ssl_die();
}
- SSL_CTX_set_client_CA_list(ctx, (STACK *)ca_list);
+ SSL_CTX_set_client_CA_list(ctx, ca_list);
}
/*
* should take place. This cannot work.
*/
if (mctx->auth.verify_mode == SSL_CVERIFY_REQUIRE) {
- ca_list = (STACK_OF(X509_NAME) *)SSL_CTX_get_client_CA_list(ctx);
+ ca_list = SSL_CTX_get_client_CA_list(ctx);
if (sk_X509_NAME_num(ca_list) == 0) {
ap_log_error(APLOG_MARK, APLOG_WARNING, 0, s,
return(X509_NAME_cmp((void*)*a, (void*)*b));
}
#else
-static int ssl_init_FindCAList_X509NameCmp(X509_NAME **a, X509_NAME **b)
+static int ssl_init_FindCAList_X509NameCmp(const X509_NAME * const *a,
+ const X509_NAME * const *b)
{
return(X509_NAME_cmp(*a, *b));
}
X509_STORE *cert_store = NULL;
X509_STORE_CTX cert_store_ctx;
STACK_OF(SSL_CIPHER) *cipher_list_old = NULL, *cipher_list = NULL;
- SSL_CIPHER *cipher = NULL;
+ const SSL_CIPHER *cipher = NULL;
int depth, verify_old, verify, n;
if (ssl) {
* sk_X509_shift-ed the peer cert out of the chain.
* we put it back here for the purpose of quick_renegotiation.
*/
- cert_stack = sk_new_null();
+ cert_stack = sk_X509_new_null();
sk_X509_push(cert_stack, MODSSL_PCHAR_CAST cert);
}
ssl_var_lookup_ssl_cipher_bits(ssl, &usekeysize, &algkeysize);
if (ssl && strEQ(var, "")) {
- SSL_CIPHER *cipher = SSL_get_current_cipher(ssl);
+ const SSL_CIPHER *cipher = SSL_get_current_cipher(ssl);
result = (cipher != NULL ? (char *)SSL_CIPHER_get_name(cipher) : NULL);
}
else if (strcEQ(var, "_EXPORT"))
static void ssl_var_lookup_ssl_cipher_bits(SSL *ssl, int *usekeysize, int *algkeysize)
{
- SSL_CIPHER *cipher;
+ const SSL_CIPHER *cipher;
*usekeysize = 0;
*algkeysize = 0;
#ifdef HAVE_SSL_X509V3_EXT_d2i
X509_EXTENSION *ext;
int ext_nid;
- STACK *sk;
+ EXTENDED_KEY_USAGE *sk;
BOOL is_sgc;
int idx;
int i;
idx = X509_get_ext_by_NID(cert, NID_ext_key_usage, -1);
if (idx >= 0) {
ext = X509_get_ext(cert, idx);
- if ((sk = (STACK *)X509V3_EXT_d2i(ext)) != NULL) {
- for (i = 0; i < sk_num(sk); i++) {
- ext_nid = OBJ_obj2nid((ASN1_OBJECT *)sk_value(sk, i));
+ if ((sk = (EXTENDED_KEY_USAGE *)X509V3_EXT_d2i(ext)) != NULL) {
+ for (i = 0; i < sk_ASN1_OBJECT_num(sk); i++) {
+ ext_nid = OBJ_obj2nid((ASN1_OBJECT *)sk_ASN1_OBJECT_value(sk, i));
if (ext_nid == NID_ms_sgc || ext_nid == NID_ns_sgc) {
is_sgc = TRUE;
break;
X509 *x509;
unsigned long err;
int n;
- STACK *extra_certs;
+ STACK_OF(X509) *extra_certs;
if ((bio = BIO_new(BIO_s_file_internal())) == NULL)
return -1;
#endif
+#if defined(USE_SSL) && (OPENSSL_VERSION_NUMBER >= 0x00909000)
+#define AB_SSL_METHOD_CONST const
+#else
+#define AB_SSL_METHOD_CONST
+#endif
+
#include <math.h>
#if APR_HAVE_CTYPE_H
#include <ctype.h>
static int ssl_print_connection_info(BIO *bio, SSL *ssl)
{
- SSL_CIPHER *c;
+ const SSL_CIPHER *c;
int alg_bits,bits;
c = SSL_get_current_cipher(ssl);
if (verbosity >= 2)
ssl_print_info(c);
if (ssl_info == NULL) {
- SSL_CIPHER *ci;
+ const SSL_CIPHER *ci;
X509 *cert;
int sk_bits, pk_bits, swork;
const char *optarg;
char c;
#ifdef USE_SSL
- SSL_METHOD *meth = SSLv23_client_method();
+ AB_SSL_METHOD_CONST SSL_METHOD *meth = SSLv23_client_method();
#endif
/* table defaults */
projects / thirdparty / apache / httpd.git / commitdiff
