You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@httpd.apache.org by "MATHIHALLI,MADHUSUDAN (HP-Cupertino,ex1)" <ma...@hp.com> on 2002/10/22 20:04:35 UTC
[PATCH]Question - regarding modssl_PEM_read_bio_X509
I thought modssl_PEM_read_bio_X509 should cover the following cases for
OpenSSL API :
#if (SSL_LIBRARY_VERSION < 0x00904000)
#define modssl_PEM_read_bio_X509 SOME WAY
#else
#define modssl_PEM_read_bio_X509 OTHER WAY
#endif
The following patch does something similar, and also changes one other place
in ssl_util_ssl.c where PEM_read_bio_X509 was still being used.
-Madhu
Index: ssl_toolkit_compat.h
===================================================================
RCS file: /home/cvspublic/httpd-2.0/modules/ssl/ssl_toolkit_compat.h,v
retrieving revision 1.25
diff -u -r1.25 ssl_toolkit_compat.h
--- ssl_toolkit_compat.h 21 Aug 2002 19:12:46 -0000 1.25
+++ ssl_toolkit_compat.h 22 Oct 2002 18:01:44 -0000
@@ -97,7 +97,11 @@
#define modssl_X509_verify_cert X509_verify_cert
-#define modssl_PEM_read_bio_X509 PEM_read_bio_X509
+#if (SSL_LIBRARY_VERSION < 0x00904000)
+#define modssl_PEM_read_bio_X509(b, x, cb, arg) PEM_read_bio_X509(b, x, cb)
+#else
+#define modssl_PEM_read_bio_X509(b, x, cb, arg) PEM_read_bio_X509(b, x, cb,
arg)
+#endif
Index: ssl_util_ssl.c
===================================================================
RCS file: /home/cvspublic/httpd-2.0/modules/ssl/ssl_util_ssl.c,v
retrieving revision 1.21
diff -u -r1.21 ssl_util_ssl.c
--- ssl_util_ssl.c 15 Sep 2002 00:00:48 -0000 1.21
+++ ssl_util_ssl.c 22 Oct 2002 17:59:00 -0000
@@ -519,11 +519,7 @@
}
/* create new extra chain by loading the certs */
n = 0;
-#if SSL_LIBRARY_VERSION < 0x00904000
- while ((x509 = PEM_read_bio_X509(bio, NULL, cb)) != NULL) {
-#else
- while ((x509 = PEM_read_bio_X509(bio, NULL, cb, NULL)) != NULL) {
-#endif
+ while ((x509 = modssl_PEM_read_bio_X509(bio, NULL, cb, NULL)) != NULL)
{
if (!SSL_CTX_add_extra_chain_cert(ctx, x509)) {
X509_free(x509);
BIO_free(bio);
Re: [PATCH]Question - regarding modssl_PEM_read_bio_X509
Posted by Jeff Trawick <tr...@attglobal.net>.
"MATHIHALLI,MADHUSUDAN (HP-Cupertino,ex1)" <ma...@hp.com> writes:
> -#define modssl_PEM_read_bio_X509 PEM_read_bio_X509
> +#if (SSL_LIBRARY_VERSION < 0x00904000)
> +#define modssl_PEM_read_bio_X509(b, x, cb, arg) PEM_read_bio_X509(b, x, cb)
> +#else
> +#define modssl_PEM_read_bio_X509(b, x, cb, arg) PEM_read_bio_X509(b, x, cb,
> arg)
> +#endif
I had to change the patch to look at OPENSSL_VERSION_NUMBER instead of
SSL_LIBRARY_VERSION...
this section of ssl_toolkit_compat.h has the former defined but not
the latter... mod_ssl wouldn't compile for me without this change...
>
> The following patch does something similar, and also changes one other place
> in ssl_util_ssl.c where PEM_read_bio_X509 was still being used.
fyi... your patch wouldn't apply because of some wrapped lines...
e-mail client setting on line wrap incorrect?
patch committed!
--
Jeff Trawick | trawick@attglobal.net
Born in Roswell... married an alien...