Attachment 150784 Details for Bug 196139 – Patch for apache24 to build cleanly with LibreSSL

[patch] Patch for apache24 to build cleanly with LibreSSL

patch-libressl (text/plain), 4.44 KB, created by Bernard Spil on 2014-12-19 18:08:42 UTC

(hide)

Description:

Filename:

MIME Type:

Creator: Bernard Spil

Created: 2014-12-19 18:08:42 UTC

Size: 4.44 KB

patch

obsolete

>--- modules/ssl/ssl_engine_init.c.orig	2014-07-14 14:29:22.000000000 +0200
>+++ modules/ssl/ssl_engine_init.c	2014-12-17 10:13:39.269794278 +0100
>@@ -353,9 +353,11 @@
>             return ssl_die(s);
>         }
> 
>+#ifdef ENGINE_CTRL_CHIL_SET_FORKCHECK
>         if (strEQ(mc->szCryptoDevice, "chil")) {
>             ENGINE_ctrl(e, ENGINE_CTRL_CHIL_SET_FORKCHECK, 1, 0, 0);
>         }
>+#endif
> 
>         if (!ENGINE_set_default(e, ENGINE_METHOD_ALL)) {
>             ap_log_error(APLOG_MARK, APLOG_EMERG, 0, s, APLOGNO(01889)
>@@ -828,7 +830,11 @@
>         }
>     }
> 
>-    n = SSL_CTX_use_certificate_chain(mctx->ssl_ctx,
>+#ifndef HAVE_SSL_CTX_USE_CERTIFICATE_CHAIN
>+          n = SSL_CTX_use_certificate_chain(mctx->ssl_ctx,
>+#else
>+          n = _SSL_CTX_use_certificate_chain(mctx->ssl_ctx,
>+#endif
>                                       (char *)chain,
>                                       skip_first, NULL);
>     if (n < 0) {
>--- modules/ssl/ssl_util_ssl.c.orig	2014-03-02 21:20:14.000000000 +0100
>+++ modules/ssl/ssl_util_ssl.c	2014-12-17 10:11:23.293801088 +0100
>@@ -460,7 +460,11 @@
>  * format, possibly followed by a sequence of CA certificates that
>  * should be sent to the peer in the SSL Certificate message.
>  */
>+#ifndef HAVE_SSL_CTX_USE_CERTIFICATE_CHAIN
> int SSL_CTX_use_certificate_chain(
>+#else
>+int _SSL_CTX_use_certificate_chain(
>+#endif
>     SSL_CTX *ctx, char *file, int skipfirst, pem_password_cb *cb)
> {
>     BIO *bio;
>--- modules/ssl/ssl_util_ssl.h.orig	2014-03-02 21:20:14.000000000 +0100
>+++ modules/ssl/ssl_util_ssl.h	2014-12-17 10:10:36.197804421 +0100
>@@ -69,7 +69,11 @@
> BOOL        SSL_X509_match_name(apr_pool_t *, X509 *, const char *, BOOL, server_rec *);
> BOOL        SSL_X509_INFO_load_file(apr_pool_t *, STACK_OF(X509_INFO) *, const char *);
> BOOL        SSL_X509_INFO_load_path(apr_pool_t *, STACK_OF(X509_INFO) *, const char *);
>+#ifndef HAVE_SSL_CTX_USE_CERTIFICATE_CHAIN
> int         SSL_CTX_use_certificate_chain(SSL_CTX *, char *, int, pem_password_cb *);
>+#else
>+int         _SSL_CTX_use_certificate_chain(SSL_CTX *, char *, int, pem_password_cb *);
>+#endif
> char       *SSL_SESSION_id2sz(unsigned char *, int, char *, int);
> 
> #endif /* __SSL_UTIL_SSL_H__ */
>--- modules/ssl/ssl_engine_rand.c.orig	2011-12-05 01:08:01.000000000 +0100
>+++ modules/ssl/ssl_engine_rand.c	2014-12-19 18:39:04.825554353 +0100
>@@ -81,6 +81,7 @@
>                 nDone += ssl_rand_feedfp(p, fp, pRandSeed->nBytes);
>                 ssl_util_ppclose(s, p, fp);
>             }
>+#ifdef HAVE_RAND_EGD
>             else if (pRandSeed->nSrc == SSL_RSSRC_EGD) {
>                 /*
>                  * seed in contents provided by the external
>@@ -90,6 +91,7 @@
>                     continue;
>                 nDone += n;
>             }
>+#endif
>             else if (pRandSeed->nSrc == SSL_RSSRC_BUILTIN) {
>                 struct {
>                     time_t t;
>--- configure.orig	2014-07-15 19:15:03.000000000 +0200
>+++ configure	2014-12-19 18:43:31.217134498 +0100
>@@ -24885,7 +24885,7 @@
> fi
> done
> 
>-      for ac_func in ENGINE_init ENGINE_load_builtin_engines
>+      for ac_func in ENGINE_init ENGINE_load_builtin_engines SSL_CTX_use_certificate_chain RAND_egd
> do :
>   as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh`
> ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var"
>--- include/ap_config_auto.h.in.orig	2014-07-15 19:15:02.000000000 +0200
>+++ include/ap_config_auto.h.in	2014-12-19 18:49:26.301357912 +0100
>@@ -130,6 +130,9 @@
> /* Define to 1 if you have the <pwd.h> header file. */
> #undef HAVE_PWD_H
> 
>+/* Define to 1 if you have the `RAND_egd' function. */
>+#undef HAVE_RAND_EGD
>+
> /* Define to 1 if you have the `setsid' function. */
> #undef HAVE_SETSID
> 
>@@ -139,6 +142,9 @@
> /* Define to 1 if you have the `SSL_CTX_new' function. */
> #undef HAVE_SSL_CTX_NEW
> 
>+/* Define to 1 if you have the `SSL_CTX_use_certificate_chain' function. */
>+#undef HAVE_SSL_CTX_USE_CERTIFICATE_CHAIN
>+
> /* Define to 1 if you have the <stdint.h> header file. */
> #undef HAVE_STDINT_H
> 
>--- acinclude.m4.orig	2014-01-05 09:37:21.000000000 +0100
>+++ acinclude.m4	2014-12-19 18:53:07.033409821 +0100
>@@ -576,7 +576,7 @@
>       liberrors=""
>       AC_CHECK_HEADERS([openssl/engine.h])
>       AC_CHECK_FUNCS([SSLeay_version SSL_CTX_new], [], [liberrors="yes"])
>-      AC_CHECK_FUNCS([ENGINE_init ENGINE_load_builtin_engines])
>+      AC_CHECK_FUNCS([ENGINE_init ENGINE_load_builtin_engines SSL_CTX_use_certificate_chain RAND_egd])
>       if test "x$liberrors" != "x"; then
>         AC_MSG_WARN([OpenSSL libraries are unusable])
>       fi

Actions: View | Diff

Attachments on bug 196139: 150784 | 150785 | 152367 | 152368