From: Christos Tsantilas Date: Tue, 26 Jul 2011 05:53:32 +0000 (+1200) Subject: Bug 3232: fails to compile with OpenSSL v1.0.0 X-Git-Tag: take08~55^2~34 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=3eee6040b6c65b1ae81885c573761b9550495c3f;p=thirdparty%2Fsquid.git Bug 3232: fails to compile with OpenSSL v1.0.0 --- diff --git a/configure.ac b/configure.ac index 36e7dcffbd..17d09c03de 100644 --- a/configure.ac +++ b/configure.ac @@ -2257,6 +2257,7 @@ AC_CHECK_HEADERS( \ netinet/ip_fil_compat.h \ openssl/err.h \ openssl/md5.h \ + openssl/opensslv.h \ openssl/ssl.h \ openssl/x509v3.h \ netinet/tcp.h \ diff --git a/src/ssl/certificate_db.cc b/src/ssl/certificate_db.cc index 88dcd29f97..1ca4d21cfc 100644 --- a/src/ssl/certificate_db.cc +++ b/src/ssl/certificate_db.cc @@ -393,11 +393,19 @@ void Ssl::CertificateDb::load() corrupt = true; // Create indexes in db. +#if OPENSSL_VERSION_NUMBER > 0x10000000L + if (!corrupt && !TXT_DB_create_index(temp_db.get(), cnlSerial, NULL, LHASH_HASH_FN(index_serial), LHASH_COMP_FN(index_serial))) + corrupt = true; + + if (!corrupt && !TXT_DB_create_index(temp_db.get(), cnlName, NULL, LHASH_HASH_FN(index_name), LHASH_COMP_FN(index_name))) + corrupt = true; +#else if (!corrupt && !TXT_DB_create_index(temp_db.get(), cnlSerial, NULL, LHASH_HASH_FN(index_serial_hash), LHASH_COMP_FN(index_serial_cmp))) corrupt = true; if (!corrupt && !TXT_DB_create_index(temp_db.get(), cnlName, NULL, LHASH_HASH_FN(index_name_hash), LHASH_COMP_FN(index_name_cmp))) corrupt = true; +#endif if (corrupt) throw std::runtime_error("The SSL certificate database " + db_path + " is curruted. Please rebuild"); @@ -425,13 +433,22 @@ bool Ssl::CertificateDb::deleteInvalidCertificate() return false; bool removed_one = false; +#if OPENSSL_VERSION_NUMBER > 0x10000000L + for (int i = 0; i < sk_OPENSSL_PSTRING_num(db.get()->data); i++) { + const char ** current_row = ((const char **)sk_OPENSSL_PSTRING_value(db.get()->data, i)); +#else for (int i = 0; i < sk_num(db.get()->data); i++) { const char ** current_row = ((const char **)sk_value(db.get()->data, i)); +#endif if (!sslDateIsInTheFuture(current_row[cnlExp_date])) { std::string filename(cert_full + "/" + current_row[cnlSerial] + ".pem"); FileLocker cert_locker(filename); +#if OPENSSL_VERSION_NUMBER > 0x10000000L + sk_OPENSSL_PSTRING_delete(db.get()->data, i); +#else sk_delete(db.get()->data, i); +#endif subSize(filename); remove(filename.c_str()); removed_one = true; @@ -449,12 +466,27 @@ bool Ssl::CertificateDb::deleteOldestCertificate() if (!db) return false; +#if OPENSSL_VERSION_NUMBER > 0x10000000L + if (sk_OPENSSL_PSTRING_num(db.get()->data) == 0) +#else if (sk_num(db.get()->data) == 0) +#endif return false; - std::string filename(cert_full + "/" + ((const char **)sk_value(db.get()->data, 0))[cnlSerial] + ".pem"); +#if OPENSSL_VERSION_NUMBER > 0x10000000L + const char **row = (const char **)sk_OPENSSL_PSTRING_value(db.get()->data, 0); +#else + const char **row = (const char **)sk_value(db.get()->data, 0); +#endif + std::string filename(cert_full + "/" + row[cnlSerial] + ".pem"); FileLocker cert_locker(filename); + +#if OPENSSL_VERSION_NUMBER > 0x10000000L + sk_OPENSSL_PSTRING_delete(db.get()->data, 0); +#else sk_delete(db.get()->data, 0); +#endif + subSize(filename); remove(filename.c_str()); @@ -466,12 +498,21 @@ bool Ssl::CertificateDb::deleteByHostname(std::string const & host) if (!db) return false; +#if OPENSSL_VERSION_NUMBER > 0x10000000L + for (int i = 0; i < sk_OPENSSL_PSTRING_num(db.get()->data); i++) { + const char ** current_row = ((const char **)sk_OPENSSL_PSTRING_value(db.get()->data, i)); +#else for (int i = 0; i < sk_num(db.get()->data); i++) { const char ** current_row = ((const char **)sk_value(db.get()->data, i)); +#endif if (host == current_row[cnlName]) { std::string filename(cert_full + "/" + current_row[cnlSerial] + ".pem"); FileLocker cert_locker(filename); +#if OPENSSL_VERSION_NUMBER > 0x10000000L + sk_OPENSSL_PSTRING_delete(db.get()->data, i); +#else sk_delete(db.get()->data, i); +#endif subSize(filename); remove(filename.c_str()); return true; diff --git a/src/ssl/certificate_db.h b/src/ssl/certificate_db.h index 9b10634105..e069c3b67e 100644 --- a/src/ssl/certificate_db.h +++ b/src/ssl/certificate_db.h @@ -10,6 +10,9 @@ #if HAVE_STRING #include #endif +#if HAVE_OPENSSL_OPENSSLV_H +#include +#endif namespace Ssl { @@ -110,10 +113,25 @@ private: /// Definitions required by openSSL, to use the index_* functions defined above ///with TXT_DB_create_index. +#if OPENSSL_VERSION_NUMBER > 0x10000000L + static unsigned long index_serial_LHASH_HASH(const void *a) { + return index_serial_hash((const char **)a); + } + static int index_serial_LHASH_COMP(const void *arg1, const void *arg2){ + return index_serial_cmp((const char **)arg1, (const char **)arg2); + } + static unsigned long index_name_LHASH_HASH(const void *a) { + return index_name_hash((const char **)a); + } + static int index_name_LHASH_COMP(const void *arg1, const void *arg2) { + return index_name_cmp((const char **)arg1, (const char **)arg2); + } +#else static IMPLEMENT_LHASH_HASH_FN(index_serial_hash,const char **) static IMPLEMENT_LHASH_COMP_FN(index_serial_cmp,const char **) static IMPLEMENT_LHASH_HASH_FN(index_name_hash,const char **) static IMPLEMENT_LHASH_COMP_FN(index_name_cmp,const char **) +#endif static const std::string serial_file; ///< Base name of the file to store serial number. static const std::string db_file; ///< Base name of the database index file.