You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

122 lines
3.7 KiB

  1. diff --git a/src/ssl_sock.c b/src/ssl_sock.c
  2. index cfbc38b..025a144 100644
  3. --- a/src/ssl_sock.c
  4. +++ b/src/ssl_sock.c
  5. @@ -39,6 +39,7 @@
  6. #include <netdb.h>
  7. #include <netinet/tcp.h>
  8. +#include <openssl/bn.h>
  9. #include <openssl/crypto.h>
  10. #include <openssl/ssl.h>
  11. #include <openssl/x509.h>
  12. @@ -229,6 +230,7 @@ unsigned long ssl_id_function(void)
  13. void ssl_locking_function(int mode, int n, const char * file, int line)
  14. {
  15. +#if OPENSSL_VERSION_NUMBER < 0x10100000L
  16. if (mode & CRYPTO_LOCK) {
  17. if (mode & CRYPTO_READ)
  18. HA_RWLOCK_RDLOCK(SSL_LOCK, &ssl_rwlocks[n]);
  19. @@ -241,10 +243,12 @@ void ssl_locking_function(int mode, int n, const char * file, int line)
  20. else
  21. HA_RWLOCK_WRUNLOCK(SSL_LOCK, &ssl_rwlocks[n]);
  22. }
  23. +#endif
  24. }
  25. static int ssl_locking_init(void)
  26. {
  27. +#if OPENSSL_VERSION_NUMBER < 0x10100000L
  28. int i;
  29. ssl_rwlocks = malloc(sizeof(HA_RWLOCK_T)*CRYPTO_num_locks());
  30. @@ -256,7 +260,7 @@ static int ssl_locking_init(void)
  31. CRYPTO_set_id_callback(ssl_id_function);
  32. CRYPTO_set_locking_callback(ssl_locking_function);
  33. -
  34. +#endif
  35. return 0;
  36. }
  37. @@ -1702,8 +1706,13 @@ ssl_sock_do_create_cert(const char *servername, struct bind_conf *bind_conf, SSL
  38. ASN1_INTEGER_set(X509_get_serialNumber(newcrt), HA_ATOMIC_ADD(&ssl_ctx_serial, 1));
  39. /* Set duration for the certificate */
  40. +#if OPENSSL_VERSION_NUMBER < 0x10100000L
  41. if (!X509_gmtime_adj(X509_get_notBefore(newcrt), (long)-60*60*24) ||
  42. !X509_gmtime_adj(X509_get_notAfter(newcrt),(long)60*60*24*365))
  43. +#else
  44. + if (!X509_gmtime_adj(X509_getm_notBefore(newcrt), (long)-60*60*24) ||
  45. + !X509_gmtime_adj(X509_getm_notAfter(newcrt),(long)60*60*24*365))
  46. +#endif
  47. goto mkcert_error;
  48. /* set public key in the certificate */
  49. @@ -6276,7 +6285,11 @@ smp_fetch_ssl_x_notafter(const struct arg *args, struct sample *smp, const char
  50. goto out;
  51. smp_trash = get_trash_chunk();
  52. +#if OPENSSL_VERSION_NUMBER < 0x10100000L
  53. if (ssl_sock_get_time(X509_get_notAfter(crt), smp_trash) <= 0)
  54. +#else
  55. + if (ssl_sock_get_time(X509_getm_notAfter(crt), smp_trash) <= 0)
  56. +#endif
  57. goto out;
  58. smp->data.u.str = *smp_trash;
  59. @@ -6376,7 +6389,11 @@ smp_fetch_ssl_x_notbefore(const struct arg *args, struct sample *smp, const char
  60. goto out;
  61. smp_trash = get_trash_chunk();
  62. +#if OPENSSL_VERSION_NUMBER < 0x10100000L
  63. if (ssl_sock_get_time(X509_get_notBefore(crt), smp_trash) <= 0)
  64. +#else
  65. + if (ssl_sock_get_time(X509_getm_notBefore(crt), smp_trash) <= 0)
  66. +#endif
  67. goto out;
  68. smp->data.u.str = *smp_trash;
  69. @@ -8926,7 +8943,11 @@ static void __ssl_sock_init(void)
  70. #endif
  71. xprt_register(XPRT_SSL, &ssl_sock);
  72. +#if OPENSSL_VERSION_NUMBER < 0x10100000L
  73. SSL_library_init();
  74. +#else
  75. + OPENSSL_init_ssl(0, NULL);
  76. +#endif
  77. cm = SSL_COMP_get_compression_methods();
  78. sk_SSL_COMP_zero(cm);
  79. #ifdef USE_THREAD
  80. @@ -8958,8 +8979,13 @@ static void __ssl_sock_init(void)
  81. #else /* OPENSSL_IS_BORINGSSL */
  82. OPENSSL_VERSION_TEXT
  83. "\nRunning on OpenSSL version : %s%s",
  84. +#if OPENSSL_VERSION_NUMBER < 0x10100000L
  85. SSLeay_version(SSLEAY_VERSION),
  86. ((OPENSSL_VERSION_NUMBER ^ SSLeay()) >> 8) ? " (VERSIONS DIFFER!)" : "");
  87. +#else
  88. + OpenSSL_version(OPENSSL_VERSION),
  89. + ((OPENSSL_VERSION_NUMBER ^ OpenSSL_version_num()) >> 8) ? " (VERSIONS DIFFER!)" : "");
  90. +#endif
  91. #endif
  92. memprintf(&ptr, "%s\nOpenSSL library supports TLS extensions : "
  93. #if OPENSSL_VERSION_NUMBER < 0x00907000L
  94. @@ -9051,11 +9077,14 @@ static void __ssl_sock_deinit(void)
  95. #endif
  96. ERR_remove_state(0);
  97. +
  98. +#if OPENSSL_VERSION_NUMBER < 0x10100000L
  99. ERR_free_strings();
  100. EVP_cleanup();
  101. +#endif
  102. -#if OPENSSL_VERSION_NUMBER >= 0x00907000L
  103. +#if OPENSSL_VERSION_NUMBER >= 0x00907000L && OPENSSL_VERSION_NUMBER < 0x10100000L
  104. CRYPTO_cleanup_all_ex_data();
  105. #endif
  106. }