You are viewing a plain text version of this content. The canonical link for it is here.

Posted to cvs@httpd.apache.org by rj...@apache.org on 2016/08/11 21:01:58 UTC

svn commit: r1756049 - /httpd/httpd/branches/2.4.x-openssl-1.1.0-compat/modules/ssl/ssl_util.c

Author: rjung
Date: Thu Aug 11 21:01:58 2016
New Revision: 1756049

URL: http://svn.apache.org/viewvc?rev=1756049&view=rev
Log:
OpenSSL 1.1.0 compat:
- Avoid use of deprecated functions for OpenSSL version >= 1.0

Backport of r1421305 from trunk.

Modified:
    httpd/httpd/branches/2.4.x-openssl-1.1.0-compat/modules/ssl/ssl_util.c

Modified: httpd/httpd/branches/2.4.x-openssl-1.1.0-compat/modules/ssl/ssl_util.c
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x-openssl-1.1.0-compat/modules/ssl/ssl_util.c?rev=1756049&r1=1756048&r2=1756049&view=diff
==============================================================================
--- httpd/httpd/branches/2.4.x-openssl-1.1.0-compat/modules/ssl/ssl_util.c (original)
+++ httpd/httpd/branches/2.4.x-openssl-1.1.0-compat/modules/ssl/ssl_util.c Thu Aug 11 21:01:58 2016
@@ -363,6 +363,28 @@ static void ssl_dyn_destroy_function(str
     apr_pool_destroy(l->pool);
 }
 
+#if OPENSSL_VERSION_NUMBER >= 0x10000000L
+
+static void ssl_util_thr_id(CRYPTO_THREADID *id)
+{
+    /* OpenSSL needs this to return an unsigned long.  On OS/390, the pthread
+     * id is a structure twice that big.  Use the TCB pointer instead as a
+     * unique unsigned long.
+     */
+#ifdef __MVS__
+    struct PSA {
+        char unmapped[540];
+        unsigned long PSATOLD;
+    } *psaptr = 0;
+
+    CRYPTO_THREADID_set_numeric(id, psaptr->PSATOLD);
+#else
+    CRYPTO_THREADID_set_numeric(id, (unsigned long) apr_os_thread_current());
+#endif
+}
+
+#else
+
 static unsigned long ssl_util_thr_id(void)
 {
     /* OpenSSL needs this to return an unsigned long.  On OS/390, the pthread
@@ -381,10 +403,16 @@ static unsigned long ssl_util_thr_id(voi
 #endif
 }
 
+#endif
+
 static apr_status_t ssl_util_thread_cleanup(void *data)
 {
     CRYPTO_set_locking_callback(NULL);
+#if OPENSSL_VERSION_NUMBER >= 0x10000000L
+    CRYPTO_THREADID_set_callback(NULL);
+#else
     CRYPTO_set_id_callback(NULL);
+#endif
 
     CRYPTO_set_dynlock_create_callback(NULL);
     CRYPTO_set_dynlock_lock_callback(NULL);
@@ -408,7 +436,11 @@ void ssl_util_thread_setup(apr_pool_t *p
         apr_thread_mutex_create(&(lock_cs[i]), APR_THREAD_MUTEX_DEFAULT, p);
     }
 
+#if OPENSSL_VERSION_NUMBER >= 0x10000000L
+    CRYPTO_THREADID_set_callback(ssl_util_thr_id);
+#else
     CRYPTO_set_id_callback(ssl_util_thr_id);
+#endif
 
     CRYPTO_set_locking_callback(ssl_util_thr_lock);

Re: svn commit: r1756049 - /httpd/httpd/branches/2.4.x-openssl-1.1.0-compat/modules/ssl/ssl_util.c

Posted by Eric Covener <co...@gmail.com>.

On Fri, Aug 12, 2016 at 8:18 AM, Yann Ylavic <yl...@gmail.com> wrote:
> Hi Rainer,
>
> On Fri, Aug 12, 2016 at 1:27 PM, Rainer Jung <ra...@kippdata.de> wrote:
>>
>> Am 11.08.2016 um 23:07 schrieb Yann Ylavic:
>>>
>>> You really mean to dereference NULL here?
>>
>> That was just a test if anyone is following.
>
> :)
>
>>
>> No, seriously: good question, for me an opportunity to learn something new.
>> The code was taken from trunk as-is (lame excuse), but it seems on z/OS NULL
>> is not the same as address 0. The PSA (Prefixed Save Area) actually starts
>> at address 0!
>
> OK, it seems that z/OS always sets the PSATOLD pointer at this address
> (see [1]).
>
>>
>> Thanks for watching closely!
>
> Thanks for the explanations (and links)!
>
> Regards,
> Yann.
>
>
> [1] http://www.longpelaexpertise.com/ezine/CtBlksBeginners2.php :
> "PSATOLD - A pointer to the Task Control Block (TCB) of the task
> currently scheduled on this CP [Central Processor]. The TCB holds
> information on a specific task."

I can confirm we use similar stuff in code that's definitely running
on z/OS, to determine e.g. job name.

-- 
Eric Covener
covener@gmail.com

Re: svn commit: r1756049 - /httpd/httpd/branches/2.4.x-openssl-1.1.0-compat/modules/ssl/ssl_util.c

Posted by Yann Ylavic <yl...@gmail.com>.

Hi Rainer,

On Fri, Aug 12, 2016 at 1:27 PM, Rainer Jung <ra...@kippdata.de> wrote:
>
> Am 11.08.2016 um 23:07 schrieb Yann Ylavic:
>>
>> You really mean to dereference NULL here?
>
> That was just a test if anyone is following.

:)

>
> No, seriously: good question, for me an opportunity to learn something new.
> The code was taken from trunk as-is (lame excuse), but it seems on z/OS NULL
> is not the same as address 0. The PSA (Prefixed Save Area) actually starts
> at address 0!

OK, it seems that z/OS always sets the PSATOLD pointer at this address
(see [1]).

>
> Thanks for watching closely!

Thanks for the explanations (and links)!

Regards,
Yann.

[1] http://www.longpelaexpertise.com/ezine/CtBlksBeginners2.php :
"PSATOLD - A pointer to the Task Control Block (TCB) of the task
currently scheduled on this CP [Central Processor]. The TCB holds
information on a specific task."

Re: svn commit: r1756049 - /httpd/httpd/branches/2.4.x-openssl-1.1.0-compat/modules/ssl/ssl_util.c

Posted by Rainer Jung <ra...@kippdata.de>.

Hi Yann,

Am 11.08.2016 um 23:07 schrieb Yann Ylavic:
> On Thu, Aug 11, 2016 at 11:01 PM,  <rj...@apache.org> wrote:
>>
>> +#if OPENSSL_VERSION_NUMBER >= 0x10000000L
>> +
>> +static void ssl_util_thr_id(CRYPTO_THREADID *id)
>> +{
>> +    /* OpenSSL needs this to return an unsigned long.  On OS/390, the pthread
>> +     * id is a structure twice that big.  Use the TCB pointer instead as a
>> +     * unique unsigned long.
>> +     */
>> +#ifdef __MVS__
>> +    struct PSA {
>> +        char unmapped[540];
>> +        unsigned long PSATOLD;
>> +    } *psaptr = 0;
>> +
>> +    CRYPTO_THREADID_set_numeric(id, psaptr->PSATOLD);
>
> You really mean to dereference NULL here?

That was just a test if anyone is following.

No, seriously: good question, for me an opportunity to learn something 
new. The code was taken from trunk as-is (lame excuse), but it seems on 
z/OS NULL is not the same as address 0. The PSA (Prefixed Save Area) 
actually starts at address 0!

As info resources I have found:

http://www.longpelaexpertise.com.au/ezine/CtBlksBeginners2.php

which contains a snippet of C code

struct psa *psa_ptr = 0;           /* PSA is at address 0   */

and

https://www.ibm.com/support/knowledgecenter/SSGMGV_3.1.0/com.ibm.cics.ts31.doc/dfht3/dfht365.htm

which also seems to document, that PSA starts at address 0. So if we 
think those sources are reliable, I can add a small comment like the 
above "PSA is at address 0". Fascinating world of cross-platform 
compatibility.

And now that I did some more searches I found

https://bz.apache.org/bugzilla/show_bug.cgi?id=56210

"Possible null deference in apache/modules/ssl/ssl_util.c" which was 
closed by Mike Rumph as "RESOLVED INVALID" with the same arguments. So I 
should really add that comment.

Thanks for watching closely!

Regards,

Rainer

Re: svn commit: r1756049 - /httpd/httpd/branches/2.4.x-openssl-1.1.0-compat/modules/ssl/ssl_util.c

Posted by Yann Ylavic <yl...@gmail.com>.

On Thu, Aug 11, 2016 at 11:01 PM,  <rj...@apache.org> wrote:
>
> +#if OPENSSL_VERSION_NUMBER >= 0x10000000L
> +
> +static void ssl_util_thr_id(CRYPTO_THREADID *id)
> +{
> +    /* OpenSSL needs this to return an unsigned long.  On OS/390, the pthread
> +     * id is a structure twice that big.  Use the TCB pointer instead as a
> +     * unique unsigned long.
> +     */
> +#ifdef __MVS__
> +    struct PSA {
> +        char unmapped[540];
> +        unsigned long PSATOLD;
> +    } *psaptr = 0;
> +
> +    CRYPTO_THREADID_set_numeric(id, psaptr->PSATOLD);

You really mean to dereference NULL here?

> +#else
> +    CRYPTO_THREADID_set_numeric(id, (unsigned long) apr_os_thread_current());
> +#endif
> +}