You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@serf.apache.org by ko...@apache.org on 2023/05/18 09:33:55 UTC
svn commit: r1909904 - in /serf/branches/1.3.x: ./ SConstruct STATUS buckets/ssl_buckets.c test/server/test_sslserver.c test/test_ssl.c
Author: kotkov
Date: Thu May 18 09:33:55 2023
New Revision: 1909904
URL: http://svn.apache.org/viewvc?rev=1909904&view=rev
Log:
On the '1.3.x' branch: Merge the r1909252 group from trunk:
* r1909252, r1909385, r1909406, r1909413, r1909433
Do not use OpenSSL functions that operate with FILE to avoid potential CRT
versions mismatch. Use BIO based functions instead.
Justification:
Avoids a potential source of CRT versions mismatch. Removes a dependency
on openssl/applink.c.
Branch: ^/serf/branches/1.3.x-r1909252-group
Votes:
+1: kotkov, ivan
Modified:
serf/branches/1.3.x/ (props changed)
serf/branches/1.3.x/SConstruct
serf/branches/1.3.x/STATUS
serf/branches/1.3.x/buckets/ssl_buckets.c
serf/branches/1.3.x/test/server/test_sslserver.c
serf/branches/1.3.x/test/test_ssl.c
Propchange: serf/branches/1.3.x/
------------------------------------------------------------------------------
Merged /serf/trunk:r1909252,1909385,1909406,1909413,1909433
Merged /serf/branches/1.3.x-r1909252-group:r1909407-1909903
Modified: serf/branches/1.3.x/SConstruct
URL: http://svn.apache.org/viewvc/serf/branches/1.3.x/SConstruct?rev=1909904&r1=1909903&r2=1909904&view=diff
==============================================================================
--- serf/branches/1.3.x/SConstruct (original)
+++ serf/branches/1.3.x/SConstruct Thu May 18 09:33:55 2023
@@ -277,7 +277,10 @@ if sys.platform != 'win32':
env.Append(PLATFORM='posix')
else:
# Warning level 4, no unused argument warnings
- env.Append(CCFLAGS=['/W4', '/wd4100'])
+ env.Append(CCFLAGS=['/W4',
+ '/wd4100', # Unused argument
+ '/we4013', # 'function' undefined; assuming extern returning int
+ ])
# Choose runtime and optimization
if debug:
@@ -301,6 +304,9 @@ SOURCES = Glob('*.c') + Glob('buckets/*.
lib_static = env.StaticLibrary(LIBNAMESTATIC, SOURCES)
lib_shared = env.SharedLibrary(LIBNAME, SOURCES + SHARED_SOURCES)
+# Define OPENSSL_NO_STDIO to prevent using _fp() API.
+env.Append(CPPDEFINES=['OPENSSL_NO_STDIO'])
+
if aprstatic:
env.Append(CPPDEFINES=['APR_DECLARE_STATIC', 'APU_DECLARE_STATIC'])
Modified: serf/branches/1.3.x/STATUS
URL: http://svn.apache.org/viewvc/serf/branches/1.3.x/STATUS?rev=1909904&r1=1909903&r2=1909904&view=diff
==============================================================================
--- serf/branches/1.3.x/STATUS (original)
+++ serf/branches/1.3.x/STATUS Thu May 18 09:33:55 2023
@@ -35,16 +35,6 @@ Candidate changes:
this point for the 1.3.x branch
- Seems to only be required for LibreSSL, not OpenSSL)
- * r1909252, r1909385, r1909406, r1909413, r1909433
- Do not use OpenSSL functions that operate with FILE to avoid potential CRT
- versions mismatch. Use BIO based functions instead.
- Justification:
- Avoids a potential source of CRT versions mismatch. Removes a dependency
- on openssl/applink.c.
- Branch: ^/serf/branches/1.3.x-r1909252-group
- Votes:
- +1: kotkov, ivan
-
Veto-blocked changes:
=====================
Modified: serf/branches/1.3.x/buckets/ssl_buckets.c
URL: http://svn.apache.org/viewvc/serf/branches/1.3.x/buckets/ssl_buckets.c?rev=1909904&r1=1909903&r2=1909904&view=diff
==============================================================================
--- serf/branches/1.3.x/buckets/ssl_buckets.c (original)
+++ serf/branches/1.3.x/buckets/ssl_buckets.c Thu May 18 09:33:55 2023
@@ -1551,11 +1551,11 @@ apr_status_t serf_ssl_load_cert_file(
const char *file_path,
apr_pool_t *pool)
{
- FILE *fp = fopen(file_path, "r");
+ BIO *bio = BIO_new_file(file_path, "r");
- if (fp) {
- X509 *ssl_cert = PEM_read_X509(fp, NULL, NULL, NULL);
- fclose(fp);
+ if (bio) {
+ X509 *ssl_cert = PEM_read_bio_X509(bio, NULL, NULL, NULL);
+ BIO_free(bio);
if (ssl_cert) {
*cert = apr_palloc(pool, sizeof(serf_ssl_certificate_t));
Modified: serf/branches/1.3.x/test/server/test_sslserver.c
URL: http://svn.apache.org/viewvc/serf/branches/1.3.x/test/server/test_sslserver.c?rev=1909904&r1=1909903&r2=1909904&view=diff
==============================================================================
--- serf/branches/1.3.x/test/server/test_sslserver.c (original)
+++ serf/branches/1.3.x/test/server/test_sslserver.c Thu May 18 09:33:55 2023
@@ -44,6 +44,11 @@ typedef struct ssl_context_t {
} ssl_context_t;
+static int err_file_print_cb(const char *str, size_t len, void *bp)
+{
+ return fwrite(str, 1, len, bp);
+}
+
static int pem_passwd_cb(char *buf, int size, int rwflag, void *userdata)
{
strncpy(buf, "serftest", size);
@@ -275,10 +280,10 @@ init_ssl_context(serv_ctx_t *serv_ctx,
store = SSL_CTX_get_cert_store(ssl_ctx->ctx);
while(certfile) {
- FILE *fp = fopen(certfile, "r");
- if (fp) {
- X509 *ssl_cert = PEM_read_X509(fp, NULL, NULL, NULL);
- fclose(fp);
+ BIO *bio = BIO_new_file(certfile, "r");
+ if (bio) {
+ X509 *ssl_cert = PEM_read_bio_X509(bio, NULL, NULL, NULL);
+ BIO_free(bio);
SSL_CTX_add_extra_chain_cert(ssl_ctx->ctx, ssl_cert);
@@ -379,7 +384,7 @@ static apr_status_t ssl_handshake(serv_c
return serv_ctx->bio_read_status; /* Usually APR_EAGAIN */
default:
serf__log(TEST_VERBOSE, __FILE__, "SSL Error %d: ", ssl_err);
- ERR_print_errors_fp(stderr);
+ ERR_print_errors_cb(err_file_print_cb, stderr);
serf__log_nopref(TEST_VERBOSE, "\n");
return SERF_ERROR_ISSUE_IN_TESTSUITE;
}
@@ -435,7 +440,7 @@ ssl_socket_read(serv_ctx_t *serv_ctx, ch
*len = 0;
serf__log(TEST_VERBOSE, __FILE__,
"ssl_socket_read SSL Error %d: ", ssl_err);
- ERR_print_errors_fp(stderr);
+ ERR_print_errors_cb(err_file_print_cb, stderr);
serf__log_nopref(TEST_VERBOSE, "\n");
return SERF_ERROR_ISSUE_IN_TESTSUITE;
}
Modified: serf/branches/1.3.x/test/test_ssl.c
URL: http://svn.apache.org/viewvc/serf/branches/1.3.x/test/test_ssl.c?rev=1909904&r1=1909903&r2=1909904&view=diff
==============================================================================
--- serf/branches/1.3.x/test/test_ssl.c (original)
+++ serf/branches/1.3.x/test/test_ssl.c Thu May 18 09:33:55 2023
@@ -28,12 +28,6 @@
#include "test_serf.h"
-#if defined(WIN32) && defined(_DEBUG)
-/* Include this file to allow running a Debug build of serf with a Release
- build of OpenSSL. */
-#include <openssl/applink.c>
-#endif
-
/* Test setting up the openssl library. */
static void test_ssl_init(CuTest *tc)
{