LILiK
/
openwrt-packages-dist
5
0
Fork 0
Code Issues 0 Pull Requests 0 Projects 0 Releases 0 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
14724 Commits
1 Branch
46 MiB
Tree: b1383b418c
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'b1383b418c'
${ noResults }
openwrt-packages-dist/libs/libevhtp/patches/020-openssl-1.1-compatibili...

132 lines
5.1 KiB
Raw Normal View History

libevhtp: add openssl 1.1 compatibility This patch is a backport of upstream changes. I read the Makefile warning and made sure it only updates the openssl calls and data types to the new API. It does not touch anything else! Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com>
6 years ago
libevhtp: Update to 1.2.0 In the tree, libevhtp is used only for Seafile. This is the most recent version that Haiwen lists as working. Updated threads patch for OpenSSL 1.1. Removed Maintainer as he is inactive. Simplified Makefile a little bit and reorganized for consistency between packages. Fixed compilation with uClibc-ng. Signed-off-by: Rosen Penev <rosenp@gmail.com>
5 years ago
libevhtp: add openssl 1.1 compatibility This patch is a backport of upstream changes. I read the Makefile warning and made sure it only updates the openssl calls and data types to the new API. It does not touch anything else! Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com>
6 years ago
libevhtp: Update to 1.2.0 In the tree, libevhtp is used only for Seafile. This is the most recent version that Haiwen lists as working. Updated threads patch for OpenSSL 1.1. Removed Maintainer as he is inactive. Simplified Makefile a little bit and reorganized for consistency between packages. Fixed compilation with uClibc-ng. Signed-off-by: Rosen Penev <rosenp@gmail.com>
5 years ago
libevhtp: add openssl 1.1 compatibility This patch is a backport of upstream changes. I read the Makefile warning and made sure it only updates the openssl calls and data types to the new API. It does not touch anything else! Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com>
6 years ago
libevhtp: Update to 1.2.0 In the tree, libevhtp is used only for Seafile. This is the most recent version that Haiwen lists as working. Updated threads patch for OpenSSL 1.1. Removed Maintainer as he is inactive. Simplified Makefile a little bit and reorganized for consistency between packages. Fixed compilation with uClibc-ng. Signed-off-by: Rosen Penev <rosenp@gmail.com>
5 years ago
libevhtp: add openssl 1.1 compatibility This patch is a backport of upstream changes. I read the Makefile warning and made sure it only updates the openssl calls and data types to the new API. It does not touch anything else! Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com>
6 years ago
libevhtp: Update to 1.2.0 In the tree, libevhtp is used only for Seafile. This is the most recent version that Haiwen lists as working. Updated threads patch for OpenSSL 1.1. Removed Maintainer as he is inactive. Simplified Makefile a little bit and reorganized for consistency between packages. Fixed compilation with uClibc-ng. Signed-off-by: Rosen Penev <rosenp@gmail.com>
5 years ago
libevhtp: add openssl 1.1 compatibility This patch is a backport of upstream changes. I read the Makefile warning and made sure it only updates the openssl calls and data types to the new API. It does not touch anything else! Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com>
6 years ago
libevhtp: Update to 1.2.0 In the tree, libevhtp is used only for Seafile. This is the most recent version that Haiwen lists as working. Updated threads patch for OpenSSL 1.1. Removed Maintainer as he is inactive. Simplified Makefile a little bit and reorganized for consistency between packages. Fixed compilation with uClibc-ng. Signed-off-by: Rosen Penev <rosenp@gmail.com>
5 years ago
libevhtp: add openssl 1.1 compatibility This patch is a backport of upstream changes. I read the Makefile warning and made sure it only updates the openssl calls and data types to the new API. It does not touch anything else! Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com>
6 years ago
libevhtp: Update to 1.2.0 In the tree, libevhtp is used only for Seafile. This is the most recent version that Haiwen lists as working. Updated threads patch for OpenSSL 1.1. Removed Maintainer as he is inactive. Simplified Makefile a little bit and reorganized for consistency between packages. Fixed compilation with uClibc-ng. Signed-off-by: Rosen Penev <rosenp@gmail.com>
5 years ago
libevhtp: add openssl 1.1 compatibility This patch is a backport of upstream changes. I read the Makefile warning and made sure it only updates the openssl calls and data types to the new API. It does not touch anything else! Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com>
6 years ago
libevhtp: Update to 1.2.0 In the tree, libevhtp is used only for Seafile. This is the most recent version that Haiwen lists as working. Updated threads patch for OpenSSL 1.1. Removed Maintainer as he is inactive. Simplified Makefile a little bit and reorganized for consistency between packages. Fixed compilation with uClibc-ng. Signed-off-by: Rosen Penev <rosenp@gmail.com>
5 years ago
libevhtp: add openssl 1.1 compatibility This patch is a backport of upstream changes. I read the Makefile warning and made sure it only updates the openssl calls and data types to the new API. It does not touch anything else! Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com>
6 years ago
libevhtp: Update to 1.2.0 In the tree, libevhtp is used only for Seafile. This is the most recent version that Haiwen lists as working. Updated threads patch for OpenSSL 1.1. Removed Maintainer as he is inactive. Simplified Makefile a little bit and reorganized for consistency between packages. Fixed compilation with uClibc-ng. Signed-off-by: Rosen Penev <rosenp@gmail.com>
5 years ago
 
  1. --- a/evhtp.c

  2. +++ b/evhtp.c

  3. @@ -1817,16 +1817,15 @@ _evhtp_ssl_thread_lock(int mode, int typ

  4.  #endif
  5.  static void
  6.  _evhtp_ssl_delete_scache_ent(evhtp_ssl_ctx_t * ctx, evhtp_ssl_sess_t * sess) {
  7. -    evhtp_t         * htp;

  8. -    evhtp_ssl_cfg_t * cfg;

  9. -    unsigned char   * sid;

  10. -    unsigned int      slen;

  11. +    evhtp_t          * htp;

  12. +    evhtp_ssl_cfg_t  * cfg;

  13. +    evhtp_ssl_data_t * sid;

  14. +    unsigned int       slen;

  15.  
  16.      htp  = (evhtp_t *)SSL_CTX_get_app_data(ctx);
  17.      cfg  = htp->ssl_cfg;
  18.  
  19. -    sid  = sess->session_id;

  20. -    slen = sess->session_id_length;

  21. +    sid = (evhtp_ssl_data_t *)SSL_SESSION_get_id(sess, &slen);

  22.  
  23.      if (cfg->scache_del) {
  24.          (cfg->scache_del)(htp, sid, slen);
  25. @@ -1837,14 +1836,17 @@ static int

  26.  _evhtp_ssl_add_scache_ent(evhtp_ssl_t * ssl, evhtp_ssl_sess_t * sess) {
  27.      evhtp_connection_t * connection;
  28.      evhtp_ssl_cfg_t    * cfg;
  29. -    unsigned char      * sid;

  30. +    evhtp_ssl_data_t   * sid;

  31.      int                  slen;
  32.  
  33.      connection = (evhtp_connection_t *)SSL_get_app_data(ssl);
  34. -    cfg        = connection->htp->ssl_cfg;

  35. +    if (connection->htp == NULL)

  36. +    {

  37. +    	return 0;	/* We cannot get the ssl_cfg */

  38. +    }

  39.  
  40. -    sid        = sess->session_id;

  41. -    slen       = sess->session_id_length;

  42. +    cfg	= connection->htp->ssl_cfg;

  43. +    sid = (evhtp_ssl_data_t *)SSL_SESSION_get_id(sess, &slen);

  44.  
  45.      SSL_set_timeout(sess, cfg->scache_timeout);
  46.  
  47. @@ -1856,7 +1858,7 @@ _evhtp_ssl_add_scache_ent(evhtp_ssl_t *

  48.  }
  49.  
  50.  static evhtp_ssl_sess_t *
  51. -_evhtp_ssl_get_scache_ent(evhtp_ssl_t * ssl, unsigned char * sid, int sid_len, int * copy) {

  52. +_evhtp_ssl_get_scache_ent(evhtp_ssl_t * ssl, evhtp_ssl_data_t * sid, int sid_len, int * copy) {

  53.      evhtp_connection_t * connection;
  54.      evhtp_ssl_cfg_t    * cfg;
  55.      evhtp_ssl_sess_t   * sess;
  56. @@ -1898,12 +1900,12 @@ _evhtp_ssl_servername(evhtp_ssl_t * ssl,

  57.          connection->vhost_via_sni = 1;
  58.  
  59.          SSL_set_SSL_CTX(ssl, evhtp_vhost->ssl_ctx);
  60. -        SSL_set_options(ssl, SSL_CTX_get_options(ssl->ctx));

  61. +        SSL_set_options(ssl, SSL_CTX_get_options(SSL_get_SSL_CTX(ssl)));

  62.  
  63.          if ((SSL_get_verify_mode(ssl) == SSL_VERIFY_NONE) ||
  64.              (SSL_num_renegotiations(ssl) == 0)) {
  65. -            SSL_set_verify(ssl, SSL_CTX_get_verify_mode(ssl->ctx),

  66. -                           SSL_CTX_get_verify_callback(ssl->ctx));

  67. +            SSL_set_verify(ssl, SSL_CTX_get_verify_mode(SSL_get_SSL_CTX(ssl)),

  68. +                           SSL_CTX_get_verify_callback(SSL_get_SSL_CTX(ssl)));

  69.          }
  70.  
  71.          return SSL_TLSEXT_ERR_OK;
  72. @@ -3197,15 +3199,21 @@ evhtp_ssl_init(evhtp_t * htp, evhtp_ssl_

  73.          return -1;
  74.      }
  75.  
  76. +#if OPENSSL_VERSION_NUMBER < 0x10100000L

  77.      SSL_library_init();
  78.      SSL_load_error_strings();
  79. +#endif

  80.      RAND_poll();
  81.  
  82.      STACK_OF(SSL_COMP) * comp_methods = SSL_COMP_get_compression_methods();
  83.      sk_SSL_COMP_zero(comp_methods);
  84.  
  85.      htp->ssl_cfg = cfg;
  86. +#if OPENSSL_VERSION_NUMBER < 0x10100000L

  87.      htp->ssl_ctx = SSL_CTX_new(SSLv23_server_method());
  88. +#else

  89. +    htp->ssl_ctx = SSL_CTX_new(TLS_server_method());

  90. +#endif

  91.  
  92.  #if OPENSSL_VERSION_NUMBER >= 0x10000000L
  93.      SSL_CTX_set_options(htp->ssl_ctx, SSL_MODE_RELEASE_BUFFERS);
  94. @@ -3242,7 +3250,11 @@ evhtp_ssl_init(evhtp_t * htp, evhtp_ssl_

  95.      SSL_CTX_set_verify(htp->ssl_ctx, cfg->verify_peer, cfg->x509_verify_cb);
  96.  
  97.      if (cfg->x509_chk_issued_cb != NULL) {
  98. +#if OPENSSL_VERSION_NUMBER < 0x10100000L

  99.          htp->ssl_ctx->cert_store->check_issued = cfg->x509_chk_issued_cb;
  100. +#else

  101. +	X509_STORE_set_check_issued(SSL_CTX_get_cert_store(htp->ssl_ctx), cfg->x509_chk_issued_cb);

  102. +#endif

  103.      }
  104.  
  105.      if (cfg->verify_depth) {
  106. --- a/evhtp.h

  107. +++ b/evhtp.h

  108. @@ -34,6 +34,11 @@ typedef SSL                       evhtp_

  109.  typedef SSL_CTX                   evhtp_ssl_ctx_t;
  110.  typedef X509                      evhtp_x509_t;
  111.  typedef X509_STORE_CTX            evhtp_x509_store_ctx_t;
  112. +#if OPENSSL_VERSION_NUMBER < 0x10100000L

  113. +typedef unsigned char             evhtp_ssl_data_t;

  114. +#else

  115. +typedef const unsigned char       evhtp_ssl_data_t;

  116. +#endif

  117.  #else
  118.  typedef void                      evhtp_ssl_sess_t;
  119.  typedef void                      evhtp_ssl_t;
  120. @@ -157,9 +162,9 @@ typedef int (*evhtp_headers_iterator)(ev

  121.  typedef int (*evhtp_ssl_verify_cb)(int pre_verify, evhtp_x509_store_ctx_t * ctx);
  122.  typedef int (*evhtp_ssl_chk_issued_cb)(evhtp_x509_store_ctx_t * ctx, evhtp_x509_t * x, evhtp_x509_t * issuer);
  123.  
  124. -typedef int (*evhtp_ssl_scache_add)(evhtp_connection_t * connection, unsigned char * sid, int sid_len, evhtp_ssl_sess_t * sess);

  125. -typedef void (*evhtp_ssl_scache_del)(evhtp_t * htp, unsigned char * sid, int sid_len);

  126. -typedef evhtp_ssl_sess_t * (*evhtp_ssl_scache_get)(evhtp_connection_t * connection, unsigned char * sid, int sid_len);

  127. +typedef int (*evhtp_ssl_scache_add)(evhtp_connection_t * connection, evhtp_ssl_data_t * sid, int sid_len, evhtp_ssl_sess_t * sess);

  128. +typedef void (*evhtp_ssl_scache_del)(evhtp_t * htp, evhtp_ssl_data_t * sid, int sid_len);

  129. +typedef evhtp_ssl_sess_t * (*evhtp_ssl_scache_get)(evhtp_connection_t * connection, evhtp_ssl_data_t * sid, int sid_len);

  130.  typedef void * (*evhtp_ssl_scache_init)(evhtp_t *);
  131.  
  132.  #define EVHTP_VERSION           "1.2.0"