Author: stsp
Date: Fri Feb 3 11:44:40 2017
New Revision: 1781542
URL: http://svn.apache.org/viewvc?rev=1781542&view=rev
Log:
Create a 1.3.x branch which backports SSL build fixes from r1775239-r1781240.
Added:
serf/branches/1.3.x-sslbuild/ (props changed)
- copied from r1781540, serf/branches/1.3.x/
Modified:
serf/branches/1.3.x-sslbuild/SConstruct
serf/branches/1.3.x-sslbuild/buckets/ssl_buckets.c
Propchange: serf/branches/1.3.x-sslbuild/
------------------------------------------------------------------------------
--- svn:ignore (added)
+++ svn:ignore Fri Feb 3 11:44:40 2017
@@ -0,0 +1,12 @@
+*.os
+.gdb_history
+Debug
+Release
+.sconsign.dblite
+.sconf_temp
+config.log
+.saved_config
+serf-1.pc
+libserf-1.dylib
+serf-2.pc
+libserf-2.dylib
Propchange: serf/branches/1.3.x-sslbuild/
------------------------------------------------------------------------------
--- svn:mergeinfo (added)
+++ svn:mergeinfo Fri Feb 3 11:44:40 2017
@@ -0,0 +1,4 @@
+/serf/branches/1.3.x:1699925,1699931
+/serf/branches/multiple_ssl_impls:1699382
+/serf/branches/windows-sspi:1698866-1698877
+/serf/trunk:1699516-1699518,1699520-1699522,1699528,1699530-1699535,1699537,1699539-1699543,1699548-1699549,1699553,1699555-1699556,1699559-1699560,1699563-1699565,1699567-1699570,1699572-1699573,1699578-1699580,1699582-1699597,1699599-1699602,1699607,1699610,1699613,1699615-1699618,1699622-1699623,1699626-1699627,1699633,1699637,1699642,1699645,1699647,1699649-1699650,1699652,1699654-1699655,1699659-1699665,1699671,1699674,1699680-1699683,1699687-1699688,1699690,1699692-1699694,1699698-1699700,1699702,1699707-1699708,1699712-1699716,1699720,1699724,1699728,1699730,1699733,1699762,1699770,1699773,1699777,1699780-1699781,1699791,1699798,1699800-1699801,1699817,1699819,1699838,1699843,1699846,1699850,1699852,1699858-1699859,1699861,1699873,1699881,1699884,1699902-1699903,1699906,1699924,1699926-1699927,1699930,1699932,1699936-1699937,1699941,1699944,1699948-1699950,1699954,1699957,1699964,1699973,1699975,1699985-1699987,1699993-1699994,1700031,1700062,1700128,1700149,1700234,1700236,1
700246,1700270,1700650,1700830,1702096,1702221,1702264,1703624,1704725,1708849,1709155-1709156,1709296,1748673,1757829,1758190,1758193,1775239-1781240
Propchange: serf/branches/1.3.x-sslbuild/
------------------------------------------------------------------------------
tsvn:logwidthmarker = 78
Modified: serf/branches/1.3.x-sslbuild/SConstruct
URL:
http://svn.apache.org/viewvc/serf/branches/1.3.x-sslbuild/SConstruct?rev=1781542&r1=1781540&r2=1781542&view=diff
==============================================================================
--- serf/branches/1.3.x-sslbuild/SConstruct (original)
+++ serf/branches/1.3.x-sslbuild/SConstruct Fri Feb 3 11:44:40 2017
@@ -374,6 +374,21 @@ else:
env.Append(LIBPATH=['$OPENSSL/lib'])
+# Check for OpenSSL functions which are only available in some of
+# the versions we support. Also handles forks like LibreSSL.
+conf = Configure(env)
+if not conf.CheckFunc('BIO_set_init'):
+ env.Append(CPPDEFINES=['SERF_NO_SSL_BIO_WRAPPERS'])
+if not conf.CheckFunc('X509_STORE_get0_param'):
+ env.Append(CPPDEFINES=['SERF_NO_SSL_X509_STORE_WRAPPERS'])
+if conf.CheckFunc('CRYPTO_set_locking_callback'):
+ env.Append(CPPDEFINES=['SERF_HAVE_SSL_LOCKING_CALLBACKS'])
+if conf.CheckFunc('OPENSSL_malloc_init'):
+ env.Append(CPPDEFINES=['SERF_HAVE_OPENSSL_MALLOC_INIT'])
+if conf.CheckFunc('SSL_set_alpn_protos'):
+ env.Append(CPPDEFINES=['SERF_HAVE_OPENSSL_ALPN'])
+env = conf.Finish()
+
# If build with gssapi, get its information and define SERF_HAVE_GSSAPI
if gssapi and CALLOUT_OKAY:
env.ParseConfig('$GSSAPI --cflags gssapi')
Modified: serf/branches/1.3.x-sslbuild/buckets/ssl_buckets.c
URL:
http://svn.apache.org/viewvc/serf/branches/1.3.x-sslbuild/buckets/ssl_buckets.c?rev=1781542&r1=1781540&r2=1781542&view=diff
==============================================================================
--- serf/branches/1.3.x-sslbuild/buckets/ssl_buckets.c (original)
+++ serf/branches/1.3.x-sslbuild/buckets/ssl_buckets.c Fri Feb 3 11:44:40 2017
@@ -52,8 +52,8 @@
#define APR_ARRAY_PUSH(ary,type) (*((type *)apr_array_push(ary)))
#endif
-#if defined(OPENSSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER >= 0x10100000L
-#define USE_OPENSSL_1_1_API
+#ifdef SERF_NO_SSL_X509_STORE_WRAPPERS
+#define X509_STORE_get0_param(store) ((store)->param)
#endif
@@ -239,7 +239,7 @@ apps_ssl_info_callback(const SSL *s, int
static void bio_set_data(BIO *bio, void *data)
{
-#ifdef USE_OPENSSL_1_1_API
+#ifndef SERF_NO_SSL_BIO_WRAPPERS
BIO_set_data(bio, data);
#else
bio->ptr = data;
@@ -248,7 +248,7 @@ static void bio_set_data(BIO *bio, void
static void *bio_get_data(BIO *bio)
{
-#ifdef USE_OPENSSL_1_1_API
+#ifndef SERF_NO_SSL_BIO_WRAPPERS
return BIO_get_data(bio);
#else
return bio->ptr;
@@ -381,7 +381,7 @@ static int bio_file_gets(BIO *bio, char
static int bio_bucket_create(BIO *bio)
{
-#ifdef USE_OPENSSL_1_1_API
+#ifndef SERF_NO_SSL_BIO_WRAPPERS
BIO_set_shutdown(bio, 1);
BIO_set_init(bio, 1);
BIO_set_data(bio, NULL);
@@ -424,7 +424,7 @@ static long bio_bucket_ctrl(BIO *bio, in
return ret;
}
-#ifndef USE_OPENSSL_1_1_API
+#ifdef SERF_NO_SSL_BIO_WRAPPERS
static BIO_METHOD bio_bucket_method = {
BIO_TYPE_MEM,
"Serf SSL encryption and decryption buckets",
@@ -460,7 +460,7 @@ static BIO_METHOD *bio_meth_bucket_new(v
{
BIO_METHOD *biom = NULL;
-#ifdef USE_OPENSSL_1_1_API
+#ifndef SERF_NO_SSL_BIO_WRAPPERS
biom = BIO_meth_new(BIO_TYPE_MEM,
"Serf SSL encryption and decryption buckets");
if (biom) {
@@ -481,15 +481,16 @@ static BIO_METHOD *bio_meth_file_new(voi
{
BIO_METHOD *biom = NULL;
-#ifdef USE_OPENSSL_1_1_API
- biom = BIO_meth_new(BIO_TYPE_FILE,
- "Wrapper around APR file structures");
- BIO_meth_set_write(biom, bio_file_write);
- BIO_meth_set_read(biom, bio_file_read);
- BIO_meth_set_gets(biom, bio_file_gets);
- BIO_meth_set_ctrl(biom, bio_bucket_ctrl);
- BIO_meth_set_create(biom, bio_bucket_create);
- BIO_meth_set_destroy(biom, bio_bucket_destroy);
+#ifndef SERF_NO_SSL_BIO_WRAPPERS
+ biom = BIO_meth_new(BIO_TYPE_FILE, "Wrapper around APR file structures");
+ if (biom) {
+ BIO_meth_set_write(biom, bio_file_write);
+ BIO_meth_set_read(biom, bio_file_read);
+ BIO_meth_set_gets(biom, bio_file_gets);
+ BIO_meth_set_ctrl(biom, bio_bucket_ctrl);
+ BIO_meth_set_create(biom, bio_bucket_create);
+ BIO_meth_set_destroy(biom, bio_bucket_destroy);
+ }
#else
biom = &bio_file_method;
#endif
@@ -499,7 +500,7 @@ static BIO_METHOD *bio_meth_file_new(voi
static void bio_meth_free(BIO_METHOD *biom)
{
-#ifdef USE_OPENSSL_1_1_API
+#ifndef SERF_NO_SSL_BIO_WRAPPERS
BIO_meth_free(biom);
#endif
}
@@ -1052,7 +1053,7 @@ static apr_status_t ssl_encrypt(void *ba
return status;
}
-#if APR_HAS_THREADS && !defined(USE_OPENSSL_1_1_API)
+#if APR_HAS_THREADS && defined(SERF_HAVE_SSL_LOCKING_CALLBACKS)
static apr_pool_t *ssl_pool;
static apr_thread_mutex_t **ssl_locks;
@@ -1139,7 +1140,7 @@ static void init_ssl_libraries(void)
val = apr_atomic_cas32(&have_init_ssl, INIT_BUSY, INIT_UNINITIALIZED);
if (!val) {
-#if APR_HAS_THREADS && !defined(USE_OPENSSL_1_1_API)
+#if APR_HAS_THREADS && defined(SERF_HAVE_SSL_LOCKING_CALLBACKS)
int i, numlocks;
#endif
@@ -1156,7 +1157,7 @@ static void init_ssl_libraries(void)
}
#endif
-#ifdef USE_OPENSSL_1_1_API
+#ifdef SERF_HAVE_OPENSSL_MALLOC_INIT
OPENSSL_malloc_init();
#else
CRYPTO_malloc_init();
@@ -1166,7 +1167,7 @@ static void init_ssl_libraries(void)
SSL_library_init();
OpenSSL_add_all_algorithms();
-#if APR_HAS_THREADS && !defined(USE_OPENSSL_1_1_API)
+#if APR_HAS_THREADS && defined(SERF_HAVE_SSL_LOCKING_CALLBACKS)
numlocks = CRYPTO_num_locks();
apr_pool_create(&ssl_pool, NULL);
ssl_locks = apr_palloc(ssl_pool, sizeof(apr_thread_mutex_t*)*numlocks);
