mirror of
https://github.com/moparisthebest/curl
synced 2024-08-13 17:03:50 -04:00
openssl: Fix compilation with OPENSSL_API_COMPAT=0x10100000L
With OPENSSL_API_COMPAT=0x10100000L (OpenSSL 1.1 API), the cleanup functions are unavailable (they're no-ops anyway in OpenSSL 1.1). The replacements for SSL_load_error_strings, SSLeay_add_ssl_algorithms, and OpenSSL_add_all_algorithms are called automatically [1][2]. SSLeay() is now called OpenSSL_version_num(). [1]: https://www.openssl.org/docs/man1.1.0/ssl/OPENSSL_init_ssl.html [2]: https://www.openssl.org/docs/man1.1.0/crypto/OPENSSL_init_crypto.html Closes #992
This commit is contained in:
parent
72abf4f59e
commit
4af389353a
@ -95,11 +95,6 @@
|
|||||||
|
|
||||||
#if (OPENSSL_VERSION_NUMBER >= 0x10000000L)
|
#if (OPENSSL_VERSION_NUMBER >= 0x10000000L)
|
||||||
#define HAVE_ERR_REMOVE_THREAD_STATE 1
|
#define HAVE_ERR_REMOVE_THREAD_STATE 1
|
||||||
#if (OPENSSL_VERSION_NUMBER >= 0x10100004L) && \
|
|
||||||
!defined(LIBRESSL_VERSION_NUMBER)
|
|
||||||
/* OpenSSL 1.1.0 deprecates the function */
|
|
||||||
#define HAVE_ERR_REMOVE_THREAD_STATE_DEPRECATED 1
|
|
||||||
#endif
|
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
#if !defined(HAVE_SSLV2_CLIENT_METHOD) || \
|
#if !defined(HAVE_SSLV2_CLIENT_METHOD) || \
|
||||||
@ -110,7 +105,6 @@
|
|||||||
|
|
||||||
#if (OPENSSL_VERSION_NUMBER >= 0x10100000L) && /* OpenSSL 1.1.0+ */ \
|
#if (OPENSSL_VERSION_NUMBER >= 0x10100000L) && /* OpenSSL 1.1.0+ */ \
|
||||||
!defined(LIBRESSL_VERSION_NUMBER)
|
!defined(LIBRESSL_VERSION_NUMBER)
|
||||||
#define SSLeay_add_ssl_algorithms() SSL_library_init()
|
|
||||||
#define SSLEAY_VERSION_NUMBER OPENSSL_VERSION_NUMBER
|
#define SSLEAY_VERSION_NUMBER OPENSSL_VERSION_NUMBER
|
||||||
#define HAVE_X509_GET0_EXTENSIONS 1 /* added in 1.1.0 -pre1 */
|
#define HAVE_X509_GET0_EXTENSIONS 1 /* added in 1.1.0 -pre1 */
|
||||||
#define HAVE_OPAQUE_EVP_PKEY 1 /* since 1.1.0 -pre3 */
|
#define HAVE_OPAQUE_EVP_PKEY 1 /* since 1.1.0 -pre3 */
|
||||||
@ -120,8 +114,11 @@
|
|||||||
#else
|
#else
|
||||||
/* For OpenSSL before 1.1.0 */
|
/* For OpenSSL before 1.1.0 */
|
||||||
#define ASN1_STRING_get0_data(x) ASN1_STRING_data(x)
|
#define ASN1_STRING_get0_data(x) ASN1_STRING_data(x)
|
||||||
|
#define X509_get0_notBefore(x) X509_get_notBefore(x)
|
||||||
|
#define X509_get0_notAfter(x) X509_get_notAfter(x)
|
||||||
#define CONST_EXTS /* nope */
|
#define CONST_EXTS /* nope */
|
||||||
#define CONST_ASN1_BIT_STRING /* nope */
|
#define CONST_ASN1_BIT_STRING /* nope */
|
||||||
|
#define OpenSSL_version_num() SSLeay()
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
#if (OPENSSL_VERSION_NUMBER >= 0x1000200fL) && /* 1.0.2 or later */ \
|
#if (OPENSSL_VERSION_NUMBER >= 0x1000200fL) && /* 1.0.2 or later */ \
|
||||||
@ -718,6 +715,10 @@ int Curl_ossl_init(void)
|
|||||||
CONF_MFLAGS_DEFAULT_SECTION|
|
CONF_MFLAGS_DEFAULT_SECTION|
|
||||||
CONF_MFLAGS_IGNORE_MISSING_FILE);
|
CONF_MFLAGS_IGNORE_MISSING_FILE);
|
||||||
|
|
||||||
|
#if (OPENSSL_VERSION_NUMBER >= 0x10100000L) && \
|
||||||
|
!defined(LIBRESSL_VERSION_NUMBER)
|
||||||
|
/* OpenSSL 1.1.0+ takes care of initialization itself */
|
||||||
|
#else
|
||||||
/* Lets get nice error messages */
|
/* Lets get nice error messages */
|
||||||
SSL_load_error_strings();
|
SSL_load_error_strings();
|
||||||
|
|
||||||
@ -726,6 +727,7 @@ int Curl_ossl_init(void)
|
|||||||
return 0;
|
return 0;
|
||||||
|
|
||||||
OpenSSL_add_all_algorithms();
|
OpenSSL_add_all_algorithms();
|
||||||
|
#endif
|
||||||
|
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
@ -733,6 +735,11 @@ int Curl_ossl_init(void)
|
|||||||
/* Global cleanup */
|
/* Global cleanup */
|
||||||
void Curl_ossl_cleanup(void)
|
void Curl_ossl_cleanup(void)
|
||||||
{
|
{
|
||||||
|
#if (OPENSSL_VERSION_NUMBER >= 0x10100000L) && \
|
||||||
|
!defined(LIBRESSL_VERSION_NUMBER)
|
||||||
|
/* OpenSSL 1.1 deprecates all these cleanup functions and
|
||||||
|
turns them into no-ops in OpenSSL 1.0 compatibility mode */
|
||||||
|
#else
|
||||||
/* Free ciphers and digests lists */
|
/* Free ciphers and digests lists */
|
||||||
EVP_cleanup();
|
EVP_cleanup();
|
||||||
|
|
||||||
@ -750,9 +757,7 @@ void Curl_ossl_cleanup(void)
|
|||||||
ERR_free_strings();
|
ERR_free_strings();
|
||||||
|
|
||||||
/* Free thread local error state, destroying hash upon zero refcount */
|
/* Free thread local error state, destroying hash upon zero refcount */
|
||||||
#ifdef HAVE_ERR_REMOVE_THREAD_STATE_DEPRECATED
|
#ifdef HAVE_ERR_REMOVE_THREAD_STATE
|
||||||
|
|
||||||
#elif defined(HAVE_ERR_REMOVE_THREAD_STATE)
|
|
||||||
ERR_remove_thread_state(NULL);
|
ERR_remove_thread_state(NULL);
|
||||||
#else
|
#else
|
||||||
ERR_remove_state(0);
|
ERR_remove_state(0);
|
||||||
@ -764,6 +769,7 @@ void Curl_ossl_cleanup(void)
|
|||||||
#ifdef HAVE_SSL_COMP_FREE_COMPRESSION_METHODS
|
#ifdef HAVE_SSL_COMP_FREE_COMPRESSION_METHODS
|
||||||
SSL_COMP_free_compression_methods();
|
SSL_COMP_free_compression_methods();
|
||||||
#endif
|
#endif
|
||||||
|
#endif
|
||||||
}
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
@ -2446,10 +2452,10 @@ static CURLcode get_cert_chain(struct connectdata *conn,
|
|||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
ASN1_TIME_print(mem, X509_get_notBefore(x));
|
ASN1_TIME_print(mem, X509_get0_notBefore(x));
|
||||||
push_certinfo("Start date", i);
|
push_certinfo("Start date", i);
|
||||||
|
|
||||||
ASN1_TIME_print(mem, X509_get_notAfter(x));
|
ASN1_TIME_print(mem, X509_get0_notAfter(x));
|
||||||
push_certinfo("Expire date", i);
|
push_certinfo("Expire date", i);
|
||||||
|
|
||||||
pubkey = X509_get_pubkey(x);
|
pubkey = X509_get_pubkey(x);
|
||||||
@ -2702,12 +2708,12 @@ static CURLcode servercert(struct connectdata *conn,
|
|||||||
buffer, BUFSIZE);
|
buffer, BUFSIZE);
|
||||||
infof(data, " subject: %s\n", rc?"[NONE]":buffer);
|
infof(data, " subject: %s\n", rc?"[NONE]":buffer);
|
||||||
|
|
||||||
ASN1_TIME_print(mem, X509_get_notBefore(connssl->server_cert));
|
ASN1_TIME_print(mem, X509_get0_notBefore(connssl->server_cert));
|
||||||
len = BIO_get_mem_data(mem, (char **) &ptr);
|
len = BIO_get_mem_data(mem, (char **) &ptr);
|
||||||
infof(data, " start date: %.*s\n", len, ptr);
|
infof(data, " start date: %.*s\n", len, ptr);
|
||||||
rc = BIO_reset(mem);
|
rc = BIO_reset(mem);
|
||||||
|
|
||||||
ASN1_TIME_print(mem, X509_get_notAfter(connssl->server_cert));
|
ASN1_TIME_print(mem, X509_get0_notAfter(connssl->server_cert));
|
||||||
len = BIO_get_mem_data(mem, (char **) &ptr);
|
len = BIO_get_mem_data(mem, (char **) &ptr);
|
||||||
infof(data, " expire date: %.*s\n", len, ptr);
|
infof(data, " expire date: %.*s\n", len, ptr);
|
||||||
rc = BIO_reset(mem);
|
rc = BIO_reset(mem);
|
||||||
@ -3146,7 +3152,7 @@ size_t Curl_ossl_version(char *buffer, size_t size)
|
|||||||
unsigned long ssleay_value;
|
unsigned long ssleay_value;
|
||||||
sub[2]='\0';
|
sub[2]='\0';
|
||||||
sub[1]='\0';
|
sub[1]='\0';
|
||||||
ssleay_value=SSLeay();
|
ssleay_value=OpenSSL_version_num();
|
||||||
if(ssleay_value < 0x906000) {
|
if(ssleay_value < 0x906000) {
|
||||||
ssleay_value=SSLEAY_VERSION_NUMBER;
|
ssleay_value=SSLEAY_VERSION_NUMBER;
|
||||||
sub[0]='\0';
|
sub[0]='\0';
|
||||||
|
Loading…
Reference in New Issue
Block a user