Attachment #150943 for bug #196256

Lines 454-460 Link Here

(-)acinclude.m4 (-1 / +1 lines)
454	if test "$ap_ssltk_type" = "openssl"; then	454	if test "$ap_ssltk_type" = "openssl"; then
455	AC_CHECK_HEADERS([openssl/engine.h])	455	AC_CHECK_HEADERS([openssl/engine.h])
456	AC_CHECK_FUNCS([SSLeay_version SSL_CTX_new], [], [liberrors="yes"])	456	AC_CHECK_FUNCS([SSLeay_version SSL_CTX_new], [], [liberrors="yes"])
457	AC_CHECK_FUNCS([ENGINE_init ENGINE_load_builtin_engines])	457	AC_CHECK_FUNCS([ENGINE_init ENGINE_load_builtin_engines SSL_CTX_use_certificate_chain RAND_egd])
458	else	458	else
459	AC_CHECK_FUNCS([SSLC_library_version SSL_CTX_new], [], [liberrors="yes"])	459	AC_CHECK_FUNCS([SSLC_library_version SSL_CTX_new], [], [liberrors="yes"])
460	AC_CHECK_FUNCS(SSL_set_state)	460	AC_CHECK_FUNCS(SSL_set_state)

Lines 13841-13847 Link Here

(-)configure (-1 / +1 lines)
13841	fi	13841	fi
13842	done	13842	done
13843		13843
13844	for ac_func in ENGINE_init ENGINE_load_builtin_engines	13844	for ac_func in ENGINE_init ENGINE_load_builtin_engines SSL_CTX_use_certificate_chain RAND_egd
13845	do :	13845	do :
13846	as_ac_var=`$as_echo "ac_cv_func_$ac_func" \| $as_tr_sh`	13846	as_ac_var=`$as_echo "ac_cv_func_$ac_func" \| $as_tr_sh`
13847	ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var"	13847	ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var"

Lines 109-114 Link Here

(-)include/ap_config_auto.h.in (+6 lines)
109	/* Define to 1 if you have the <pwd.h> header file. */	109	/* Define to 1 if you have the <pwd.h> header file. */
110	#undef HAVE_PWD_H	110	#undef HAVE_PWD_H
111		111
		112	/* Define to 1 if you have the `RAND_egd' function. */
		113	#undef HAVE_RAND_EGD
		114
112	/* Define to 1 if you have the `setsid' function. */	115	/* Define to 1 if you have the `setsid' function. */
113	#undef HAVE_SETSID	116	#undef HAVE_SETSID
114		117
Lines 127-132 Link Here
127	/* Define to 1 if you have the `SSL_CTX_new' function. */	130	/* Define to 1 if you have the `SSL_CTX_new' function. */
128	#undef HAVE_SSL_CTX_NEW	131	#undef HAVE_SSL_CTX_NEW
129		132
		133	/* Define to 1 if you have the `SSL_CTX_use_certificate_chain' function. */
		134	#undef HAVE_SSL_CTX_USE_CERTIFICATE_CHAIN
		135
130	/* Define to 1 if you have the `SSL_set_cert_store' function. */	136	/* Define to 1 if you have the `SSL_set_cert_store' function. */
131	#undef HAVE_SSL_SET_CERT_STORE	137	#undef HAVE_SSL_SET_CERT_STORE
132		138

Lines 406-414 Link Here

(-)modules/ssl/ssl_engine_init.c (+9 lines)
406	ssl_die();	406	ssl_die();
407	}	407	}
408		408
		409	#ifdef ENGINE_CTRL_CHIL_SET_FORKCHECK
409	if (strEQ(mc->szCryptoDevice, "chil")) {	410	if (strEQ(mc->szCryptoDevice, "chil")) {
410	ENGINE_ctrl(e, ENGINE_CTRL_CHIL_SET_FORKCHECK, 1, 0, 0);	411	ENGINE_ctrl(e, ENGINE_CTRL_CHIL_SET_FORKCHECK, 1, 0, 0);
411	}	412	}
		413	#endif
412		414
413	if (!ENGINE_set_default(e, ENGINE_METHOD_ALL)) {	415	if (!ENGINE_set_default(e, ENGINE_METHOD_ALL)) {
414	ap_log_error(APLOG_MARK, APLOG_ERR, 0, s,	416	ap_log_error(APLOG_MARK, APLOG_ERR, 0, s,
Lines 583-588 Link Here
583	}	585	}
584	#endif	586	#endif
		587	#ifdef SSL_NO_COMP
		588	#define OPENSSL_NO_COMP
		589	#endif
585	#ifndef OPENSSL_NO_COMP	590	#ifndef OPENSSL_NO_COMP
586	if (sc->compression != TRUE) {	591	if (sc->compression != TRUE) {
Lines 831-837 Link Here
831	}	833	}
832	}	834	}
833		835
		836	#ifndef HAVE_SSL_CTX_USE_CERTIFICATE_CHAIN
834	n = SSL_CTX_use_certificate_chain(mctx->ssl_ctx,	837	n = SSL_CTX_use_certificate_chain(mctx->ssl_ctx,
		838	#else
		839	n = _SSL_CTX_use_certificate_chain(mctx->ssl_ctx,
		840	#endif
835	(char *)chain,	841	(char *)chain,
836	skip_first, NULL);	842	skip_first, NULL);
837	if (n < 0) {	843	if (n < 0) {

Lines 89-95 Link Here

(-)modules/ssl/ssl_util_ssl.h (+4 lines)
89	BOOL SSL_X509_getCN(apr_pool_t , X509 , char **);	89	BOOL SSL_X509_getCN(apr_pool_t , X509 , char **);
90	BOOL SSL_X509_INFO_load_file(apr_pool_t , STACK_OF(X509_INFO) , const char *);	90	BOOL SSL_X509_INFO_load_file(apr_pool_t , STACK_OF(X509_INFO) , const char *);
91	BOOL SSL_X509_INFO_load_path(apr_pool_t , STACK_OF(X509_INFO) , const char *);	91	BOOL SSL_X509_INFO_load_path(apr_pool_t , STACK_OF(X509_INFO) , const char *);
		92	#ifndef HAVE_SSL_CTX_USE_CERTIFICATE_CHAIN
92	int SSL_CTX_use_certificate_chain(SSL_CTX , char , int, modssl_read_bio_cb_fn *);	93	int SSL_CTX_use_certificate_chain(SSL_CTX , char , int, modssl_read_bio_cb_fn *);
		94	#else
		95	int _SSL_CTX_use_certificate_chain(SSL_CTX , char , int, pem_password_cb *);
		96	#endif
93	char SSL_SESSION_id2sz(unsigned char , int, char *, int);	97	char SSL_SESSION_id2sz(unsigned char , int, char *, int);
94		98
95	/** util functions for OpenSSL+sslc compat */	99	/** util functions for OpenSSL+sslc compat */

Lines 492-498 Link Here

(-)modules/ssl/ssl_util_ssl.c (+4 lines)
492	* format, possibly followed by a sequence of CA certificates that	492	* format, possibly followed by a sequence of CA certificates that
493	* should be sent to the peer in the SSL Certificate message.	493	* should be sent to the peer in the SSL Certificate message.
494	*/	494	*/
		495	#ifndef HAVE_SSL_CTX_USE_CERTIFICATE_CHAIN
495	int SSL_CTX_use_certificate_chain(	496	int SSL_CTX_use_certificate_chain(
		497	#else
		498	int _SSL_CTX_use_certificate_chain(
		499	#endif
496	SSL_CTX ctx, char file, int skipfirst, modssl_read_bio_cb_fn *cb)	500	SSL_CTX ctx, char file, int skipfirst, modssl_read_bio_cb_fn *cb)
497	{	501	{
498	BIO *bio;	502	BIO *bio;

Lines 143-149 Link Here

(-)modules/ssl/ssl_toolkit_compat.h (+2 lines)
143	#define X509_reference_inc(cert) \	143	#define X509_reference_inc(cert) \
144	CRYPTO_add(&((cert)->references), +1, CRYPTO_LOCK_X509)	144	CRYPTO_add(&((cert)->references), +1, CRYPTO_LOCK_X509)
145		145
		146	#ifdef HAVE_RAND_EGD
146	#define HAVE_SSL_RAND_EGD /* since 9.5.1 */	147	#define HAVE_SSL_RAND_EGD /* since 9.5.1 */
		148	#endif
147		149
148	#define HAVE_SSL_X509V3_EXT_d2i	150	#define HAVE_SSL_X509V3_EXT_d2i

Lines 834-840 Link Here

(-)modules/ssl/ssl_engine_vars.c 2014-12-24 13:13:40.645111263 +0100 (-1 / +5 lines)
834	#ifdef OPENSSL_VERSION_NUMBER	834	#ifdef OPENSSL_VERSION_NUMBER
835	#if (OPENSSL_VERSION_NUMBER >= 0x00908000)	835	#if (OPENSSL_VERSION_NUMBER >= 0x00908000)
836	SSL_SESSION *pSession = SSL_get_session(ssl);	836	SSL_SESSION *pSession = SSL_get_session(ssl);
837		837	#ifndef SSL_NO_COMP
838	if (pSession) {	838	if (pSession) {
839	switch (pSession->compress_meth) {	839	switch (pSession->compress_meth) {
840	case 0:	840	case 0:
Lines 856-861 Link Here
856	break;	856	break;
857	}	857	}
858	}	858	}
		859	#else
		860	/* default "NULL" already set */
		861	break;
		862	#endif /* SSL_NO_COMP */
859	#endif	863	#endif
860	#endif	864	#endif
861	return result;	865	return result;
862		866

Return to bug 196256