From: Graham Leggett Date: Sun, 27 Sep 2009 11:59:10 +0000 (+0000) Subject: ab, mod_ssl: restore compatibility with OpenSSL < 0.9.7g which we broke X-Git-Tag: 2.2.15~220 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=8d13b99031f6d07e32e7a779044ac3cb8c9fbf7d;p=thirdparty%2Fapache%2Fhttpd.git ab, mod_ssl: restore compatibility with OpenSSL < 0.9.7g which we broke with r801527 (backport r819242, r819245). Reported on the list by Jie Gao. [Guenter Knauf] git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@819289 13f79535-47bb-0310-9956-ffa450edef68 --- diff --git a/CHANGES b/CHANGES index bac84a4961e..34b8f35d707 100644 --- a/CHANGES +++ b/CHANGES @@ -1,6 +1,9 @@  -*- coding: utf-8 -*- Changes with Apache 2.2.15 + *) ab, mod_ssl: restore compatibility with OpenSSL < 0.9.7g which we broke + with r801527 (backport r819242, r819245). Reported on the list by Jie + Gao. [Guenter Knauf] Changes with Apache 2.2.14 diff --git a/STATUS b/STATUS index 76eb883b2d7..2b6b4c538f1 100644 --- a/STATUS +++ b/STATUS @@ -87,11 +87,6 @@ RELEASE SHOWSTOPPERS: PATCHES ACCEPTED TO BACKPORT FROM TRUNK: [ start all new proposals below, under PATCHES PROPOSED. ] - * ab, mod_ssl: restore compatibility with OpenSSL < 0.9.7g which we broke - with r801527 (backport r819242, r819245). Reported on the list by Jie Gao. - 2.2.x Patch: http://people.apache.org/~fuankg/diffs/openssl-0.9.7g-compat-2.2.x.diff - +1: fuankg, rpluem, minfrin - PATCHES PROPOSED TO BACKPORT FROM TRUNK: [ New proposals should be added at the end of the list ] diff --git a/modules/ssl/ssl_engine_vars.c b/modules/ssl/ssl_engine_vars.c index ab99af9efb9..eb136077a12 100644 --- a/modules/ssl/ssl_engine_vars.c +++ b/modules/ssl/ssl_engine_vars.c @@ -626,7 +626,7 @@ static char *ssl_var_lookup_ssl_cipher(apr_pool_t *p, conn_rec *c, char *var) ssl_var_lookup_ssl_cipher_bits(ssl, &usekeysize, &algkeysize); if (ssl && strEQ(var, "")) { - const SSL_CIPHER *cipher = SSL_get_current_cipher(ssl); + MODSSL_SSL_CIPHER_CONST SSL_CIPHER *cipher = SSL_get_current_cipher(ssl); result = (cipher != NULL ? (char *)SSL_CIPHER_get_name(cipher) : NULL); } else if (strcEQ(var, "_EXPORT")) @@ -647,7 +647,7 @@ static char *ssl_var_lookup_ssl_cipher(apr_pool_t *p, conn_rec *c, char *var) static void ssl_var_lookup_ssl_cipher_bits(SSL *ssl, int *usekeysize, int *algkeysize) { - const SSL_CIPHER *cipher; + MODSSL_SSL_CIPHER_CONST SSL_CIPHER *cipher; *usekeysize = 0; *algkeysize = 0; diff --git a/modules/ssl/ssl_toolkit_compat.h b/modules/ssl/ssl_toolkit_compat.h index 06a22669b13..a841eccda7b 100644 --- a/modules/ssl/ssl_toolkit_compat.h +++ b/modules/ssl/ssl_toolkit_compat.h @@ -93,8 +93,10 @@ /** ...shifting sands of openssl... */ #if (OPENSSL_VERSION_NUMBER >= 0x0090707f) # define MODSSL_D2I_SSL_SESSION_CONST const +# define MODSSL_SSL_CIPHER_CONST const #else # define MODSSL_D2I_SSL_SESSION_CONST +# define MODSSL_SSL_CIPHER_CONST #endif #if (OPENSSL_VERSION_NUMBER >= 0x00908000) diff --git a/support/ab.c b/support/ab.c index 4f7d290173d..8a12087972a 100644 --- a/support/ab.c +++ b/support/ab.c @@ -189,11 +189,18 @@ typedef STACK_OF(X509) X509_STACK_TYPE; #endif -#if defined(USE_SSL) && (OPENSSL_VERSION_NUMBER >= 0x00909000) +#if defined(USE_SSL) +#if (OPENSSL_VERSION_NUMBER >= 0x00909000) #define AB_SSL_METHOD_CONST const #else #define AB_SSL_METHOD_CONST #endif +#if (OPENSSL_VERSION_NUMBER >= 0x0090707f) +#define AB_SSL_CIPHER_CONST const +#else +#define AB_SSL_CIPHER_CONST +#endif +#endif #include #if APR_HAVE_CTYPE_H @@ -486,7 +493,7 @@ static void ssl_rand_seed(void) static int ssl_print_connection_info(BIO *bio, SSL *ssl) { - const SSL_CIPHER *c; + AB_SSL_CIPHER_CONST SSL_CIPHER *c; int alg_bits,bits; c = SSL_get_current_cipher(ssl); @@ -572,7 +579,7 @@ static void ssl_proceed_handshake(struct connection *c) if (verbosity >= 2) ssl_print_info(c); if (ssl_info == NULL) { - const SSL_CIPHER *ci; + AB_SSL_CIPHER_CONST SSL_CIPHER *ci; X509 *cert; int sk_bits, pk_bits, swork;