settings of the target.
+ 4. If required, specify the flag  "-lz" in "Other Linker Flags" (OTHER_LDFLAGS) setting in the "Linking" section in the Build settings of the target.
  5. Initialize curl in your code:
 
+```cpp
         #include <curl/curl.h>
 
-        - (void)foo {    
+        (void)foo {    
             CURL* cURL = curl_easy_init();  
-            ...  
-        }
\ No newline at end of file
+            // ...  
+        }
+```
diff --git a/build.sh b/build.sh
index f6cfed1..623b8fe 100755
--- a/build.sh
+++ b/build.sh
@@ -15,7 +15,7 @@ set -e
 
 #OPENSSL="1.1.1u"	# https://www.openssl.org/source/ 
 OPENSSL="3.0.13"	# https://www.openssl.org/source/ 
-LIBCURL="8.6.0"		# https://curl.haxx.se/download.html
+LIBCURL="8.7.1"		# https://curl.haxx.se/download.html
 NGHTTP2="1.60.0"	# https://nghttp2.org/
 
 ################################################
@@ -124,7 +124,14 @@ while getopts "o:c:n:u:s:t:i:a:debm3xh\?" o; do
 			CATALYST_IOS="${OPTARG}"
 			;;
 		3)
-       		sslv3="-3"
+       		echo "WARNING: SSLv3 is requested. SSLv3 is not secure and has been deprecated."
+			echo "If you proceed, builds may fail as SSLv3 is not supported by recent curl version."
+			read -p "Do you want to continue (y/N)? " choice
+			case "$choice" in 
+				y|Y ) echo "Continuing with SSLv3 build"; echo "";;
+				* ) echo "Exiting"; exit 1;;
+			esac
+			sslv3="-3"
 			;;
 		s)
 			IOS_MIN_SDK_VERSION="${OPTARG}"
diff --git a/curl/libcurl-build.sh b/curl/libcurl-build.sh
index 48d6544..e663267 100755
--- a/curl/libcurl-build.sh
+++ b/curl/libcurl-build.sh
@@ -538,7 +538,7 @@ if [ ! -e ${CURL_VERSION}.tar.gz ]; then
 	echo -e "${dim}Downloading ${CURL_VERSION}.tar.gz"
 	curl -LOs https://curl.haxx.se/download/${CURL_VERSION}.tar.gz
 else
-	echo -e"${dim}Using ${CURL_VERSION}.tar.gz"
+	echo -e "${dim}Using ${CURL_VERSION}.tar.gz"
 fi
 
 echo -e "${dim}Unpacking curl"
@@ -553,6 +553,7 @@ if [ ${FORCE_SSLV3} == 'yes' ]; then
 		sed -i '' '/version == CURL_SSLVERSION_SSLv3/d' "${CURL_VERSION}/lib/setopt.c"
 		patch --ignore-whitespace -N "${CURL_VERSION}/lib/vtls/openssl.c" sslv3.patch || true
 		# for command line
+		sed -i '' -e 's/warnf(global, \"Ignores instruction to use SSLv3\");/config->ssl_version = CURL_SSLVERSION_SSLv3;/g' "${CURL_VERSION}/src/tool_getparam.c"
 		sed -i '' -e 's/warnf(global, \"Ignores instruction to use SSLv3\\n\");/config->ssl_version = CURL_SSLVERSION_SSLv3;/g' "${CURL_VERSION}/src/tool_getparam.c"
 	fi
 fi
diff --git a/curl/sslv3.patch b/curl/sslv3.patch
index 7e40baf..7bacf4e 100644
--- a/curl/sslv3.patch
+++ b/curl/sslv3.patch
@@ -7,7 +7,7 @@
 -    failf(data, "No SSLv3 support");
 -    return CURLE_NOT_BUILT_IN;
 +    req_method = SSLv3_client_method();
-+    use_sni(FALSE);
++    /* use_sni(FALSE); */
 +    break;
    default:
      failf(data, "Unrecognized parameter passed via CURLOPT_SSLVERSION");
diff --git a/example/iOS Test App/iOS Test App/Base.lproj/Main.storyboard b/example/iOS Test App/iOS Test App/Base.lproj/Main.storyboard
index 721de28..722bde0 100644
--- a/example/iOS Test App/iOS Test App/Base.lproj/Main.storyboard	
+++ b/example/iOS Test App/iOS Test App/Base.lproj/Main.storyboard	
@@ -1,9 +1,10 @@
 <?xml version="1.0" encoding="UTF-8"?>
-<document type="com.apple.InterfaceBuilder3.CocoaTouch.Storyboard.XIB" version="3.0" toolsVersion="16097.3" targetRuntime="iOS.CocoaTouch" propertyAccessControl="none" useAutolayout="YES" useTraitCollections="YES" colorMatched="YES" initialViewController="BYZ-38-t0r">
+<document type="com.apple.InterfaceBuilder3.CocoaTouch.Storyboard.XIB" version="3.0" toolsVersion="32700.99.1234" targetRuntime="iOS.CocoaTouch" propertyAccessControl="none" useAutolayout="YES" useTraitCollections="YES" colorMatched="YES" initialViewController="BYZ-38-t0r">
     <device id="retina6_1" orientation="portrait" appearance="light"/>
     <dependencies>
         <deployment identifier="iOS"/>
-        <plugIn identifier="com.apple.InterfaceBuilder.IBCocoaTouchPlugin" version="16087"/>
+        <plugIn identifier="com.apple.InterfaceBuilder.IBCocoaTouchPlugin" version="22684"/>
+        <capability name="System colors in document resources" minToolsVersion="11.0"/>
         <capability name="documents saved in the Xcode 8 format" minToolsVersion="8.0"/>
     </dependencies>
     <scenes>
@@ -32,11 +33,11 @@
                                 <nil key="textColor"/>
                                 <nil key="highlightedColor"/>
                             </label>
-                            <button opaque="NO" contentMode="scaleToFill" fixedFrame="YES" contentHorizontalAlignment="center" contentVerticalAlignment="center" buttonType="roundedRect" lineBreakMode="middleTruncation" translatesAutoresizingMaskIntoConstraints="NO" id="4wA-r7-IzH">
+                            <button opaque="NO" contentMode="scaleToFill" fixedFrame="YES" contentHorizontalAlignment="center" contentVerticalAlignment="center" buttonType="system" lineBreakMode="middleTruncation" translatesAutoresizingMaskIntoConstraints="NO" id="4wA-r7-IzH">
                                 <rect key="frame" x="348" y="106" width="30" height="30"/>
                                 <autoresizingMask key="autoresizingMask" flexibleMinX="YES" flexibleMaxY="YES"/>
                                 <state key="normal" title="GET">
-                                    <color key="titleColor" cocoaTouchSystemColor="darkTextColor"/>
+                                    <color key="titleColor" systemColor="darkTextColor"/>
                                 </state>
                                 <connections>
                                     <action selector="Get:" destination="BYZ-38-t0r" eventType="touchUpInside" id="2Y9-vf-DgB"/>
@@ -45,12 +46,12 @@
                             <textView clipsSubviews="YES" contentMode="scaleToFill" fixedFrame="YES" alwaysBounceVertical="YES" showsHorizontalScrollIndicator="NO" textAlignment="natural" translatesAutoresizingMaskIntoConstraints="NO" id="cde-8a-gKJ">
                                 <rect key="frame" x="48" y="148" width="318" height="714"/>
                                 <autoresizingMask key="autoresizingMask" widthSizable="YES" heightSizable="YES"/>
-                                <color key="backgroundColor" systemColor="systemBackgroundColor" cocoaTouchSystemColor="whiteColor"/>
+                                <color key="backgroundColor" systemColor="systemBackgroundColor"/>
                                 <fontDescription key="fontDescription" type="system" pointSize="14"/>
                                 <textInputTraits key="textInputTraits" autocorrectionType="no" spellCheckingType="no"/>
                             </textView>
                         </subviews>
-                        <color key="backgroundColor" systemColor="systemGrayColor" red="0.5568627451" green="0.5568627451" blue="0.57647058819999997" alpha="1" colorSpace="custom" customColorSpace="sRGB"/>
+                        <color key="backgroundColor" systemColor="systemGrayColor"/>
                     </view>
                     <connections>
                         <outlet property="_appTitle" destination="Wnb-QK-GJr" id="XHy-jB-4Vb"/>
@@ -63,4 +64,15 @@
             <point key="canvasLocation" x="117.39130434782609" y="135.9375"/>
         </scene>
     </scenes>
+    <resources>
+        <systemColor name="darkTextColor">
+            <color white="0.0" alpha="1" colorSpace="custom" customColorSpace="genericGamma22GrayColorSpace"/>
+        </systemColor>
+        <systemColor name="systemBackgroundColor">
+            <color white="1" alpha="1" colorSpace="custom" customColorSpace="genericGamma22GrayColorSpace"/>
+        </systemColor>
+        <systemColor name="systemGrayColor">
+            <color red="0.55686274509803924" green="0.55686274509803924" blue="0.57647058823529407" alpha="1" colorSpace="custom" customColorSpace="sRGB"/>
+        </systemColor>
+    </resources>
 </document>
diff --git a/example/iOS Test App/include/curl/curl.h b/example/iOS Test App/include/curl/curl.h
index eb06022..b2377b7 100644
--- a/example/iOS Test App/include/curl/curl.h	
+++ b/example/iOS Test App/include/curl/curl.h	
@@ -2938,7 +2938,8 @@ typedef enum {
   CURLINFO_XFER_ID          = CURLINFO_OFF_T + 63,
   CURLINFO_CONN_ID          = CURLINFO_OFF_T + 64,
   CURLINFO_QUEUE_TIME_T     = CURLINFO_OFF_T + 65,
-  CURLINFO_LASTONE          = 65
+  CURLINFO_USED_PROXY       = CURLINFO_LONG + 66,
+  CURLINFO_LASTONE          = 66
 } CURLINFO;
 
 /* CURLINFO_RESPONSE_CODE is the new name for the option previously known as
diff --git a/example/iOS Test App/include/curl/curlver.h b/example/iOS Test App/include/curl/curlver.h
index 1e660cb..1993fb6 100644
--- a/example/iOS Test App/include/curl/curlver.h	
+++ b/example/iOS Test App/include/curl/curlver.h	
@@ -32,13 +32,13 @@
 
 /* This is the version number of the libcurl package from which this header
    file origins: */
-#define LIBCURL_VERSION "8.6.0"
+#define LIBCURL_VERSION "8.7.1"
 
 /* The numeric version number is also available "in parts" by using these
    defines: */
 #define LIBCURL_VERSION_MAJOR 8
-#define LIBCURL_VERSION_MINOR 6
-#define LIBCURL_VERSION_PATCH 0
+#define LIBCURL_VERSION_MINOR 7
+#define LIBCURL_VERSION_PATCH 1
 
 /* This is the numeric version of the libcurl version number, meant for easier
    parsing and comparisons by programs. The LIBCURL_VERSION_NUM define will
@@ -59,7 +59,7 @@
    CURL_VERSION_BITS() macro since curl's own configure script greps for it
    and needs it to contain the full number.
 */
-#define LIBCURL_VERSION_NUM 0x080600
+#define LIBCURL_VERSION_NUM 0x080701
 
 /*
  * This is the date and time when the full source package was created. The
@@ -70,7 +70,7 @@
  *
  * "2007-11-23"
  */
-#define LIBCURL_TIMESTAMP "2024-01-31"
+#define LIBCURL_TIMESTAMP "2024-03-27"
 
 #define CURL_VERSION_BITS(x,y,z) ((x)<<16|(y)<<8|(z))
 #define CURL_AT_LEAST_VERSION(x,y,z) \
diff --git a/example/iOS Test App/include/openssl/configuration.h b/example/iOS Test App/include/openssl/configuration.h
index c91bc46..ecb93eb 100644
--- a/example/iOS Test App/include/openssl/configuration.h	
+++ b/example/iOS Test App/include/openssl/configuration.h	
@@ -97,12 +97,6 @@ extern "C" {
 # ifndef OPENSSL_NO_SCTP
 #  define OPENSSL_NO_SCTP
 # endif
-# ifndef OPENSSL_NO_SSL3
-#  define OPENSSL_NO_SSL3
-# endif
-# ifndef OPENSSL_NO_SSL3_METHOD
-#  define OPENSSL_NO_SSL3_METHOD
-# endif
 # ifndef OPENSSL_NO_TRACE
 #  define OPENSSL_NO_TRACE
 # endif