/[Apache-SVN]
ViewVC logotype

Revision 1750819

Jump to revision: Previous Next
Author: rhuijben
Date: Thu Jun 30 15:45:07 2016 UTC (7 years, 11 months ago)
Changed paths: 10
Log Message: 
Merge to 1.3.x the equivalent of r1748673 by applying the
Patch by: James McCoy <jamessan{_AT_}debian.org>

Adapt to OpenSSL 1.1.x API changes.

OpenSSL 1.1.x makes various types opaque, requiring the use of
accessors, and rewrote the state machine describing the handshake
process.  Of particular interest to serf are the BIO, BIO_METHOD, and
X509_STORE types.

* buckets/ssl_buckets.c
  (): New USE_OPENSSL_1_1_API define
  (): New X509_STORE_get0_param() define for use with pre-1.1.x OpenSSL
  (bio_set_data, bio_get_data): New functions to abstract access to
    the BIO data.
  (bio_bucket_read, bio_bucket_write, bio_file_read, bio_file_write,
   bio_file_gets): Use bio_get_data.
  (bio_bucket_create): Use BIO accessor functions when available.
  (bio_meth_bucket_new, bio_meth_file_new): New functions to abstract
    creation of BIO_METHOD.  With OpenSSL 1.1.x or newer, the BIO_meth_*
    functions are used to allocate a new BIO_METOD and set the
    callbacks, otherwise the pointers to the statically defined structs
    are used.
  (init_ssl_libraries): Exclude threading code when OpenSSL 1.1.x is in
    use since OpenSSL now handles this appropriately without users of
    the library setting up locking functions.
  (ssl_need_client_cert, ssl_init_context): Use new bio_meth_*_new
    functions to provide the BIO_METHOD* to BIO_new().  Also use the
    bio_set_data function to set the data for the callback.

* test/server/test_sslserver.c
  (): New USE_OPENSSL_1_1_API define
  (bio_set_data, bio_get_data): New functions to abstract access to
    the BIO data.
  (bio_apr_socket_read, bio_apr_socket_write): Use bio_get_data.
  (bio_apr_socket_create): Use BIO accessor functions when available.
  (bio_meth_apr_socket_new): New function to abstract creation of
    BIO_METHOD.  With OpenSSL 1.1.x or newer, the BIO_meth_* functions
    are used to allocate a new BIO_METOD and set the callbacks,
    otherwise the pointer to the statically defined struct is used.
  (validate_client_certificate): Use new bio_meth_apr_socket_new
    function to provide the BIO_METHOD* to BIO_new().  Also use the
    bio_set_data function to set the data for the callback.

Changed paths

Path Details
Directoryserf/branches/1.3.x/ modified , props changed
Directoryserf/branches/1.3.x/buckets/ssl_buckets.c modified , text changed
Directoryserf/branches/1.3.x/test/server/serfcacert.pem modified , props changed
Directoryserf/branches/1.3.x/test/server/serfclientcert.p12 modified , props changed
Directoryserf/branches/1.3.x/test/server/serfrootcacert.pem modified , props changed
Directoryserf/branches/1.3.x/test/server/serfserver_expired_cert.pem modified , props changed
Directoryserf/branches/1.3.x/test/server/serfserver_future_cert.pem modified , props changed
Directoryserf/branches/1.3.x/test/server/serfservercert.pem modified , props changed
Directoryserf/branches/1.3.x/test/server/serfserverkey.pem modified , props changed
Directoryserf/branches/1.3.x/test/server/test_sslserver.c modified , text changed
infrastructure at apache.org
 ViewVC Help
Powered by ViewVC 1.1.26