View | Details | Raw Unified | Return to bug 61184
Collapse All | Expand All

(-)support/ab.c.orig (-1 / +1 lines)
Lines 2514-2520 int main(int argc, const char * const ar Link Here
2514
        exit(1);
2514
        exit(1);
2515
    }
2515
    }
2516
    SSL_CTX_set_options(ssl_ctx, SSL_OP_ALL);
2516
    SSL_CTX_set_options(ssl_ctx, SSL_OP_ALL);
2517
#if OPENSSL_VERSION_NUMBER >= 0x10100000L
2517
#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
2518
    SSL_CTX_set_max_proto_version(ssl_ctx, max_prot);
2518
    SSL_CTX_set_max_proto_version(ssl_ctx, max_prot);
2519
    SSL_CTX_set_min_proto_version(ssl_ctx, min_prot);
2519
    SSL_CTX_set_min_proto_version(ssl_ctx, min_prot);
2520
#endif
2520
#endif
(-)modules/ssl/mod_ssl.c.orig (-2 / +2 lines)
Lines 337-343 static apr_status_t ssl_cleanup_pre_conf Link Here
337
#if HAVE_ENGINE_LOAD_BUILTIN_ENGINES
337
#if HAVE_ENGINE_LOAD_BUILTIN_ENGINES
338
    ENGINE_cleanup();
338
    ENGINE_cleanup();
339
#endif
339
#endif
340
#if OPENSSL_VERSION_NUMBER >= 0x1000200fL
340
#if OPENSSL_VERSION_NUMBER >= 0x1000200fL && !defined(OPENSSL_NO_COMP)
341
    SSL_COMP_free_compression_methods();
341
    SSL_COMP_free_compression_methods();
342
#endif
342
#endif
343
343
Lines 390-396 static int ssl_hook_pre_config(apr_pool_ Link Here
390
    /* We must register the library in full, to ensure our configuration
390
    /* We must register the library in full, to ensure our configuration
391
     * code can successfully test the SSL environment.
391
     * code can successfully test the SSL environment.
392
     */
392
     */
393
#if OPENSSL_VERSION_NUMBER < 0x10100000L
393
#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
394
    CRYPTO_malloc_init();
394
    CRYPTO_malloc_init();
395
#else
395
#else
396
    OPENSSL_malloc_init();
396
    OPENSSL_malloc_init();
(-)modules/ssl/ssl_engine_init.c.orig (-4 / +4 lines)
Lines 47-53 APR_IMPLEMENT_OPTIONAL_HOOK_RUN_ALL(ssl, Link Here
47
#define KEYTYPES "RSA or DSA"
47
#define KEYTYPES "RSA or DSA"
48
#endif
48
#endif
49
49
50
#if OPENSSL_VERSION_NUMBER < 0x10100000L
50
#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
51
/* OpenSSL Pre-1.1.0 compatibility */
51
/* OpenSSL Pre-1.1.0 compatibility */
52
/* Taken from OpenSSL 1.1.0 snapshot 20160410 */
52
/* Taken from OpenSSL 1.1.0 snapshot 20160410 */
53
static int DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g)
53
static int DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g)
Lines 380-386 apr_status_t ssl_init_Module(apr_pool_t Link Here
380
    modssl_init_app_data2_idx(); /* for modssl_get_app_data2() at request time */
380
    modssl_init_app_data2_idx(); /* for modssl_get_app_data2() at request time */
381
381
382
    init_dh_params();
382
    init_dh_params();
383
#if OPENSSL_VERSION_NUMBER >= 0x10100000L
383
#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
384
    init_bio_methods();
384
    init_bio_methods();
385
#endif
385
#endif
386
386
Lines 583-589 static apr_status_t ssl_init_ctx_protoco Link Here
583
583
584
    SSL_CTX_set_options(ctx, SSL_OP_ALL);
584
    SSL_CTX_set_options(ctx, SSL_OP_ALL);
585
585
586
#if OPENSSL_VERSION_NUMBER < 0x10100000L
586
#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
587
    /* always disable SSLv2, as per RFC 6176 */
587
    /* always disable SSLv2, as per RFC 6176 */
588
    SSL_CTX_set_options(ctx, SSL_OP_NO_SSLv2);
588
    SSL_CTX_set_options(ctx, SSL_OP_NO_SSLv2);
589
589
Lines 2011-2017 apr_status_t ssl_init_ModuleKill(void *d Link Here
2011
2011
2012
    }
2012
    }
2013
2013
2014
#if OPENSSL_VERSION_NUMBER >= 0x10100000L
2014
#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
2015
    free_bio_methods();
2015
    free_bio_methods();
2016
#endif
2016
#endif
2017
    free_dh_params();
2017
    free_dh_params();
(-)modules/ssl/ssl_engine_io.c.orig (-3 / +3 lines)
Lines 549-555 static long bio_filter_in_ctrl(BIO *bio, Link Here
549
    return -1;
549
    return -1;
550
}
550
}
551
551
552
#if OPENSSL_VERSION_NUMBER < 0x10100000L
552
#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
553
        
553
        
554
static BIO_METHOD bio_filter_out_method = {
554
static BIO_METHOD bio_filter_out_method = {
555
    BIO_TYPE_MEM,
555
    BIO_TYPE_MEM,
Lines 2024-2030 static void ssl_io_input_add_filter(ssl_ Link Here
2024
2024
2025
    filter_ctx->pInputFilter = ap_add_input_filter(ssl_io_filter, inctx, r, c);
2025
    filter_ctx->pInputFilter = ap_add_input_filter(ssl_io_filter, inctx, r, c);
2026
2026
2027
#if OPENSSL_VERSION_NUMBER < 0x10100000L
2027
#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
2028
    filter_ctx->pbioRead = BIO_new(&bio_filter_in_method);
2028
    filter_ctx->pbioRead = BIO_new(&bio_filter_in_method);
2029
#else
2029
#else
2030
    filter_ctx->pbioRead = BIO_new(bio_filter_in_method);
2030
    filter_ctx->pbioRead = BIO_new(bio_filter_in_method);
Lines 2059-2065 void ssl_io_filter_init(conn_rec *c, req Link Here
2059
    filter_ctx->pOutputFilter   = ap_add_output_filter(ssl_io_filter,
2059
    filter_ctx->pOutputFilter   = ap_add_output_filter(ssl_io_filter,
2060
                                                       filter_ctx, r, c);
2060
                                                       filter_ctx, r, c);
2061
2061
2062
#if OPENSSL_VERSION_NUMBER < 0x10100000L
2062
#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
2063
    filter_ctx->pbioWrite       = BIO_new(&bio_filter_out_method);
2063
    filter_ctx->pbioWrite       = BIO_new(&bio_filter_out_method);
2064
#else
2064
#else
2065
    filter_ctx->pbioWrite       = BIO_new(bio_filter_out_method);
2065
    filter_ctx->pbioWrite       = BIO_new(bio_filter_out_method);
(-)modules/ssl/ssl_engine_kernel.c.orig (-1 / +1 lines)
Lines 1733-1739 static void modssl_proxy_info_log(conn_r Link Here
1733
 * so we need to increment here to prevent them from
1733
 * so we need to increment here to prevent them from
1734
 * being freed.
1734
 * being freed.
1735
 */
1735
 */
1736
#if OPENSSL_VERSION_NUMBER < 0x10100000L
1736
#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
1737
#define modssl_set_cert_info(info, cert, pkey) \
1737
#define modssl_set_cert_info(info, cert, pkey) \
1738
    *cert = info->x509; \
1738
    *cert = info->x509; \
1739
    CRYPTO_add(&(*cert)->references, +1, CRYPTO_LOCK_X509); \
1739
    CRYPTO_add(&(*cert)->references, +1, CRYPTO_LOCK_X509); \
(-)modules/ssl/ssl_engine_vars.c.orig (-2 / +2 lines)
Lines 529-535 static char *ssl_var_lookup_ssl_cert(apr Link Here
529
        resdup = FALSE;
529
        resdup = FALSE;
530
    }
530
    }
531
    else if (strcEQ(var, "A_SIG")) {
531
    else if (strcEQ(var, "A_SIG")) {
532
#if OPENSSL_VERSION_NUMBER < 0x10100000L
532
#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
533
        nid = OBJ_obj2nid((ASN1_OBJECT *)(xs->cert_info->signature->algorithm));
533
        nid = OBJ_obj2nid((ASN1_OBJECT *)(xs->cert_info->signature->algorithm));
534
#else
534
#else
535
        const ASN1_OBJECT *paobj;
535
        const ASN1_OBJECT *paobj;
Lines 541-547 static char *ssl_var_lookup_ssl_cert(apr Link Here
541
        resdup = FALSE;
541
        resdup = FALSE;
542
    }
542
    }
543
    else if (strcEQ(var, "A_KEY")) {
543
    else if (strcEQ(var, "A_KEY")) {
544
#if OPENSSL_VERSION_NUMBER < 0x10100000L
544
#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
545
        nid = OBJ_obj2nid((ASN1_OBJECT *)(xs->cert_info->key->algor->algorithm));
545
        nid = OBJ_obj2nid((ASN1_OBJECT *)(xs->cert_info->key->algor->algorithm));
546
#else
546
#else
547
        ASN1_OBJECT *paobj;
547
        ASN1_OBJECT *paobj;
(-)modules/ssl/ssl_private.h.orig (-4 / +4 lines)
Lines 136-142 Link Here
136
#endif
136
#endif
137
137
138
/* session id constness */
138
/* session id constness */
139
#if OPENSSL_VERSION_NUMBER < 0x10100000L
139
#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
140
#define IDCONST
140
#define IDCONST
141
#else
141
#else
142
#define IDCONST const
142
#define IDCONST const
Lines 159-165 Link Here
159
#if !defined(OPENSSL_NO_OCSP) && defined(SSL_CTX_set_tlsext_status_cb)
159
#if !defined(OPENSSL_NO_OCSP) && defined(SSL_CTX_set_tlsext_status_cb)
160
#define HAVE_OCSP_STAPLING
160
#define HAVE_OCSP_STAPLING
161
/* All exist but are no longer macros since OpenSSL 1.1.0 */
161
/* All exist but are no longer macros since OpenSSL 1.1.0 */
162
#if OPENSSL_VERSION_NUMBER < 0x10100000L
162
#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
163
/* backward compatibility with OpenSSL < 1.0 */
163
/* backward compatibility with OpenSSL < 1.0 */
164
#ifndef sk_OPENSSL_STRING_num
164
#ifndef sk_OPENSSL_STRING_num
165
#define sk_OPENSSL_STRING_num sk_num
165
#define sk_OPENSSL_STRING_num sk_num
Lines 199-205 Link Here
199
199
200
#endif /* !defined(OPENSSL_NO_TLSEXT) && defined(SSL_set_tlsext_host_name) */
200
#endif /* !defined(OPENSSL_NO_TLSEXT) && defined(SSL_set_tlsext_host_name) */
201
201
202
#if OPENSSL_VERSION_NUMBER < 0x10100000L
202
#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
203
#define BN_get_rfc2409_prime_768   get_rfc2409_prime_768
203
#define BN_get_rfc2409_prime_768   get_rfc2409_prime_768
204
#define BN_get_rfc2409_prime_1024  get_rfc2409_prime_1024
204
#define BN_get_rfc2409_prime_1024  get_rfc2409_prime_1024
205
#define BN_get_rfc3526_prime_1536  get_rfc3526_prime_1536
205
#define BN_get_rfc3526_prime_1536  get_rfc3526_prime_1536
Lines 219-225 void init_bio_methods(void); Link Here
219
void free_bio_methods(void);
219
void free_bio_methods(void);
220
#endif
220
#endif
221
221
222
#if OPENSSL_VERSION_NUMBER < 0x10002000L
222
#if OPENSSL_VERSION_NUMBER < 0x10002000L || defined(LIBRESSL_VERSION_NUMBER)
223
#define X509_STORE_CTX_get0_store(x) (x->ctx)
223
#define X509_STORE_CTX_get0_store(x) (x->ctx)
224
#endif
224
#endif
225
225
(-)modules/ssl/ssl_util_ssl.h.orig (-1 / +1 lines)
Lines 41-47 Link Here
41
#define MODSSL_LIBRARY_VERSION OPENSSL_VERSION_NUMBER
41
#define MODSSL_LIBRARY_VERSION OPENSSL_VERSION_NUMBER
42
#define MODSSL_LIBRARY_NAME    "OpenSSL"
42
#define MODSSL_LIBRARY_NAME    "OpenSSL"
43
#define MODSSL_LIBRARY_TEXT    OPENSSL_VERSION_TEXT
43
#define MODSSL_LIBRARY_TEXT    OPENSSL_VERSION_TEXT
44
#if OPENSSL_VERSION_NUMBER < 0x10100000L
44
#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
45
#define MODSSL_LIBRARY_DYNTEXT SSLeay_version(SSLEAY_VERSION)
45
#define MODSSL_LIBRARY_DYNTEXT SSLeay_version(SSLEAY_VERSION)
46
#else
46
#else
47
#define MODSSL_LIBRARY_DYNTEXT OpenSSL_version(OPENSSL_VERSION)
47
#define MODSSL_LIBRARY_DYNTEXT OpenSSL_version(OPENSSL_VERSION)

Return to bug 61184