You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by rj...@apache.org on 2016/03/20 15:23:06 UTC
svn commit: r1735883 - in /httpd/httpd/trunk/modules/ssl:
ssl_engine_kernel.c ssl_engine_vars.c ssl_private.h ssl_scache.c
ssl_util_ssl.c ssl_util_ssl.h
Author: rjung
Date: Sun Mar 20 14:23:06 2016
New Revision: 1735883
URL: http://svn.apache.org/viewvc?rev=1735883&view=rev
Log:
Support for OpenSSL 1.1.0:
- The callback function passed to
SSL_CTX_sess_set_get_cb() now needs the
session id argument to be const.
So constify the session id.
Modified:
httpd/httpd/trunk/modules/ssl/ssl_engine_kernel.c
httpd/httpd/trunk/modules/ssl/ssl_engine_vars.c
httpd/httpd/trunk/modules/ssl/ssl_private.h
httpd/httpd/trunk/modules/ssl/ssl_scache.c
httpd/httpd/trunk/modules/ssl/ssl_util_ssl.c
httpd/httpd/trunk/modules/ssl/ssl_util_ssl.h
Modified: httpd/httpd/trunk/modules/ssl/ssl_engine_kernel.c
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/ssl/ssl_engine_kernel.c?rev=1735883&r1=1735882&r2=1735883&view=diff
==============================================================================
--- httpd/httpd/trunk/modules/ssl/ssl_engine_kernel.c (original)
+++ httpd/httpd/trunk/modules/ssl/ssl_engine_kernel.c Sun Mar 20 14:23:06 2016
@@ -1841,7 +1841,7 @@ int ssl_callback_proxy_cert(SSL *ssl, X5
static void ssl_session_log(server_rec *s,
const char *request,
- unsigned char *id,
+ IDCONST unsigned char *id,
unsigned int idlen,
const char *status,
const char *result,
@@ -1881,7 +1881,7 @@ int ssl_callback_NewSessionCacheEntry(SS
SSLSrvConfigRec *sc = mySrvConfig(s);
long timeout = sc->session_cache_timeout;
BOOL rc;
- unsigned char *id;
+ IDCONST unsigned char *id;
unsigned int idlen;
/*
@@ -1925,7 +1925,7 @@ int ssl_callback_NewSessionCacheEntry(SS
* of our other Apache pre-forked server processes.
*/
SSL_SESSION *ssl_callback_GetSessionCacheEntry(SSL *ssl,
- unsigned char *id,
+ IDCONST unsigned char *id,
int idlen, int *do_copy)
{
/* Get Apache context back through OpenSSL context */
@@ -1964,7 +1964,7 @@ void ssl_callback_DelSessionCacheEntry(S
{
server_rec *s;
SSLSrvConfigRec *sc;
- unsigned char *id;
+ IDCONST unsigned char *id;
unsigned int idlen;
/*
Modified: httpd/httpd/trunk/modules/ssl/ssl_engine_vars.c
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/ssl/ssl_engine_vars.c?rev=1735883&r1=1735882&r2=1735883&view=diff
==============================================================================
--- httpd/httpd/trunk/modules/ssl/ssl_engine_vars.c (original)
+++ httpd/httpd/trunk/modules/ssl/ssl_engine_vars.c Sun Mar 20 14:23:06 2016
@@ -438,7 +438,7 @@ static char *ssl_var_lookup_ssl(apr_pool
char buf[MODSSL_SESSION_ID_STRING_LEN];
SSL_SESSION *pSession = SSL_get_session(ssl);
if (pSession) {
- unsigned char *id;
+ IDCONST unsigned char *id;
unsigned int idlen;
#ifdef OPENSSL_NO_SSL_INTERN
Modified: httpd/httpd/trunk/modules/ssl/ssl_private.h
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/ssl/ssl_private.h?rev=1735883&r1=1735882&r2=1735883&view=diff
==============================================================================
--- httpd/httpd/trunk/modules/ssl/ssl_private.h (original)
+++ httpd/httpd/trunk/modules/ssl/ssl_private.h Sun Mar 20 14:23:06 2016
@@ -166,6 +166,13 @@
#endif /* if OPENSSL_VERSION_NUMBER < 0x10100000L */
#endif /* if !defined(OPENSSL_NO_OCSP) && defined(SSL_CTX_set_tlsext_status_cb) */
+/* session id constness */
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
+#define IDCONST
+#else
+#define IDCONST const
+#endif
+
/* TLS session tickets */
#if defined(SSL_CTX_set_tlsext_ticket_key_cb)
#define HAVE_TLS_SESSION_TICKETS
@@ -803,7 +810,7 @@ int ssl_callback_SSLVerify(int,
int ssl_callback_SSLVerify_CRL(int, X509_STORE_CTX *, conn_rec *);
int ssl_callback_proxy_cert(SSL *ssl, X509 **x509, EVP_PKEY **pkey);
int ssl_callback_NewSessionCacheEntry(SSL *, SSL_SESSION *);
-SSL_SESSION *ssl_callback_GetSessionCacheEntry(SSL *, unsigned char *, int, int *);
+SSL_SESSION *ssl_callback_GetSessionCacheEntry(SSL *, IDCONST unsigned char *, int, int *);
void ssl_callback_DelSessionCacheEntry(SSL_CTX *, SSL_SESSION *);
void ssl_callback_Info(const SSL *, int, int);
#ifdef HAVE_TLSEXT
@@ -824,10 +831,10 @@ int ssl_callback_alpn_select(SSL *ssl, c
apr_status_t ssl_scache_init(server_rec *, apr_pool_t *);
void ssl_scache_status_register(apr_pool_t *p);
void ssl_scache_kill(server_rec *);
-BOOL ssl_scache_store(server_rec *, UCHAR *, int,
+BOOL ssl_scache_store(server_rec *, IDCONST UCHAR *, int,
apr_time_t, SSL_SESSION *, apr_pool_t *);
-SSL_SESSION *ssl_scache_retrieve(server_rec *, UCHAR *, int, apr_pool_t *);
-void ssl_scache_remove(server_rec *, UCHAR *, int,
+SSL_SESSION *ssl_scache_retrieve(server_rec *, IDCONST UCHAR *, int, apr_pool_t *);
+void ssl_scache_remove(server_rec *, IDCONST UCHAR *, int,
apr_pool_t *);
/** OCSP Stapling Support */
Modified: httpd/httpd/trunk/modules/ssl/ssl_scache.c
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/ssl/ssl_scache.c?rev=1735883&r1=1735882&r2=1735883&view=diff
==============================================================================
--- httpd/httpd/trunk/modules/ssl/ssl_scache.c (original)
+++ httpd/httpd/trunk/modules/ssl/ssl_scache.c Sun Mar 20 14:23:06 2016
@@ -110,7 +110,7 @@ void ssl_scache_kill(server_rec *s)
}
-BOOL ssl_scache_store(server_rec *s, UCHAR *id, int idlen,
+BOOL ssl_scache_store(server_rec *s, IDCONST UCHAR *id, int idlen,
apr_time_t expiry, SSL_SESSION *sess,
apr_pool_t *p)
{
@@ -144,7 +144,7 @@ BOOL ssl_scache_store(server_rec *s, UCH
return rv == APR_SUCCESS ? TRUE : FALSE;
}
-SSL_SESSION *ssl_scache_retrieve(server_rec *s, UCHAR *id, int idlen,
+SSL_SESSION *ssl_scache_retrieve(server_rec *s, IDCONST UCHAR *id, int idlen,
apr_pool_t *p)
{
SSLModConfigRec *mc = myModConfig(s);
@@ -173,7 +173,7 @@ SSL_SESSION *ssl_scache_retrieve(server_
return d2i_SSL_SESSION(NULL, &ptr, destlen);
}
-void ssl_scache_remove(server_rec *s, UCHAR *id, int idlen,
+void ssl_scache_remove(server_rec *s, IDCONST UCHAR *id, int idlen,
apr_pool_t *p)
{
SSLModConfigRec *mc = myModConfig(s);
Modified: httpd/httpd/trunk/modules/ssl/ssl_util_ssl.c
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/ssl/ssl_util_ssl.c?rev=1735883&r1=1735882&r2=1735883&view=diff
==============================================================================
--- httpd/httpd/trunk/modules/ssl/ssl_util_ssl.c (original)
+++ httpd/httpd/trunk/modules/ssl/ssl_util_ssl.c Sun Mar 20 14:23:06 2016
@@ -488,7 +488,7 @@ EC_GROUP *ssl_ec_GetParamFromFile(const
** _________________________________________________________________
*/
-char *modssl_SSL_SESSION_id2sz(unsigned char *id, int idlen,
+char *modssl_SSL_SESSION_id2sz(IDCONST unsigned char *id, int idlen,
char *str, int strsize)
{
if (idlen > SSL_MAX_SSL_SESSION_ID_LENGTH)
Modified: httpd/httpd/trunk/modules/ssl/ssl_util_ssl.h
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/ssl/ssl_util_ssl.h?rev=1735883&r1=1735882&r2=1735883&view=diff
==============================================================================
--- httpd/httpd/trunk/modules/ssl/ssl_util_ssl.h (original)
+++ httpd/httpd/trunk/modules/ssl/ssl_util_ssl.h Sun Mar 20 14:23:06 2016
@@ -71,7 +71,7 @@ char *modssl_X509_NAME_ENTRY_to_st
char *modssl_X509_NAME_to_string(apr_pool_t *, X509_NAME *, int);
BOOL modssl_X509_getSAN(apr_pool_t *, X509 *, int, const char *, int, apr_array_header_t **);
BOOL modssl_X509_match_name(apr_pool_t *, X509 *, const char *, BOOL, server_rec *);
-char *modssl_SSL_SESSION_id2sz(unsigned char *, int, char *, int);
+char *modssl_SSL_SESSION_id2sz(IDCONST unsigned char *, int, char *, int);
#endif /* __SSL_UTIL_SSL_H__ */
/** @} */