Browse Source

[mod_openssl] boringssl compat

master
Glenn Strauss 2 months ago
parent
commit
b17c37c5e5
  1. 2
      configure.ac
  2. 2
      src/CMakeLists.txt
  3. 2
      src/meson.build
  4. 3
      src/mod_openssl.c
  5. 3
      src/sys-crypto-md.h

2
configure.ac

@ -682,7 +682,7 @@ if test "$WITH_OPENSSL" != no; then
AC_CHECK_HEADERS([openssl/ssl.h], [], [
AC_MSG_ERROR([openssl headers not found. install them or build without --with-openssl])
])
AC_CHECK_LIB([crypto], [BIO_f_base64],
AC_CHECK_LIB([crypto], [RAND_bytes],
[CRYPTO_LIB="-lcrypto"],
[AC_MSG_ERROR([openssl crypto library not found. install it or build without --with-openssl])]
)

2
src/CMakeLists.txt

@ -321,7 +321,7 @@ if(WITH_OPENSSL)
set(CMAKE_REQUIRED_INCLUDES)
endif()
if(HAVE_OPENSSL_SSL_H)
check_library_exists(crypto BIO_f_base64 "" HAVE_LIBCRYPTO)
check_library_exists(crypto RAND_bytes "" HAVE_LIBCRYPTO)
if(HAVE_LIBCRYPTO)
set(CRYPTO_LIBRARY crypto)
check_library_exists(ssl SSL_new "" HAVE_LIBSSL)

2
src/meson.build

@ -450,7 +450,7 @@ if get_option('with_openssl')
# manual search:
# header: openssl/ssl.h
# function: SSL_new (-lssl)
# function: BIO_f_base64 (-lcrypto)
# function: RAND_bytes (-lcrypto)
libssl = [ dependency('libssl') ]
libsslcrypto = [ dependency('libcrypto') ]
libcrypto = [ dependency('libcrypto') ]

3
src/mod_openssl.c

@ -239,6 +239,7 @@ mod_openssl_session_ticket_key_generate (unix_time64_t active_ts, unix_time64_t
*/
/*(RAND_priv_bytes() not in openssl 1.1.0; introduced in openssl 1.1.1)*/
#if OPENSSL_VERSION_NUMBER < 0x10101000L \
|| defined(BORINGSSL_API_VERSION) \
|| defined(LIBRESSL_VERSION_NUMBER)
#define RAND_priv_bytes(x,sz) RAND_bytes((x),(sz))
#endif
@ -653,6 +654,7 @@ PEM_ASN1_read_bio_secmem(d2i_of_void *d2i, const char *name, BIO *bp, void **x,
char *ret = NULL;
#if OPENSSL_VERSION_NUMBER >= 0x10101000L \
&& !defined(BORINGSSL_API_VERSION) \
&& !defined(LIBRESSL_VERSION_NUMBER)
if (!PEM_bytes_read_bio_secmem(&data, &len, NULL, name, bp, cb, u))
#else
@ -666,6 +668,7 @@ PEM_ASN1_read_bio_secmem(d2i_of_void *d2i, const char *name, BIO *bp, void **x,
PEMerr(PEM_F_PEM_ASN1_READ_BIO, ERR_R_ASN1_LIB);
#endif
#if OPENSSL_VERSION_NUMBER >= 0x10101000L \
&& !defined(BORINGSSL_API_VERSION) \
&& !defined(LIBRESSL_VERSION_NUMBER)
OPENSSL_secure_clear_free(data, len);
#else

3
src/sys-crypto-md.h

@ -444,6 +444,9 @@ SHA512_Update(SHA512_CTX *ctx, const void *data, size_t length)
#endif
#include <openssl/opensslv.h>
#ifdef BORINGSSL_API_VERSION
typedef SHA512_CTX SHA512_256_CTX;
#endif
#if OPENSSL_VERSION_NUMBER >= 0x30000000L
#include <openssl/evp.h>

Loading…
Cancel
Save