From: Christos Tsantilas Date: Tue, 2 Aug 2011 09:39:49 +0000 (-0600) Subject: Bug 3232: fails to compile with OpenSSL v1.0.0 X-Git-Tag: SQUID_3_1_15~27 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=5e203b30d93b866e54186ed89922667de807cbb8;p=thirdparty%2Fsquid.git Bug 3232: fails to compile with OpenSSL v1.0.0 --- diff --git a/configure.ac b/configure.ac index d24c092edd..a6a465cfb7 100644 --- a/configure.ac +++ b/configure.ac @@ -2310,6 +2310,7 @@ AC_CHECK_HEADERS( \ netinet/ip_fil_compat.h \ openssl/err.h \ openssl/md5.h \ + openssl/opensslv.h \ openssl/ssl.h \ openssl/txt_db.h \ openssl/x509v3.h \ diff --git a/src/ssl/certificate_db.cc b/src/ssl/certificate_db.cc index 3f0478117a..582a1f6eab 100644 --- a/src/ssl/certificate_db.cc +++ b/src/ssl/certificate_db.cc @@ -394,14 +394,22 @@ void Ssl::CertificateDb::load() corrupt = true; // Create indexes in db. +#if OPENSSL_VERSION_NUMBER > 0x10000000L + if (!corrupt && !TXT_DB_create_index(temp_db.get(), cnlSerial, NULL, LHASH_HASH_FN(index_serial), LHASH_COMP_FN(index_serial))) + corrupt = true; + + if (!corrupt && !TXT_DB_create_index(temp_db.get(), cnlName, NULL, LHASH_HASH_FN(index_name), LHASH_COMP_FN(index_name))) + corrupt = true; +#else if (!corrupt && !TXT_DB_create_index(temp_db.get(), cnlSerial, NULL, LHASH_HASH_FN(index_serial_hash), LHASH_COMP_FN(index_serial_cmp))) corrupt = true; if (!corrupt && !TXT_DB_create_index(temp_db.get(), cnlName, NULL, LHASH_HASH_FN(index_name_hash), LHASH_COMP_FN(index_name_cmp))) corrupt = true; +#endif if (corrupt) - throw std::runtime_error("The SSL certificate database " + db_path + " is curruted. Please rebuild"); + throw std::runtime_error("The SSL certificate database " + db_path + " is corrupted. Please rebuild"); db.reset(temp_db.release()); } @@ -426,13 +434,22 @@ bool Ssl::CertificateDb::deleteInvalidCertificate() return false; bool removed_one = false; +#if OPENSSL_VERSION_NUMBER > 0x10000000L + for (int i = 0; i < sk_OPENSSL_PSTRING_num(db.get()->data); i++) { + const char ** current_row = ((const char **)sk_OPENSSL_PSTRING_value(db.get()->data, i)); +#else for (int i = 0; i < sk_num(db.get()->data); i++) { const char ** current_row = ((const char **)sk_value(db.get()->data, i)); +#endif if (!sslDateIsInTheFuture(current_row[cnlExp_date])) { std::string filename(cert_full + "/" + current_row[cnlSerial] + ".pem"); FileLocker cert_locker(filename); +#if OPENSSL_VERSION_NUMBER > 0x10000000L + sk_OPENSSL_PSTRING_delete(db.get()->data, i); +#else sk_delete(db.get()->data, i); +#endif subSize(filename); remove(filename.c_str()); removed_one = true; @@ -450,12 +467,27 @@ bool Ssl::CertificateDb::deleteOldestCertificate() if (!db) return false; +#if OPENSSL_VERSION_NUMBER > 0x10000000L + if (sk_OPENSSL_PSTRING_num(db.get()->data) == 0) +#else if (sk_num(db.get()->data) == 0) +#endif return false; - std::string filename(cert_full + "/" + ((const char **)sk_value(db.get()->data, 0))[cnlSerial] + ".pem"); +#if OPENSSL_VERSION_NUMBER > 0x10000000L + const char **row = (const char **)sk_OPENSSL_PSTRING_value(db.get()->data, 0); +#else + const char **row = (const char **)sk_value(db.get()->data, 0); +#endif + std::string filename(cert_full + "/" + row[cnlSerial] + ".pem"); FileLocker cert_locker(filename); + +#if OPENSSL_VERSION_NUMBER > 0x10000000L + sk_OPENSSL_PSTRING_delete(db.get()->data, 0); +#else sk_delete(db.get()->data, 0); +#endif + subSize(filename); remove(filename.c_str()); @@ -467,12 +499,21 @@ bool Ssl::CertificateDb::deleteByHostname(std::string const & host) if (!db) return false; +#if OPENSSL_VERSION_NUMBER > 0x10000000L + for (int i = 0; i < sk_OPENSSL_PSTRING_num(db.get()->data); i++) { + const char ** current_row = ((const char **)sk_OPENSSL_PSTRING_value(db.get()->data, i)); +#else for (int i = 0; i < sk_num(db.get()->data); i++) { const char ** current_row = ((const char **)sk_value(db.get()->data, i)); +#endif if (host == current_row[cnlName]) { std::string filename(cert_full + "/" + current_row[cnlSerial] + ".pem"); FileLocker cert_locker(filename); +#if OPENSSL_VERSION_NUMBER > 0x10000000L + sk_OPENSSL_PSTRING_delete(db.get()->data, i); +#else sk_delete(db.get()->data, i); +#endif subSize(filename); remove(filename.c_str()); return true; diff --git a/src/ssl/certificate_db.h b/src/ssl/certificate_db.h index f1cd252f13..94751c0a1a 100644 --- a/src/ssl/certificate_db.h +++ b/src/ssl/certificate_db.h @@ -10,6 +10,9 @@ #if HAVE_STRING #include #endif +#if HAVE_OPENSSL_OPENSSLV_H +#include +#endif namespace Ssl { @@ -110,10 +113,25 @@ private: /// Definitions required by openSSL, to use the index_* functions defined above ///with TXT_DB_create_index. +#if OPENSSL_VERSION_NUMBER > 0x10000000L + static unsigned long index_serial_LHASH_HASH(const void *a) { + return index_serial_hash((const char **)a); + } + static int index_serial_LHASH_COMP(const void *arg1, const void *arg2) { + return index_serial_cmp((const char **)arg1, (const char **)arg2); + } + static unsigned long index_name_LHASH_HASH(const void *a) { + return index_name_hash((const char **)a); + } + static int index_name_LHASH_COMP(const void *arg1, const void *arg2) { + return index_name_cmp((const char **)arg1, (const char **)arg2); + } +#else static IMPLEMENT_LHASH_HASH_FN(index_serial_hash,const char **) static IMPLEMENT_LHASH_COMP_FN(index_serial_cmp,const char **) static IMPLEMENT_LHASH_HASH_FN(index_name_hash,const char **) static IMPLEMENT_LHASH_COMP_FN(index_name_cmp,const char **) +#endif static const std::string serial_file; ///< Base name of the file to store serial number. static const std::string db_file; ///< Base name of the database index file.