Author: billbarker
Date: Fri Sep 25 01:22:42 2015
New Revision: 1705204
URL: http://svn.apache.org/viewvc?rev=1705204&view=rev
Log:
Bring code up to date with OpenSSL master. Will port to trunk after I see how
Gump does with the changes
Modified:
tomcat/native/branches/1.1.x/native/src/sslinfo.c
tomcat/native/branches/1.1.x/native/src/sslutils.c
Modified: tomcat/native/branches/1.1.x/native/src/sslinfo.c
URL:
http://svn.apache.org/viewvc/tomcat/native/branches/1.1.x/native/src/sslinfo.c?rev=1705204&r1=1705203&r2=1705204&view=diff
==============================================================================
--- tomcat/native/branches/1.1.x/native/src/sslinfo.c (original)
+++ tomcat/native/branches/1.1.x/native/src/sslinfo.c Fri Sep 25 01:22:42 2015
@@ -393,14 +393,22 @@ TCN_IMPLEMENT_CALL(jstring, SSLSocket, g
}
break;
case SSL_INFO_CLIENT_A_SIG:
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
nid = OBJ_obj2nid((ASN1_OBJECT
*)xs->cert_info->signature->algorithm);
+#else
+ nid = X509_get_signature_nid(xs);
+#endif
if (nid == NID_undef)
value = tcn_new_string(e, "UNKNOWN");
else
value = tcn_new_string(e, OBJ_nid2ln(nid));
break;
case SSL_INFO_CLIENT_A_KEY:
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
nid = OBJ_obj2nid((ASN1_OBJECT
*)xs->cert_info->key->algor->algorithm);
+#else
+ nid = OBJ_obj2nid((ASN1_OBJECT
*)(X509_get_X509_PUBKEY(xs)->algor->algorithm));
+#endif
if (nid == NID_undef)
value = tcn_new_string(e, "UNKNOWN");
else
@@ -442,14 +450,22 @@ TCN_IMPLEMENT_CALL(jstring, SSLSocket, g
}
break;
case SSL_INFO_SERVER_A_SIG:
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
nid = OBJ_obj2nid((ASN1_OBJECT
*)xs->cert_info->signature->algorithm);
+#else
+ nid = X509_get_signature_nid(xs);
+#endif
if (nid == NID_undef)
value = tcn_new_string(e, "UNKNOWN");
else
value = tcn_new_string(e, OBJ_nid2ln(nid));
break;
case SSL_INFO_SERVER_A_KEY:
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
nid = OBJ_obj2nid((ASN1_OBJECT
*)xs->cert_info->key->algor->algorithm);
+#else
+ nid = OBJ_obj2nid((ASN1_OBJECT
*)(X509_get_X509_PUBKEY(xs)->algor->algorithm));
+#endif
if (nid == NID_undef)
value = tcn_new_string(e, "UNKNOWN");
else
Modified: tomcat/native/branches/1.1.x/native/src/sslutils.c
URL:
http://svn.apache.org/viewvc/tomcat/native/branches/1.1.x/native/src/sslutils.c?rev=1705204&r1=1705203&r2=1705204&view=diff
==============================================================================
--- tomcat/native/branches/1.1.x/native/src/sslutils.c (original)
+++ tomcat/native/branches/1.1.x/native/src/sslutils.c Fri Sep 25 01:22:42 2015
@@ -405,7 +405,11 @@ static int ssl_verify_CRL(int ok, X509_S
X509_REVOKED *revoked =
sk_X509_REVOKED_value(X509_CRL_get_REVOKED(crl), i);
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
ASN1_INTEGER *sn = revoked->serialNumber;
+#else
+ ASN1_INTEGER *sn = X509_REVOKED_get0_serialNumber(revoked);
+#endif
if (!ASN1_INTEGER_cmp(sn, X509_get_serialNumber(cert))) {
X509_STORE_CTX_set_error(ctx, X509_V_ERR_CERT_REVOKED);
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
