Author: billbarker
Date: Wed Nov 4 02:25:05 2015
New Revision: 1712457
URL: http://svn.apache.org/viewvc?rev=1712457&view=rev
Log:
Forward port r1712199 align with OpenSSL master. Just deleted the SSLeay check
since any OS I know will raise an UnsatifiedLinkError if you try to load this
with such an old version when 1.0.2x is required. Otherwise no change if
compiling against 1.0.2x
Modified:
tomcat/native/trunk/native/src/ssl.c
tomcat/native/trunk/native/src/sslnetwork.c
tomcat/native/trunk/native/src/sslutils.c
Modified: tomcat/native/trunk/native/src/ssl.c
URL:
http://svn.apache.org/viewvc/tomcat/native/trunk/native/src/ssl.c?rev=1712457&r1=1712456&r2=1712457&view=diff
==============================================================================
--- tomcat/native/trunk/native/src/ssl.c (original)
+++ tomcat/native/trunk/native/src/ssl.c Wed Nov 4 02:25:05 2015
@@ -657,12 +657,7 @@ TCN_IMPLEMENT_CALL(jint, SSL, initialize
TCN_FREE_CSTRING(engine);
return (jint)APR_SUCCESS;
}
- if (SSLeay() < 0x0090700L) {
- TCN_FREE_CSTRING(engine);
- tcn_ThrowAPRException(e, APR_EINVAL);
- ssl_initialized = 0;
- return (jint)APR_EINVAL;
- }
+
/* We must register the library in full, to ensure our configuration
* code can successfully test the SSL environment.
*/
Modified: tomcat/native/trunk/native/src/sslnetwork.c
URL:
http://svn.apache.org/viewvc/tomcat/native/trunk/native/src/sslnetwork.c?rev=1712457&r1=1712456&r2=1712457&view=diff
==============================================================================
--- tomcat/native/trunk/native/src/sslnetwork.c (original)
+++ tomcat/native/trunk/native/src/sslnetwork.c Wed Nov 4 02:25:05 2015
@@ -650,6 +650,7 @@ TCN_IMPLEMENT_CALL(jint, SSLSocket, rene
#endif
return APR_EGENERAL;
}
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
SSL_set_state(con->ssl, SSL_ST_ACCEPT);
apr_socket_timeout_get(con->sock, &timeout);
@@ -669,14 +670,11 @@ TCN_IMPLEMENT_CALL(jint, SSLSocket, rene
break;
}
con->reneg_state = RENEG_REJECT;
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
+
if (SSL_get_state(con->ssl) != SSL_ST_OK) {
-#else
- if (SSL_get_state(con->ssl) != TLS_ST_OK) {
-#endif
return APR_EGENERAL;
}
-
+#endif
return APR_SUCCESS;
}
Modified: tomcat/native/trunk/native/src/sslutils.c
URL:
http://svn.apache.org/viewvc/tomcat/native/trunk/native/src/sslutils.c?rev=1712457&r1=1712456&r2=1712457&view=diff
==============================================================================
--- tomcat/native/trunk/native/src/sslutils.c (original)
+++ tomcat/native/trunk/native/src/sslutils.c Wed Nov 4 02:25:05 2015
@@ -246,7 +246,11 @@ int SSL_CTX_use_certificate_chain(SSL_CT
unsigned long err;
int n;
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
if ((bio = BIO_new(BIO_s_file_internal())) == NULL)
+#else
+ if ((bio = BIO_new(BIO_s_file())) == NULL)
+#endif
return -1;
if (BIO_read_filename(bio, file) <= 0) {
BIO_free(bio);
@@ -548,9 +552,11 @@ void SSL_callback_handshake(const SSL *s
if ((where & SSL_CB_ACCEPT_LOOP) && con->reneg_state == RENEG_REJECT) {
int state = SSL_get_state(ssl);
- if (state == SSL3_ST_SR_CLNT_HELLO_A
#if OPENSSL_VERSION_NUMBER < 0x10100000L
+ if (state == SSL3_ST_SR_CLNT_HELLO_A
|| state == SSL23_ST_SR_CLNT_HELLO_A
+#else
+ if (state == TLS_ST_SR_CLNT_HELLO
#endif
) {
con->reneg_state = RENEG_ABORT;
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
