On the 1.3.x-sslbuild branch: Merge from 1.3.x, resovling conflicts.
The only merge conflict was due to the introduction of the
bio_file_ctrl() function in buckets/ssl_buckets.c.
git-svn-id: https://svn.apache.org/repos/asf/serf/branches/1.3.x-sslbuild@1910116 13f79535-47bb-0310-9956-ffa450edef68
diff --git a/SConstruct b/SConstruct
index a96a94d..e745b00 100644
--- a/SConstruct
+++ b/SConstruct
@@ -396,6 +396,21 @@
env.Append(LIBPATH=['$OPENSSL/lib'])
+# Check for OpenSSL functions which are only available in some of
+# the versions we support. Also handles forks like LibreSSL.
+conf = Configure(env)
+if not conf.CheckFunc('BIO_set_init'):
+ env.Append(CPPDEFINES=['SERF_NO_SSL_BIO_WRAPPERS'])
+if not conf.CheckFunc('X509_STORE_get0_param'):
+ env.Append(CPPDEFINES=['SERF_NO_SSL_X509_STORE_WRAPPERS'])
+if conf.CheckFunc('CRYPTO_set_locking_callback'):
+ env.Append(CPPDEFINES=['SERF_HAVE_SSL_LOCKING_CALLBACKS'])
+if conf.CheckFunc('OPENSSL_malloc_init'):
+ env.Append(CPPDEFINES=['SERF_HAVE_OPENSSL_MALLOC_INIT'])
+if conf.CheckFunc('SSL_set_alpn_protos'):
+ env.Append(CPPDEFINES=['SERF_HAVE_OPENSSL_ALPN'])
+env = conf.Finish()
+
# If build with gssapi, get its information and define SERF_HAVE_GSSAPI
if gssapi and CALLOUT_OKAY:
env.ParseConfig('$GSSAPI --cflags gssapi')
diff --git a/buckets/ssl_buckets.c b/buckets/ssl_buckets.c
index 9d68bf8..f9c7a5b 100644
--- a/buckets/ssl_buckets.c
+++ b/buckets/ssl_buckets.c
@@ -52,8 +52,8 @@
#define APR_ARRAY_PUSH(ary,type) (*((type *)apr_array_push(ary)))
#endif
-#if defined(OPENSSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER >= 0x10100000L
-#define USE_OPENSSL_1_1_API
+#ifdef SERF_NO_SSL_X509_STORE_WRAPPERS
+#define X509_STORE_get0_param(store) ((store)->param)
#endif
@@ -243,7 +243,7 @@
static void bio_set_data(BIO *bio, void *data)
{
-#ifdef USE_OPENSSL_1_1_API
+#ifndef SERF_NO_SSL_BIO_WRAPPERS
BIO_set_data(bio, data);
#else
bio->ptr = data;
@@ -252,7 +252,7 @@
static void *bio_get_data(BIO *bio)
{
-#ifdef USE_OPENSSL_1_1_API
+#ifndef SERF_NO_SSL_BIO_WRAPPERS
return BIO_get_data(bio);
#else
return bio->ptr;
@@ -389,7 +389,7 @@
static int bio_bucket_create(BIO *bio)
{
-#ifdef USE_OPENSSL_1_1_API
+#ifndef SERF_NO_SSL_BIO_WRAPPERS
BIO_set_shutdown(bio, 1);
BIO_set_init(bio, 1);
BIO_set_data(bio, NULL);
@@ -454,7 +454,7 @@
}
}
-#ifndef USE_OPENSSL_1_1_API
+#ifdef SERF_NO_SSL_BIO_WRAPPERS
static BIO_METHOD bio_bucket_method = {
BIO_TYPE_MEM,
"Serf SSL encryption and decryption buckets",
@@ -490,7 +490,7 @@
{
BIO_METHOD *biom = NULL;
-#ifdef USE_OPENSSL_1_1_API
+#ifndef SERF_NO_SSL_BIO_WRAPPERS
biom = BIO_meth_new(BIO_TYPE_MEM,
"Serf SSL encryption and decryption buckets");
if (biom) {
@@ -511,15 +511,16 @@
{
BIO_METHOD *biom = NULL;
-#ifdef USE_OPENSSL_1_1_API
- biom = BIO_meth_new(BIO_TYPE_FILE,
- "Wrapper around APR file structures");
- BIO_meth_set_write(biom, bio_file_write);
- BIO_meth_set_read(biom, bio_file_read);
- BIO_meth_set_gets(biom, bio_file_gets);
- BIO_meth_set_ctrl(biom, bio_file_ctrl);
- BIO_meth_set_create(biom, bio_bucket_create);
- BIO_meth_set_destroy(biom, bio_bucket_destroy);
+#ifndef SERF_NO_SSL_BIO_WRAPPERS
+ biom = BIO_meth_new(BIO_TYPE_FILE, "Wrapper around APR file structures");
+ if (biom) {
+ BIO_meth_set_write(biom, bio_file_write);
+ BIO_meth_set_read(biom, bio_file_read);
+ BIO_meth_set_gets(biom, bio_file_gets);
+ BIO_meth_set_ctrl(biom, bio_file_ctrl);
+ BIO_meth_set_create(biom, bio_bucket_create);
+ BIO_meth_set_destroy(biom, bio_bucket_destroy);
+ }
#else
biom = &bio_file_method;
#endif
@@ -529,7 +530,7 @@
static void bio_meth_free(BIO_METHOD *biom)
{
-#ifdef USE_OPENSSL_1_1_API
+#ifndef SERF_NO_SSL_BIO_WRAPPERS
BIO_meth_free(biom);
#endif
}
@@ -1082,7 +1083,7 @@
return status;
}
-#if APR_HAS_THREADS && !defined(USE_OPENSSL_1_1_API)
+#if APR_HAS_THREADS && defined(SERF_HAVE_SSL_LOCKING_CALLBACKS)
static apr_pool_t *ssl_pool;
static apr_thread_mutex_t **ssl_locks;
@@ -1169,7 +1170,7 @@
val = apr_atomic_cas32(&have_init_ssl, INIT_BUSY, INIT_UNINITIALIZED);
if (!val) {
-#if APR_HAS_THREADS && !defined(USE_OPENSSL_1_1_API)
+#if APR_HAS_THREADS && defined(SERF_HAVE_SSL_LOCKING_CALLBACKS)
int i, numlocks;
#endif
@@ -1186,7 +1187,7 @@
}
#endif
-#ifdef USE_OPENSSL_1_1_API
+#ifdef SERF_HAVE_OPENSSL_MALLOC_INIT
OPENSSL_malloc_init();
#else
CRYPTO_malloc_init();
@@ -1196,7 +1197,7 @@
SSL_library_init();
OpenSSL_add_all_algorithms();
-#if APR_HAS_THREADS && !defined(USE_OPENSSL_1_1_API)
+#if APR_HAS_THREADS && defined(SERF_HAVE_SSL_LOCKING_CALLBACKS)
numlocks = CRYPTO_num_locks();
apr_pool_create(&ssl_pool, NULL);
ssl_locks = apr_palloc(ssl_pool, sizeof(apr_thread_mutex_t*)*numlocks);
diff --git a/test/server/test_sslserver.c b/test/server/test_sslserver.c
index 19cb18a..f533147 100644
--- a/test/server/test_sslserver.c
+++ b/test/server/test_sslserver.c
@@ -27,10 +27,6 @@
#include <openssl/ssl.h>
#include <openssl/err.h>
-#if defined(OPENSSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER >= 0x10100000L
-#define USE_OPENSSL_1_1_API
-#endif
-
static int init_done = 0;
typedef struct ssl_context_t {
@@ -58,7 +54,7 @@
static void bio_set_data(BIO *bio, void *data)
{
-#ifdef USE_OPENSSL_1_1_API
+#ifndef SERF_NO_SSL_BIO_WRAPPERS
BIO_set_data(bio, data);
#else
bio->ptr = data;
@@ -67,7 +63,7 @@
static void *bio_get_data(BIO *bio)
{
-#ifdef USE_OPENSSL_1_1_API
+#ifndef SERF_NO_SSL_BIO_WRAPPERS
return BIO_get_data(bio);
#else
return bio->ptr;
@@ -76,7 +72,7 @@
static int bio_apr_socket_create(BIO *bio)
{
-#ifdef USE_OPENSSL_1_1_API
+#ifndef SERF_NO_SSL_BIO_WRAPPERS
BIO_set_shutdown(bio, 1);
BIO_set_init(bio, 1);
BIO_set_data(bio, NULL);
@@ -190,7 +186,7 @@
{
BIO_METHOD *biom = NULL;
-#ifdef USE_OPENSSL_1_1_API
+#ifndef SERF_NO_SSL_BIO_WRAPPERS
biom = BIO_meth_new(BIO_TYPE_SOCKET, "APR sockets");
if (biom) {
BIO_meth_set_write(biom, bio_apr_socket_write);
@@ -239,7 +235,7 @@
/* Init OpenSSL globally */
if (!init_done)
{
-#ifdef USE_OPENSSL_1_1_API
+#ifdef SERF_HAVE_OPENSSL_MALLOC_INIT
OPENSSL_malloc_init();
#else
CRYPTO_malloc_init();
@@ -458,7 +454,7 @@
if (ssl_ctx) {
if (ssl_ctx->ssl) {
SSL_clear(ssl_ctx->ssl);
-#ifdef USE_OPENSSL_1_1_API
+#ifndef SERF_NO_SSL_BIO_WRAPPERS
BIO_meth_free(ssl_ctx->biom);
#endif
}