From: Sander Temme Date: Fri, 27 Feb 2009 05:16:18 +0000 (+0000) Subject: The development trunk of OpenSSL has tightened up the type safety of the STACK construct X-Git-Tag: 2.3.2~42 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=e171af311800e87045a390441cbdebd22e3e29f1;p=thirdparty%2Fapache%2Fhttpd.git The development trunk of OpenSSL has tightened up the type safety of the STACK construct and the functions that manipulate it. Make httpd trunk compile against OpenSSL HEAD as well as OpenSSL 0.9.8j. Also, get rid of some warnings. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@748396 13f79535-47bb-0310-9956-ffa450edef68 --- diff --git a/modules/ssl/ssl_engine_init.c b/modules/ssl/ssl_engine_init.c index 7c58e365f1c..d2c60915d81 100644 --- a/modules/ssl/ssl_engine_init.c +++ b/modules/ssl/ssl_engine_init.c @@ -576,7 +576,7 @@ static void ssl_init_ctx_verify(server_rec *s, ssl_die(); } - SSL_CTX_set_client_CA_list(ctx, (STACK *)ca_list); + SSL_CTX_set_client_CA_list(ctx, (STACK_OF(X509_NAME) *)ca_list); } /* diff --git a/modules/ssl/ssl_engine_kernel.c b/modules/ssl/ssl_engine_kernel.c index 229fc27d3ff..ab5fb0db4e3 100644 --- a/modules/ssl/ssl_engine_kernel.c +++ b/modules/ssl/ssl_engine_kernel.c @@ -250,7 +250,7 @@ int ssl_hook_Access(request_rec *r) X509_STORE *cert_store = NULL; X509_STORE_CTX cert_store_ctx; STACK_OF(SSL_CIPHER) *cipher_list_old = NULL, *cipher_list = NULL; - SSL_CIPHER *cipher = NULL; + const SSL_CIPHER *cipher = NULL; int depth, verify_old, verify, n; if (ssl) { @@ -657,7 +657,7 @@ int ssl_hook_Access(request_rec *r) * sk_X509_shift-ed the peer cert out of the chain. * we put it back here for the purpose of quick_renegotiation. */ - cert_stack = sk_new_null(); + cert_stack = sk_X509_new_null(); sk_X509_push(cert_stack, MODSSL_PCHAR_CAST cert); } diff --git a/modules/ssl/ssl_engine_vars.c b/modules/ssl/ssl_engine_vars.c index 27fac9fdd59..8d641472271 100644 --- a/modules/ssl/ssl_engine_vars.c +++ b/modules/ssl/ssl_engine_vars.c @@ -632,7 +632,7 @@ static char *ssl_var_lookup_ssl_cipher(apr_pool_t *p, conn_rec *c, char *var) ssl_var_lookup_ssl_cipher_bits(ssl, &usekeysize, &algkeysize); if (ssl && strEQ(var, "")) { - SSL_CIPHER *cipher = SSL_get_current_cipher(ssl); + const SSL_CIPHER *cipher = SSL_get_current_cipher(ssl); result = (cipher != NULL ? (char *)SSL_CIPHER_get_name(cipher) : NULL); } else if (strcEQ(var, "_EXPORT")) @@ -653,7 +653,7 @@ static char *ssl_var_lookup_ssl_cipher(apr_pool_t *p, conn_rec *c, char *var) static void ssl_var_lookup_ssl_cipher_bits(SSL *ssl, int *usekeysize, int *algkeysize) { - SSL_CIPHER *cipher; + const SSL_CIPHER *cipher; *usekeysize = 0; *algkeysize = 0; diff --git a/modules/ssl/ssl_util_ssl.c b/modules/ssl/ssl_util_ssl.c index 1b5df13b33d..a06b65047a1 100644 --- a/modules/ssl/ssl_util_ssl.c +++ b/modules/ssl/ssl_util_ssl.c @@ -294,7 +294,7 @@ BOOL SSL_X509_isSGC(X509 *cert) #ifdef HAVE_SSL_X509V3_EXT_d2i X509_EXTENSION *ext; int ext_nid; - STACK *sk; + EXTENDED_KEY_USAGE *sk; BOOL is_sgc; int idx; int i; @@ -303,9 +303,9 @@ BOOL SSL_X509_isSGC(X509 *cert) idx = X509_get_ext_by_NID(cert, NID_ext_key_usage, -1); if (idx >= 0) { ext = X509_get_ext(cert, idx); - if ((sk = (STACK *)X509V3_EXT_d2i(ext)) != NULL) { - for (i = 0; i < sk_num(sk); i++) { - ext_nid = OBJ_obj2nid((ASN1_OBJECT *)sk_value(sk, i)); + if ((sk = (EXTENDED_KEY_USAGE *)X509V3_EXT_d2i(ext)) != NULL) { + for (i = 0; i < sk_ASN1_OBJECT_num(sk); i++) { + ext_nid = OBJ_obj2nid((ASN1_OBJECT *)sk_ASN1_OBJECT_value(sk, i)); if (ext_nid == NID_ms_sgc || ext_nid == NID_ns_sgc) { is_sgc = TRUE; break; @@ -467,7 +467,7 @@ int SSL_CTX_use_certificate_chain( X509 *x509; unsigned long err; int n; - STACK *extra_certs; + STACK_OF(X509) *extra_certs; if ((bio = BIO_new(BIO_s_file_internal())) == NULL) return -1; diff --git a/support/ab.c b/support/ab.c index 4a35903228f..94e8772479b 100644 --- a/support/ab.c +++ b/support/ab.c @@ -480,7 +480,7 @@ static void ssl_rand_seed(void) static int ssl_print_connection_info(BIO *bio, SSL *ssl) { - SSL_CIPHER *c; + const SSL_CIPHER *c; int alg_bits,bits; c = SSL_get_current_cipher(ssl); @@ -566,7 +566,7 @@ static void ssl_proceed_handshake(struct connection *c) if (verbosity >= 2) ssl_print_info(c); if (ssl_info == NULL) { - SSL_CIPHER *ci; + const SSL_CIPHER *ci; X509 *cert; int sk_bits, pk_bits, swork; @@ -1979,7 +1979,7 @@ int main(int argc, const char * const argv[]) const char *optarg; char c; #ifdef USE_SSL - SSL_METHOD *meth = SSLv23_client_method(); + const SSL_METHOD *meth = SSLv23_client_method(); #endif /* table defaults */