This is an automated email from the ASF dual-hosted git repository. michaelo pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/tomcat-native.git
The following commit(s) were added to refs/heads/master by this push: new 51f949d Add support for SLContext.addChainCertificateRaw() with LibreSSL 2.9.1 and up 51f949d is described below commit 51f949dc6e0b6e4e27972b8ba2d0a2626fc3c1c5 Author: Michael Osipov <micha...@apache.org> AuthorDate: Tue May 12 10:58:06 2020 +0200 Add support for SLContext.addChainCertificateRaw() with LibreSSL 2.9.1 and up In libressl-portable/openbsd:0db809ee17 support was added for SSL_CTX_add0_chain_cert() and alike which were included in OpenBSD 6.5 base as well as LibreSSL 2.9.1 and up. This now makes TestSSLHostConfigCompat pass successfully with LibreSSL. --- native/src/sslcontext.c | 2 +- xdocs/miscellaneous/changelog.xml | 4 ++++ 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/native/src/sslcontext.c b/native/src/sslcontext.c index 1d584f7..f10b55e 100644 --- a/native/src/sslcontext.c +++ b/native/src/sslcontext.c @@ -1262,7 +1262,7 @@ TCN_IMPLEMENT_CALL(jboolean, SSLContext, addChainCertificateRaw)(TCN_STDARGS, jl ERR_error_string(SSL_ERR_get(), err); tcn_Throw(e, "Error reading certificate (%s)", err); rv = JNI_FALSE; -#if defined(LIBRESSL_VERSION_NUMBER) +#if defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x20901000L } else { tcn_Throw(e, "Unable to use Java keystores with LibreSSL"); #else diff --git a/xdocs/miscellaneous/changelog.xml b/xdocs/miscellaneous/changelog.xml index 71cfd86..68ce2f4 100644 --- a/xdocs/miscellaneous/changelog.xml +++ b/xdocs/miscellaneous/changelog.xml @@ -45,6 +45,10 @@ <fix> Disable keylog callback support for LibreSSL. (michaelo) </fix> + <add> + Add support for <code>SSLContext.addChainCertificateRaw()</code> with + LibreSSL 2.9.1 and up. (michaelo) + </add> </changelog> </section> <section name="Changes in 1.2.24"> --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org