You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by jo...@apache.org on 2020/03/26 11:03:55 UTC
svn commit: r1875702 - in /httpd/httpd/trunk/modules/ssl:
ssl_engine_kernel.c ssl_private.h ssl_util_stapling.c
Author: jorton
Date: Thu Mar 26 11:03:54 2020
New Revision: 1875702
URL: http://svn.apache.org/viewvc?rev=1875702&view=rev
Log:
* modules/ssl/ssl_private.h: Define X509_up_ref and EVP_PKEY_up_ref
for OpenSSL < 1.1.
* modules/ssl/ssl_engine_kernel.c (modssl_set_cert_info):
* modules/ssl/ssl_util_stapling.c (stapling_get_issuer):
Use the above macros for all OpenSSL versions.
Github: closes #104
Modified:
httpd/httpd/trunk/modules/ssl/ssl_engine_kernel.c
httpd/httpd/trunk/modules/ssl/ssl_private.h
httpd/httpd/trunk/modules/ssl/ssl_util_stapling.c
Modified: httpd/httpd/trunk/modules/ssl/ssl_engine_kernel.c
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/ssl/ssl_engine_kernel.c?rev=1875702&r1=1875701&r2=1875702&view=diff
==============================================================================
--- httpd/httpd/trunk/modules/ssl/ssl_engine_kernel.c (original)
+++ httpd/httpd/trunk/modules/ssl/ssl_engine_kernel.c Thu Mar 26 11:03:54 2020
@@ -1950,19 +1950,11 @@ static void modssl_proxy_info_log(conn_r
* so we need to increment here to prevent them from
* being freed.
*/
-#if MODSSL_USE_OPENSSL_PRE_1_1_API
-#define modssl_set_cert_info(info, cert, pkey) \
- *cert = info->x509; \
- CRYPTO_add(&(*cert)->references, +1, CRYPTO_LOCK_X509); \
- *pkey = info->x_pkey->dec_pkey; \
- CRYPTO_add(&(*pkey)->references, +1, CRYPTO_LOCK_X509_PKEY)
-#else
#define modssl_set_cert_info(info, cert, pkey) \
*cert = info->x509; \
X509_up_ref(*cert); \
*pkey = info->x_pkey->dec_pkey; \
EVP_PKEY_up_ref(*pkey);
-#endif
int ssl_callback_proxy_cert(SSL *ssl, X509 **x509, EVP_PKEY **pkey)
{
Modified: httpd/httpd/trunk/modules/ssl/ssl_private.h
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/ssl/ssl_private.h?rev=1875702&r1=1875701&r2=1875702&view=diff
==============================================================================
--- httpd/httpd/trunk/modules/ssl/ssl_private.h (original)
+++ httpd/httpd/trunk/modules/ssl/ssl_private.h Thu Mar 26 11:03:54 2020
@@ -237,6 +237,8 @@
#define BIO_get_shutdown(x) (x->shutdown)
#define BIO_set_shutdown(x,v) (x->shutdown=v)
#define DH_bits(x) (BN_num_bits(x->p))
+#define X509_up_ref(x) (CRYPTO_add(&(x)->references, +1, CRYPTO_LOCK_X509))
+#define EVP_PKEY_up_ref(pk) (CRYPTO_add(&(pk)->references, +1, CRYPTO_LOCK_X509_PKEY))
#else
void init_bio_methods(void);
void free_bio_methods(void);
Modified: httpd/httpd/trunk/modules/ssl/ssl_util_stapling.c
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/ssl/ssl_util_stapling.c?rev=1875702&r1=1875701&r2=1875702&view=diff
==============================================================================
--- httpd/httpd/trunk/modules/ssl/ssl_util_stapling.c (original)
+++ httpd/httpd/trunk/modules/ssl/ssl_util_stapling.c Thu Mar 26 11:03:54 2020
@@ -107,11 +107,7 @@ static X509 *stapling_get_issuer(modssl_
for (i = 0; i < sk_X509_num(extra_certs); i++) {
issuer = sk_X509_value(extra_certs, i);
if (X509_check_issued(issuer, x) == X509_V_OK) {
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
- CRYPTO_add(&issuer->references, 1, CRYPTO_LOCK_X509);
-#else
X509_up_ref(issuer);
-#endif
return issuer;
}
}