Attachment #182587 for bug #219272

View | Details | Raw Unified | Return to bug 219272
Collapse All | Expand All




rc/ssl_sock.c.orig	2017-05-12 15:18:50 UTC
+++ src/ssl_sock.c
@@ -768,7 +768,7 @@ static int ssl_sock_load_ocsp(SSL_CTX *c
 	unsigned char *p;
 	pem_password_cb *passwd_cb;
 	void *passwd_cb_userdata;
-	void (*callback) (void);
+	void (*callback) (void) = NULL;
 
 	snprintf(ocsp_path, MAXPATHLEN+1, "%s.ocsp", cert_path);
 
@@ -842,10 +842,14 @@ static int ssl_sock_load_ocsp(SSL_CTX *c
 		ocsp = NULL;
 
 #ifndef SSL_CTX_get_tlsext_status_cb
-# define SSL_CTX_get_tlsext_status_cb(ctx, cb) \
-	*cb = (void (*) (void))ctx->tlsext_status_cb;
+#ifndef SSL_CTRL_GET_TLSEXT_STATUS_REQ_CB
+#define SSL_CTRL_GET_TLSEXT_STATUS_REQ_CB 128
 #endif
+	long temp_callback = SSL_CTX_ctrl(ctx, SSL_CTRL_GET_TLSEXT_STATUS_REQ_CB, 0, callback);
+	callback = (void*) &temp_callback;
+#else
 	SSL_CTX_get_tlsext_status_cb(ctx, &callback);
+#endif
 
 	if (!callback) {
 		struct ocsp_cbk_arg *cb_arg = calloc(1, sizeof(*cb_arg));
@@ -871,7 +875,10 @@ static int ssl_sock_load_ocsp(SSL_CTX *c
 		int key_type;
 		EVP_PKEY *pkey;
 
-#ifdef SSL_CTX_get_tlsext_status_arg
+#if defined(SSL_CTX_get_tlsext_status_arg) || (LIBRESSL_VERSION_NUMBER >= 0x2050100fL)
+#ifndef SSL_CTRL_GET_TLSEXT_STATUS_REQ_CB_ARG
+#define SSL_CTRL_GET_TLSEXT_STATUS_REQ_CB_ARG 129
+#endif
 		SSL_CTX_ctrl(ctx, SSL_CTRL_GET_TLSEXT_STATUS_REQ_CB_ARG, 0, &cb_arg);
 #else
 		cb_arg = ctx->tlsext_status_arg;

Return to bug 219272

Line 0 Link Here

(-)net/haproxy-devel/files/patch-src_ssl__sock.c (+40 lines)
	1	rc/ssl_sock.c.orig 2017-05-12 15:18:50 UTC
	2	+++ src/ssl_sock.c
	3	@@ -768,7 +768,7 @@ static int ssl_sock_load_ocsp(SSL_CTX *c
	4	unsigned char *p;
	5	pem_password_cb *passwd_cb;
	6	void *passwd_cb_userdata;
	7	- void (*callback) (void);
	8	+ void (*callback) (void) = NULL;
	9
	10	snprintf(ocsp_path, MAXPATHLEN+1, "%s.ocsp", cert_path);
	11
	12	@@ -842,10 +842,14 @@ static int ssl_sock_load_ocsp(SSL_CTX *c
	13	ocsp = NULL;
	14
	15	#ifndef SSL_CTX_get_tlsext_status_cb
	16	-# define SSL_CTX_get_tlsext_status_cb(ctx, cb) \
	17	- cb = (void () (void))ctx->tlsext_status_cb;
	18	+#ifndef SSL_CTRL_GET_TLSEXT_STATUS_REQ_CB
	19	+#define SSL_CTRL_GET_TLSEXT_STATUS_REQ_CB 128
	20	#endif
	21	+ long temp_callback = SSL_CTX_ctrl(ctx, SSL_CTRL_GET_TLSEXT_STATUS_REQ_CB, 0, callback);
	22	+ callback = (void*) &temp_callback;
	23	+#else
	24	SSL_CTX_get_tlsext_status_cb(ctx, &callback);
	25	+#endif
	26
	27	if (!callback) {
	28	struct ocsp_cbk_arg cb_arg = calloc(1, sizeof(cb_arg));
	29	@@ -871,7 +875,10 @@ static int ssl_sock_load_ocsp(SSL_CTX *c
	30	int key_type;
	31	EVP_PKEY *pkey;
	32
	33	-#ifdef SSL_CTX_get_tlsext_status_arg
	34	+#if defined(SSL_CTX_get_tlsext_status_arg) \|\| (LIBRESSL_VERSION_NUMBER >= 0x2050100fL)
	35	+#ifndef SSL_CTRL_GET_TLSEXT_STATUS_REQ_CB_ARG
	36	+#define SSL_CTRL_GET_TLSEXT_STATUS_REQ_CB_ARG 129
	37	+#endif
	38	SSL_CTX_ctrl(ctx, SSL_CTRL_GET_TLSEXT_STATUS_REQ_CB_ARG, 0, &cb_arg);
	39	#else
	40	cb_arg = ctx->tlsext_status_arg;