BUILD: ssl: make the SSL layer build again with openssl 0.9.8

Commit 1866d6d ("MEDIUM: ssl: Add support for OpenSSL 1.1.0")
introduced support for openssl 1.1.0 and temporarily broke 0.9.8.
In the end the port was not very hard given that the only cause of
build failures were functions supposedly absent from 0.9.8 that in
fact did exist.

Thus, adding a new #if to move these functions for versions older
than 0.9.8 was enough to fix the trouble. It received very light
testing, basically only an SSL bridge decrypting and re-encrypting
traffic, and checking that everything looks right. That said, the
functions specific to 0.9.8 here compared to 1.0.x are only
SSL_SESSION_set1_id_context(), EVP_PKEY_base_id(), and
X509_PUBKEY_get0_param().

diff --git a/include/proto/openssl-compat.h b/include/proto/openssl-compat.h
index 17b491f36e1843be9c825a2afc3b0c5d75be588e..b137e7a1f231ae6e016b0aad202d9ae1fde88fd0 100644 (file)
--- a/include/proto/openssl-compat.h
+++ b/include/proto/openssl-compat.h
@@ -14,22 +14,8 @@
 #include <openssl/dh.h>
 #endif
 
-#if (OPENSSL_VERSION_NUMBER < 0x1000000fL)
-/*
- * Functions introduced in OpenSSL 1.0.1
- */
-static inline int SSL_SESSION_set1_id_context(SSL_SESSION *s, const unsigned char *sid_ctx, unsigned int sid_ctx_len)
-{
-       s->sid_ctx_length = sid_ctx_len;
-       memcpy(s->sid_ctx, sid_ctx, sid_ctx_len);
-       return 1;
-}
-
-static inline int EVP_PKEY_base_id(const EVP_PKEY *pkey)
-{
-       return EVP_PKEY_type(pkey->type);
-}
-
+#if (OPENSSL_VERSION_NUMBER < 0x0090800fL)
+/* Functions present in OpenSSL 0.9.8, older not tested */
 static inline const unsigned char *SSL_SESSION_get_id(const SSL_SESSION *sess, unsigned int *sid_length)
 {
        *sid_length = sess->session_id_length;
@@ -61,15 +47,37 @@ static inline int X509_NAME_entry_count(X509_NAME *name)
        return sk_X509_NAME_ENTRY_num(name->entries)
 }
 
-int X509_PUBKEY_get0_param(ASN1_OBJECT **ppkalg, const unsigned char **pk, int *ppklen, X509_ALGOR **pa, X509_PUBKEY *pub)
+static inline void X509_ALGOR_get0(ASN1_OBJECT **paobj, int *pptype, const void **ppval, const X509_ALGOR *algor)
 {
-       *ppkalg = pub->algor->algorithm;
+       *paobj = algor->algorithm;
+}
+
+#endif // OpenSSL < 0.9.8
+
+
+#if (OPENSSL_VERSION_NUMBER < 0x1000000fL)
+/*
+ * Functions introduced in OpenSSL 1.0.1
+ */
+static inline int SSL_SESSION_set1_id_context(SSL_SESSION *s, const unsigned char *sid_ctx, unsigned int sid_ctx_len)
+{
+       s->sid_ctx_length = sid_ctx_len;
+       memcpy(s->sid_ctx, sid_ctx, sid_ctx_len);
        return 1;
 }
 
-static inline void X509_ALGOR_get0(ASN1_OBJECT **paobj, int *pptype, const void **ppval, const X509_ALGOR *algor)
+static inline int EVP_PKEY_base_id(const EVP_PKEY *pkey)
 {
-       *paobj = algor->algorithm;
+       return EVP_PKEY_type(pkey->type);
+}
+
+/* minimal implementation based on the fact that the only known call place
+ * doesn't make use of other arguments.
+ */
+static inline int X509_PUBKEY_get0_param(ASN1_OBJECT **ppkalg, const unsigned char **pk, int *ppklen, X509_ALGOR **pa, X509_PUBKEY *pub)
+{
+       *ppkalg = pub->algor->algorithm;
+       return 1;
 }
 
 #ifndef X509_get_X509_PUBKEY