You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@thrift.apache.org by je...@apache.org on 2021/05/27 21:13:21 UTC
[thrift] branch master updated: fix D build,
with D lang openssl 2.0.3 Client: d Patch: mingwugmail
This is an automated email from the ASF dual-hosted git repository.
jensg pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/thrift.git
The following commit(s) were added to refs/heads/master by this push:
new 4abc5cf fix D build, with D lang openssl 2.0.3 Client: d Patch: mingwugmail <mi...@gmail.com>
4abc5cf is described below
commit 4abc5cfb4b3dea54484ca49a584b472a7373f3c5
Author: mingwugmail <mi...@gmail.com>
AuthorDate: Wed May 26 00:38:22 2021 +0200
fix D build, with D lang openssl 2.0.3
Client: d
Patch: mingwugmail <mi...@gmail.com>
This closes #2397
---
dub.json | 25 +++++++++++++++++++++----
lib/d/Makefile.am | 4 ++--
lib/d/src/thrift/internal/ssl.d | 19 +++++++++++++++++--
3 files changed, 40 insertions(+), 8 deletions(-)
diff --git a/dub.json b/dub.json
index af76afc..72b7fbc 100644
--- a/dub.json
+++ b/dub.json
@@ -9,12 +9,29 @@
"dependencies": {
"libevent": {
"version": "~>2.0.2"
- },
- "openssl": {
- "version": ">=1.1.6"
}
},
- "systemDependencies": "On systems with native openssl 1.0.x use dub package openssl~>1.1, on systems with native openssl 1.1.x use dub package openssl~>2.0",
+ "systemDependencies": "On systems with native openssl 1.0.x use dub package openssl~>1.1, on systems with native openssl 1.1.x use dub package openssl~>2.0.3 (with build bug fix: https://github.com/D-Programming-Deimos/openssl/issues/63)",
+ "configurations": [
+ {
+ "name": "use_openssl_1_0",
+ "versions": ["use_openssl_1_0_x"],
+ "dependencies": {
+ "openssl": {
+ "version": "~>1.1.6"
+ }
+ }
+ },
+ {
+ "name": "use_openssl_1_1",
+ "versions": ["use_openssl_1_1_x"],
+ "dependencies": {
+ "openssl": {
+ "version": "~>2.0.3"
+ }
+ }
+ }
+ ],
"targetType": "library",
"sourcePaths": [
"lib/d/src"
diff --git a/lib/d/Makefile.am b/lib/d/Makefile.am
index 4787e0a..0137217 100644
--- a/lib/d/Makefile.am
+++ b/lib/d/Makefile.am
@@ -97,7 +97,7 @@ d_main_modules = $(filter-out $(d_libevent_dependent_modules) \
$(d_openssl_dependent_modules),$(d_modules))
-d_lib_flags = -w -wi -Isrc -lib
+d_lib_flags = -w -wi -Isrc -lib -version=use_openssl_1_0_x
all_targets =
#
@@ -153,7 +153,7 @@ clean-local:
#
# Unit tests (built both in debug and release mode).
#
-d_test_flags = -unittest -w -wi -I$(top_srcdir)/lib/d/src
+d_test_flags = -unittest -w -wi -I$(top_srcdir)/lib/d/src -version=use_openssl_1_0_x
# There just must be some way to reassign a variable without warnings in
# Automake...
diff --git a/lib/d/src/thrift/internal/ssl.d b/lib/d/src/thrift/internal/ssl.d
index 3af54b5..29cc6d0 100644
--- a/lib/d/src/thrift/internal/ssl.d
+++ b/lib/d/src/thrift/internal/ssl.d
@@ -89,6 +89,20 @@ void authorize(SSL* ssl, TAccessManager accessManager,
// Check subjectAltName(s), if present.
auto alternatives = cast(STACK_OF!(GENERAL_NAME)*)
X509_get_ext_d2i(cert, NID_subject_alt_name, null, null);
+
+ version(use_openssl_1_0_x) {
+ enum _GEN_DNS = GENERAL_NAME.GEN_DNS;
+ enum _GEN_IPADD = GENERAL_NAME.GEN_IPADD;
+ } else version(use_openssl_1_1_x) {
+ enum _GEN_DNS = GEN_DNS;
+ enum _GEN_IPADD = GEN_IPADD;
+ } else {
+ static assert(false, `Must have version either use_openssl_1_0_x or use_openssl_1_1_x defined, e.g.
+ "subConfigurations": {
+ "apache-thrift": "use_openssl_1_0"
+ }`);
+ }
+
if (alternatives != null) {
auto count = sk_GENERAL_NAME_num(alternatives);
for (int i = 0; decision == Decision.SKIP && i < count; i++) {
@@ -98,11 +112,12 @@ void authorize(SSL* ssl, TAccessManager accessManager,
}
auto data = ASN1_STRING_data(name.d.ia5);
auto length = ASN1_STRING_length(name.d.ia5);
+
switch (name.type) {
- case GENERAL_NAME.GEN_DNS:
+ case _GEN_DNS:
decision = accessManager.verify(hostName, cast(char[])data[0 .. length]);
break;
- case GENERAL_NAME.GEN_IPADD:
+ case _GEN_IPADD:
decision = accessManager.verify(peerAddress, data[0 .. length]);
break;
default: