FreeBSD Bugzilla – Attachment 199541 Details for
Bug 230698
databases/mongodb34: Fails to build with OpenSSL 1.1.x
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
mongodb34-openssl111.diff
mongodb34-openssl111.diff (text/plain), 27.56 KB, created by
Tobias Kortkamp
on 2018-11-25 13:33:31 UTC
(
hide
)
Description:
mongodb34-openssl111.diff
Filename:
MIME Type:
Creator:
Tobias Kortkamp
Created:
2018-11-25 13:33:31 UTC
Size:
27.56 KB
patch
obsolete
>Index: Makefile >=================================================================== >--- Makefile (revision 485849) >+++ Makefile (working copy) >@@ -3,7 +3,7 @@ > PORTNAME= mongodb > DISTVERSIONPREFIX= r > DISTVERSION= 3.4.16 >-PORTREVISION= 1 >+PORTREVISION= 2 > CATEGORIES= databases net > MASTER_SITES= https://fastdl.mongodb.org/src/ \ > http://fastdl.mongodb.org/src/ \ >@@ -18,8 +18,6 @@ > LICENSE= AGPLv3 APACHE20 > LICENSE_COMB= multi > >-BROKEN_SSL= openssl111 >-BROKEN_SSL_REASON_openssl111= no member named 'SSLv2_method' in the global namespace > ONLY_FOR_ARCHS= amd64 aarch64 > ONLY_FOR_ARCHS_REASON= "Only supported on amd64 and aarch64 (i386 deprecated in v3)" > >Index: files/patch-asio-openssl-1.1.0 >=================================================================== >--- files/patch-asio-openssl-1.1.0 (nonexistent) >+++ files/patch-asio-openssl-1.1.0 (working copy) >@@ -0,0 +1,666 @@ >+From 628e3ca9fe7a1bed1ce2308e2df4a1a4ecd1dfe7 Mon Sep 17 00:00:00 2001 >+From: Christopher Kohlhoff <chris@kohlhoff.com> >+Date: Fri, 20 Mar 2015 08:46:51 +1100 >+Subject: [PATCH] ERR_remove_state is deprecated, use ERR_remove_thread_state >+ instead. >+ >+--- >+ asio/include/asio/ssl/detail/impl/openssl_init.ipp | 4 ++++ >+ 1 file changed, 4 insertions(+) >+ >+diff --git src/third_party/asio-asio-1-11-0/asio/include/asio/ssl/detail/impl/openssl_init.ipp src/third_party/asio-asio-1-11-0/asio/include/asio/ssl/detail/impl/openssl_init.ipp >+index 2c40d40..da66fc1 100644 >+--- src/third_party/asio-asio-1-11-0/asio/include/asio/ssl/detail/impl/openssl_init.ipp >++++ src/third_party/asio-asio-1-11-0/asio/include/asio/ssl/detail/impl/openssl_init.ipp >+@@ -63,7 +63,11 @@ public: >+ ::CRYPTO_set_id_callback(0); >+ ::CRYPTO_set_locking_callback(0); >+ ::ERR_free_strings(); >++#if (OPENSSL_VERSION_NUMBER >= 0x10000000L) >++ ::ERR_remove_thread_state(NULL); >++#else // (OPENSSL_VERSION_NUMBER >= 0x10000000L) >+ ::ERR_remove_state(0); >++#endif // (OPENSSL_VERSION_NUMBER >= 0x10000000L) >+ ::EVP_cleanup(); >+ ::CRYPTO_cleanup_all_ex_data(); >+ ::CONF_modules_unload(1); >+From aa21de0944b4327f998fe161dde5ddaaf38cec5c Mon Sep 17 00:00:00 2001 >+From: Christopher Kohlhoff <chris@kohlhoff.com> >+Date: Sat, 21 Mar 2015 20:52:42 +1100 >+Subject: [PATCH] Remove redundant pointer check in SSL engine. >+ >+--- >+ asio/include/asio/ssl/detail/impl/engine.ipp | 2 +- >+ 1 file changed, 1 insertion(+), 1 deletion(-) >+ >+diff --git src/third_party/asio-asio-1-11-0/asio/include/asio/ssl/detail/impl/engine.ipp src/third_party/asio-asio-1-11-0/asio/include/asio/ssl/detail/impl/engine.ipp >+index 5504411..2e4a39d 100644 >+--- src/third_party/asio-asio-1-11-0/asio/include/asio/ssl/detail/impl/engine.ipp >++++ src/third_party/asio-asio-1-11-0/asio/include/asio/ssl/detail/impl/engine.ipp >+@@ -206,7 +206,7 @@ const asio::error_code& engine::map_error_code( >+ >+ // SSL v2 doesn't provide a protocol-level shutdown, so an eof on the >+ // underlying transport is passed through. >+- if (ssl_ && ssl_->version == SSL2_VERSION) >++ if (ssl_->version == SSL2_VERSION) >+ return ec; >+ >+ // Otherwise, the peer should have negotiated a proper shutdown. >+From 6c70257e20ef159c581298b54838361bb54bfce4 Mon Sep 17 00:00:00 2001 >+From: Christopher Kohlhoff <chris@kohlhoff.com> >+Date: Thu, 1 Oct 2015 08:44:30 +1000 >+Subject: [PATCH] Use SSL_CTX_clear_chain_certs, if available. >+ >+--- >+ asio/include/asio/ssl/impl/context.ipp | 4 ++++ >+ 1 file changed, 4 insertions(+) >+ >+diff --git src/third_party/asio-asio-1-11-0/asio/include/asio/ssl/impl/context.ipp src/third_party/asio-asio-1-11-0/asio/include/asio/ssl/impl/context.ipp >+index 08705e7..77da84e 100644 >+--- src/third_party/asio-asio-1-11-0/asio/include/asio/ssl/impl/context.ipp >++++ src/third_party/asio-asio-1-11-0/asio/include/asio/ssl/impl/context.ipp >+@@ -539,11 +539,15 @@ asio::error_code context::use_certificate_chain( >+ return ec; >+ } >+ >++#if (OPENSSL_VERSION_NUMBER >= 0x10002000L) >++ ::SSL_CTX_clear_chain_certs(handle_); >++#else >+ if (handle_->extra_certs) >+ { >+ ::sk_X509_pop_free(handle_->extra_certs, X509_free); >+ handle_->extra_certs = 0; >+ } >++#endif // (OPENSSL_VERSION_NUMBER >= 0x10002000L) >+ >+ while (X509* cacert = ::PEM_read_bio_X509(bio.p, 0, >+ handle_->default_passwd_callback, >+From 92bfc623e6a71353dd2c783f4c9fef5591ac550d Mon Sep 17 00:00:00 2001 >+From: Christopher Kohlhoff <chris@kohlhoff.com> >+Date: Thu, 19 Nov 2015 10:24:56 +1100 >+Subject: [PATCH] Add new error category and constant for >+ ssl::error::stream_truncated. >+ >+This error replaces uses of SSL_R_SHORT_READ, and indicates that the >+SSL stream has been shut down abruptly. (I.e. the underlying socket >+has been closed without performing an SSL-layer shutdown.) >+--- >+ asio/include/asio/ssl/detail/impl/engine.ipp | 8 ++----- >+ asio/include/asio/ssl/error.hpp | 34 ++++++++++++++++++++++++++++ >+ asio/include/asio/ssl/impl/error.ipp | 33 ++++++++++++++++++++++++++- >+ 3 files changed, 68 insertions(+), 7 deletions(-) >+ >+diff --git src/third_party/asio-asio-1-11-0/asio/include/asio/ssl/detail/impl/engine.ipp src/third_party/asio-asio-1-11-0/asio/include/asio/ssl/detail/impl/engine.ipp >+index b59cf18..9abe010 100644 >+--- src/third_party/asio-asio-1-11-0/asio/include/asio/ssl/detail/impl/engine.ipp >++++ src/third_party/asio-asio-1-11-0/asio/include/asio/ssl/detail/impl/engine.ipp >+@@ -195,9 +195,7 @@ const asio::error_code& engine::map_error_code( >+ // If there's data yet to be read, it's an error. >+ if (BIO_wpending(ext_bio_)) >+ { >+- ec = asio::error_code( >+- ERR_PACK(ERR_LIB_SSL, 0, SSL_R_SHORT_READ), >+- asio::error::get_ssl_category()); >++ ec = asio::ssl::error::stream_truncated; >+ return ec; >+ } >+ >+@@ -209,9 +207,7 @@ const asio::error_code& engine::map_error_code( >+ // Otherwise, the peer should have negotiated a proper shutdown. >+ if ((::SSL_get_shutdown(ssl_) & SSL_RECEIVED_SHUTDOWN) == 0) >+ { >+- ec = asio::error_code( >+- ERR_PACK(ERR_LIB_SSL, 0, SSL_R_SHORT_READ), >+- asio::error::get_ssl_category()); >++ ec = asio::ssl::error::stream_truncated; >+ } >+ >+ return ec; >+diff --git src/third_party/asio-asio-1-11-0/asio/include/asio/ssl/error.hpp src/third_party/asio-asio-1-11-0/asio/include/asio/ssl/error.hpp >+index 1385d2a..f044f59 100644 >+--- src/third_party/asio-asio-1-11-0/asio/include/asio/ssl/error.hpp >++++ src/third_party/asio-asio-1-11-0/asio/include/asio/ssl/error.hpp >+@@ -25,6 +25,7 @@ namespace error { >+ >+ enum ssl_errors >+ { >++ // Error numbers are those produced by openssl. >+ }; >+ >+ extern ASIO_DECL >+@@ -34,6 +35,23 @@ static const asio::error_category& ssl_category >+ = asio::error::get_ssl_category(); >+ >+ } // namespace error >++namespace ssl { >++namespace error { >++ >++enum stream_errors >++{ >++ /// The underlying stream closed before the ssl stream gracefully shut down. >++ stream_truncated = 1 >++}; >++ >++extern ASIO_DECL >++const asio::error_category& get_stream_category(); >++ >++static const asio::error_category& stream_category >++ = asio::ssl::error::get_stream_category(); >++ >++} // namespace error >++} // namespace ssl >+ } // namespace asio >+ >+ #if defined(ASIO_HAS_STD_SYSTEM_ERROR) >+@@ -44,6 +62,11 @@ template<> struct is_error_code_enum<asio::error::ssl_errors> >+ static const bool value = true; >+ }; >+ >++template<> struct is_error_code_enum<asio::ssl::error::stream_errors> >++{ >++ static const bool value = true; >++}; >++ >+ } // namespace std >+ #endif // defined(ASIO_HAS_STD_SYSTEM_ERROR) >+ >+@@ -57,6 +80,17 @@ inline asio::error_code make_error_code(ssl_errors e) >+ } >+ >+ } // namespace error >++namespace ssl { >++namespace error { >++ >++inline asio::error_code make_error_code(stream_errors e) >++{ >++ return asio::error_code( >++ static_cast<int>(e), get_stream_category()); >++} >++ >++} // namespace error >++} // namespace ssl >+ } // namespace asio >+ >+ #include "asio/detail/pop_options.hpp" >+diff --git src/third_party/asio-asio-1-11-0/asio/include/asio/ssl/impl/error.ipp src/third_party/asio-asio-1-11-0/asio/include/asio/ssl/impl/error.ipp >+index 9e76039..8c20e81 100644 >+--- src/third_party/asio-asio-1-11-0/asio/include/asio/ssl/impl/error.ipp >++++ src/third_party/asio-asio-1-11-0/asio/include/asio/ssl/impl/error.ipp >+@@ -23,7 +23,6 @@ >+ >+ namespace asio { >+ namespace error { >+- >+ namespace detail { >+ >+ class ssl_category : public asio::error_category >+@@ -50,6 +49,38 @@ const asio::error_category& get_ssl_category() >+ } >+ >+ } // namespace error >++namespace ssl { >++namespace error { >++namespace detail { >++ >++class stream_category : public asio::error_category >++{ >++public: >++ const char* name() const ASIO_ERROR_CATEGORY_NOEXCEPT >++ { >++ return "asio.ssl.stream"; >++ } >++ >++ std::string message(int value) const >++ { >++ switch (value) >++ { >++ case stream_truncated: return "stream truncated"; >++ default: return "asio.ssl.stream error"; >++ } >++ } >++}; >++ >++} // namespace detail >++ >++const asio::error_category& get_stream_category() >++{ >++ static detail::stream_category instance; >++ return instance; >++} >++ >++} // namespace error >++} // namespace ssl >+ } // namespace asio >+ >+ #include "asio/detail/pop_options.hpp" >+From 5fa80539834c10406611bb02c20cdba2a9171f4a Mon Sep 17 00:00:00 2001 >+From: Christopher Kohlhoff <chris@kohlhoff.com> >+Date: Thu, 19 Nov 2015 10:25:42 +1100 >+Subject: [PATCH] BoringSSL does not provide CONF_modules_unload. >+ >+--- >+ asio/include/asio/ssl/detail/impl/openssl_init.ipp | 2 ++ >+ 1 file changed, 2 insertions(+) >+ >+diff --git src/third_party/asio-asio-1-11-0/asio/include/asio/ssl/detail/impl/openssl_init.ipp src/third_party/asio-asio-1-11-0/asio/include/asio/ssl/detail/impl/openssl_init.ipp >+index da66fc1..2a70bf5 100644 >+--- src/third_party/asio-asio-1-11-0/asio/include/asio/ssl/detail/impl/openssl_init.ipp >++++ src/third_party/asio-asio-1-11-0/asio/include/asio/ssl/detail/impl/openssl_init.ipp >+@@ -70,7 +70,9 @@ public: >+ #endif // (OPENSSL_VERSION_NUMBER >= 0x10000000L) >+ ::EVP_cleanup(); >+ ::CRYPTO_cleanup_all_ex_data(); >++#if !defined(OPENSSL_IS_BORINGSSL) >+ ::CONF_modules_unload(1); >++#endif // !defined(OPENSSL_IS_BORINGSSL) >+ #if !defined(OPENSSL_NO_ENGINE) >+ ::ENGINE_cleanup(); >+ #endif // !defined(OPENSSL_NO_ENGINE) >+From 062b19c97bb85f4625b46f93ee19b234948ff235 Mon Sep 17 00:00:00 2001 >+From: Marcel Raad <raad@teamviewer.com> >+Date: Fri, 1 Apr 2016 10:46:17 +0200 >+Subject: [PATCH] Add compatibility with OpenSSL 1.1 - SSLv2 has been >+ completely removed from OpenSSL, even without OPENSSL_NO_SSL2 - there is a >+ new threading API without locking callbacks - struct SSL_CTX has been made >+ opaque and must be used via accessor functions - some cleanup functions have >+ been removed >+ >+--- >+ asio/include/asio/ssl/detail/impl/engine.ipp | 2 + >+ asio/include/asio/ssl/detail/impl/openssl_init.ipp | 20 ++++-- >+ asio/include/asio/ssl/impl/context.ipp | 71 +++++++++++++++++----- >+ 3 files changed, 72 insertions(+), 21 deletions(-) >+ >+diff --git src/third_party/asio-asio-1-11-0/asio/include/asio/ssl/detail/impl/engine.ipp src/third_party/asio-asio-1-11-0/asio/include/asio/ssl/detail/impl/engine.ipp >+index fa5d4b0..22b7cdd 100644 >+--- src/third_party/asio-asio-1-11-0/asio/include/asio/ssl/detail/impl/engine.ipp >++++ src/third_party/asio-asio-1-11-0/asio/include/asio/ssl/detail/impl/engine.ipp >+@@ -201,8 +201,10 @@ const asio::error_code& engine::map_error_code( >+ >+ // SSL v2 doesn't provide a protocol-level shutdown, so an eof on the >+ // underlying transport is passed through. >++#if (OPENSSL_VERSION_NUMBER < 0x10100000L) >+ if (ssl_->version == SSL2_VERSION) >+ return ec; >++#endif // (OPENSSL_VERSION_NUMBER < 0x10100000L) >+ >+ // Otherwise, the peer should have negotiated a proper shutdown. >+ if ((::SSL_get_shutdown(ssl_) & SSL_RECEIVED_SHUTDOWN) == 0) >+diff --git src/third_party/asio-asio-1-11-0/asio/include/asio/ssl/detail/impl/openssl_init.ipp src/third_party/asio-asio-1-11-0/asio/include/asio/ssl/detail/impl/openssl_init.ipp >+index 700b678..62a49cd 100644 >+--- src/third_party/asio-asio-1-11-0/asio/include/asio/ssl/detail/impl/openssl_init.ipp >++++ src/third_party/asio-asio-1-11-0/asio/include/asio/ssl/detail/impl/openssl_init.ipp >+@@ -39,11 +39,13 @@ public: >+ ::SSL_load_error_strings(); >+ ::OpenSSL_add_all_algorithms(); >+ >++#if (OPENSSL_VERSION_NUMBER < 0x10100000L) >+ mutexes_.resize(::CRYPTO_num_locks()); >+ for (size_t i = 0; i < mutexes_.size(); ++i) >+ mutexes_[i].reset(new asio::detail::mutex); >+ ::CRYPTO_set_locking_callback(&do_init::openssl_locking_func); >+ ::CRYPTO_set_id_callback(&do_init::openssl_id_func); >++#endif // (OPENSSL_VERSION_NUMBER < 0x10100000L) >+ >+ #if !defined(SSL_OP_NO_COMPRESSION) \ >+ && (OPENSSL_VERSION_NUMBER >= 0x00908000L) >+@@ -60,22 +62,26 @@ public: >+ #endif // !defined(SSL_OP_NO_COMPRESSION) >+ // && (OPENSSL_VERSION_NUMBER >= 0x00908000L) >+ >++#if (OPENSSL_VERSION_NUMBER < 0x10100000L) >+ ::CRYPTO_set_id_callback(0); >+ ::CRYPTO_set_locking_callback(0); >+ ::ERR_free_strings(); >+-#if (OPENSSL_VERSION_NUMBER >= 0x10000000L) >+- ::ERR_remove_thread_state(NULL); >+-#else // (OPENSSL_VERSION_NUMBER >= 0x10000000L) >+- ::ERR_remove_state(0); >+-#endif // (OPENSSL_VERSION_NUMBER >= 0x10000000L) >+ ::EVP_cleanup(); >+ ::CRYPTO_cleanup_all_ex_data(); >++#endif // (OPENSSL_VERSION_NUMBER < 0x10100000L) >++#if (OPENSSL_VERSION_NUMBER < 0x10000000L) >++ ::ERR_remove_state(0); >++#elif (OPENSSL_VERSION_NUMBER < 0x10100000L) >++ ::ERR_remove_thread_state(NULL); >++#endif // (OPENSSL_VERSION_NUMBER < 0x10000000L) >+ #if !defined(OPENSSL_IS_BORINGSSL) >+ ::CONF_modules_unload(1); >+ #endif // !defined(OPENSSL_IS_BORINGSSL) >+-#if !defined(OPENSSL_NO_ENGINE) >++#if !defined(OPENSSL_NO_ENGINE) \ >++ && (OPENSSL_VERSION_NUMBER < 0x10100000L) >+ ::ENGINE_cleanup(); >+ #endif // !defined(OPENSSL_NO_ENGINE) >++ // && (OPENSSL_VERSION_NUMBER < 0x10100000L) >+ } >+ >+ #if !defined(SSL_OP_NO_COMPRESSION) \ >+@@ -104,10 +110,12 @@ private: >+ static void openssl_locking_func(int mode, int n, >+ const char* /*file*/, int /*line*/) >+ { >++#if (OPENSSL_VERSION_NUMBER < 0x10100000L) >+ if (mode & CRYPTO_LOCK) >+ instance()->mutexes_[n]->lock(); >+ else >+ instance()->mutexes_[n]->unlock(); >++#endif // (OPENSSL_VERSION_NUMBER < 0x10100000L) >+ } >+ >+ // Mutexes to be used in locking callbacks. >+diff --git src/third_party/asio-asio-1-11-0/asio/include/asio/ssl/impl/context.ipp src/third_party/asio-asio-1-11-0/asio/include/asio/ssl/impl/context.ipp >+index 02210d9..fde7709 100644 >+--- src/third_party/asio-asio-1-11-0/asio/include/asio/ssl/impl/context.ipp >++++ src/third_party/asio-asio-1-11-0/asio/include/asio/ssl/impl/context.ipp >+@@ -66,7 +66,8 @@ context::context(context::method m) >+ >+ switch (m) >+ { >+-#if defined(OPENSSL_NO_SSL2) >++#if defined(OPENSSL_NO_SSL2) \ >++ || (OPENSSL_VERSION_NUMBER >= 0x10100000L) >+ case context::sslv2: >+ case context::sslv2_client: >+ case context::sslv2_server: >+@@ -74,6 +75,7 @@ context::context(context::method m) >+ asio::error::invalid_argument, "context"); >+ break; >+ #else // defined(OPENSSL_NO_SSL2) >++ // || (OPENSSL_VERSION_NUMBER >= 0x10100000L) >+ case context::sslv2: >+ handle_ = ::SSL_CTX_new(::SSLv2_method()); >+ break; >+@@ -84,6 +86,7 @@ context::context(context::method m) >+ handle_ = ::SSL_CTX_new(::SSLv2_server_method()); >+ break; >+ #endif // defined(OPENSSL_NO_SSL2) >++ // || (OPENSSL_VERSION_NUMBER >= 0x10100000L) >+ #if defined(OPENSSL_NO_SSL3) >+ case context::sslv3: >+ case context::sslv3_client: >+@@ -192,13 +195,22 @@ context::~context() >+ { >+ if (handle_) >+ { >+- if (handle_->default_passwd_callback_userdata) >++#if (OPENSSL_VERSION_NUMBER >= 0x10100000L) >++ void* cb_userdata = ::SSL_CTX_get_default_passwd_cb_userdata(handle_); >++#else // (OPENSSL_VERSION_NUMBER >= 0x10100000L) >++ void* cb_userdata = handle_->default_passwd_callback_userdata; >++#endif // (OPENSSL_VERSION_NUMBER >= 0x10100000L) >++ if (cb_userdata) >+ { >+ detail::password_callback_base* callback = >+ static_cast<detail::password_callback_base*>( >+- handle_->default_passwd_callback_userdata); >++ cb_userdata); >+ delete callback; >++#if (OPENSSL_VERSION_NUMBER >= 0x10100000L) >++ ::SSL_CTX_set_default_passwd_cb_userdata(handle_, 0); >++#else // (OPENSSL_VERSION_NUMBER >= 0x10100000L) >+ handle_->default_passwd_callback_userdata = 0; >++#endif // (OPENSSL_VERSION_NUMBER >= 0x10100000L) >+ } >+ >+ if (SSL_CTX_get_app_data(handle_)) >+@@ -528,10 +540,17 @@ ASIO_SYNC_OP_VOID context::use_certificate_chain( >+ bio_cleanup bio = { make_buffer_bio(chain) }; >+ if (bio.p) >+ { >++#if (OPENSSL_VERSION_NUMBER >= 0x10100000L) >++ pem_password_cb* callback = ::SSL_CTX_get_default_passwd_cb(handle_); >++ void* cb_userdata = ::SSL_CTX_get_default_passwd_cb_userdata(handle_); >++#else // (OPENSSL_VERSION_NUMBER >= 0x10100000L) >++ pem_password_cb* callback = handle_->default_passwd_callback; >++ void* cb_userdata = handle_->default_passwd_callback_userdata; >++#endif // (OPENSSL_VERSION_NUMBER >= 0x10100000L) >+ x509_cleanup cert = { >+ ::PEM_read_bio_X509_AUX(bio.p, 0, >+- handle_->default_passwd_callback, >+- handle_->default_passwd_callback_userdata) }; >++ callback, >++ cb_userdata) }; >+ if (!cert.p) >+ { >+ ec = asio::error_code(ERR_R_PEM_LIB, >+@@ -559,8 +578,8 @@ ASIO_SYNC_OP_VOID context::use_certificate_chain( >+ #endif // (OPENSSL_VERSION_NUMBER >= 0x10002000L) >+ >+ while (X509* cacert = ::PEM_read_bio_X509(bio.p, 0, >+- handle_->default_passwd_callback, >+- handle_->default_passwd_callback_userdata)) >++ callback, >++ cb_userdata)) >+ { >+ if (!::SSL_CTX_add_extra_chain_cert(handle_, cacert)) >+ { >+@@ -625,6 +644,14 @@ ASIO_SYNC_OP_VOID context::use_private_key( >+ { >+ ::ERR_clear_error(); >+ >++#if (OPENSSL_VERSION_NUMBER >= 0x10100000L) >++ pem_password_cb* callback = ::SSL_CTX_get_default_passwd_cb(handle_); >++ void* cb_userdata = ::SSL_CTX_get_default_passwd_cb_userdata(handle_); >++#else // (OPENSSL_VERSION_NUMBER >= 0x10100000L) >++ pem_password_cb* callback = handle_->default_passwd_callback; >++ void* cb_userdata = handle_->default_passwd_callback_userdata; >++#endif // (OPENSSL_VERSION_NUMBER >= 0x10100000L) >++ >+ bio_cleanup bio = { make_buffer_bio(private_key) }; >+ if (bio.p) >+ { >+@@ -636,8 +663,8 @@ ASIO_SYNC_OP_VOID context::use_private_key( >+ break; >+ case context_base::pem: >+ evp_private_key.p = ::PEM_read_bio_PrivateKey( >+- bio.p, 0, handle_->default_passwd_callback, >+- handle_->default_passwd_callback_userdata); >++ bio.p, 0, callback, >++ cb_userdata); >+ break; >+ default: >+ { >+@@ -684,6 +711,14 @@ ASIO_SYNC_OP_VOID context::use_rsa_private_key( >+ { >+ ::ERR_clear_error(); >+ >++#if (OPENSSL_VERSION_NUMBER >= 0x10100000L) >++ pem_password_cb* callback = ::SSL_CTX_get_default_passwd_cb(handle_); >++ void* cb_userdata = ::SSL_CTX_get_default_passwd_cb_userdata(handle_); >++#else // (OPENSSL_VERSION_NUMBER >= 0x10100000L) >++ pem_password_cb* callback = handle_->default_passwd_callback; >++ void* cb_userdata = handle_->default_passwd_callback_userdata; >++#endif // (OPENSSL_VERSION_NUMBER >= 0x10100000L) >++ >+ bio_cleanup bio = { make_buffer_bio(private_key) }; >+ if (bio.p) >+ { >+@@ -695,8 +730,8 @@ ASIO_SYNC_OP_VOID context::use_rsa_private_key( >+ break; >+ case context_base::pem: >+ rsa_private_key.p = ::PEM_read_bio_RSAPrivateKey( >+- bio.p, 0, handle_->default_passwd_callback, >+- handle_->default_passwd_callback_userdata); >++ bio.p, 0, callback, >++ cb_userdata); >+ break; >+ default: >+ { >+@@ -915,11 +950,17 @@ int context::verify_callback_function(int preverified, X509_STORE_CTX* ctx) >+ ASIO_SYNC_OP_VOID context::do_set_password_callback( >+ detail::password_callback_base* callback, asio::error_code& ec) >+ { >+- if (handle_->default_passwd_callback_userdata) >+- delete static_cast<detail::password_callback_base*>( >+- handle_->default_passwd_callback_userdata); >+- >++#if (OPENSSL_VERSION_NUMBER >= 0x10100000L) >++ void* old_callback = ::SSL_CTX_get_default_passwd_cb_userdata(handle_); >++ ::SSL_CTX_set_default_passwd_cb_userdata(handle_, callback); >++#else // (OPENSSL_VERSION_NUMBER >= 0x10100000L) >++ void* old_callback = handle_->default_passwd_callback_userdata; >+ handle_->default_passwd_callback_userdata = callback; >++#endif // (OPENSSL_VERSION_NUMBER >= 0x10100000L) >++ >++ if (old_callback) >++ delete static_cast<detail::password_callback_base*>( >++ old_callback); >+ >+ SSL_CTX_set_default_passwd_cb(handle_, &context::password_callback_function); >+ >+From 69e44a4cc6eb5ba21ede409779a7b777c0eb3869 Mon Sep 17 00:00:00 2001 >+From: Christopher Kohlhoff <chris@kohlhoff.com> >+Date: Sun, 28 Aug 2016 10:02:08 +1000 >+Subject: [PATCH] Fix errors when OPENSSL_NO_DEPRECATED is defined. >+ >+--- >+ asio/include/asio/ssl/detail/impl/openssl_init.ipp | 23 +++++++++++----------- >+ asio/include/asio/ssl/detail/openssl_types.hpp | 2 ++ >+ 2 files changed, 13 insertions(+), 12 deletions(-) >+ >+diff --git src/third_party/asio-asio-1-11-0/asio/include/asio/ssl/detail/impl/openssl_init.ipp src/third_party/asio-asio-1-11-0/asio/include/asio/ssl/detail/impl/openssl_init.ipp >+index 62a49cd..4cc9859 100644 >+--- src/third_party/asio-asio-1-11-0/asio/include/asio/ssl/detail/impl/openssl_init.ipp >++++ src/third_party/asio-asio-1-11-0/asio/include/asio/ssl/detail/impl/openssl_init.ipp >+@@ -44,8 +44,10 @@ public: >+ for (size_t i = 0; i < mutexes_.size(); ++i) >+ mutexes_[i].reset(new asio::detail::mutex); >+ ::CRYPTO_set_locking_callback(&do_init::openssl_locking_func); >+- ::CRYPTO_set_id_callback(&do_init::openssl_id_func); >+ #endif // (OPENSSL_VERSION_NUMBER < 0x10100000L) >++#if (OPENSSL_VERSION_NUMBER < 0x10000000L) >++ ::CRYPTO_set_id_callback(&do_init::openssl_id_func); >++#endif // (OPENSSL_VERSION_NUMBER < 0x10000000L) >+ >+ #if !defined(SSL_OP_NO_COMPRESSION) \ >+ && (OPENSSL_VERSION_NUMBER >= 0x00908000L) >+@@ -62,8 +64,10 @@ public: >+ #endif // !defined(SSL_OP_NO_COMPRESSION) >+ // && (OPENSSL_VERSION_NUMBER >= 0x00908000L) >+ >+-#if (OPENSSL_VERSION_NUMBER < 0x10100000L) >++#if (OPENSSL_VERSION_NUMBER < 0x10000000L) >+ ::CRYPTO_set_id_callback(0); >++#endif // (OPENSSL_VERSION_NUMBER < 0x10000000L) >++#if (OPENSSL_VERSION_NUMBER < 0x10100000L) >+ ::CRYPTO_set_locking_callback(0); >+ ::ERR_free_strings(); >+ ::EVP_cleanup(); >+@@ -94,38 +98,33 @@ public: >+ // && (OPENSSL_VERSION_NUMBER >= 0x00908000L) >+ >+ private: >++#if (OPENSSL_VERSION_NUMBER < 0x10000000L) >+ static unsigned long openssl_id_func() >+ { >+ #if defined(ASIO_WINDOWS) || defined(__CYGWIN__) >+ return ::GetCurrentThreadId(); >+ #else // defined(ASIO_WINDOWS) || defined(__CYGWIN__) >+- void* id = instance()->thread_id_; >+- if (id == 0) >+- instance()->thread_id_ = id = &id; // Ugh. >++ void* id = &errno; >+ ASIO_ASSERT(sizeof(unsigned long) >= sizeof(void*)); >+ return reinterpret_cast<unsigned long>(id); >+ #endif // defined(ASIO_WINDOWS) || defined(__CYGWIN__) >+ } >++#endif // (OPENSSL_VERSION_NUMBER < 0x10000000L) >+ >++#if (OPENSSL_VERSION_NUMBER < 0x10100000L) >+ static void openssl_locking_func(int mode, int n, >+ const char* /*file*/, int /*line*/) >+ { >+-#if (OPENSSL_VERSION_NUMBER < 0x10100000L) >+ if (mode & CRYPTO_LOCK) >+ instance()->mutexes_[n]->lock(); >+ else >+ instance()->mutexes_[n]->unlock(); >+-#endif // (OPENSSL_VERSION_NUMBER < 0x10100000L) >+ } >+ >+ // Mutexes to be used in locking callbacks. >+ std::vector<asio::detail::shared_ptr< >+ asio::detail::mutex> > mutexes_; >+- >+-#if !defined(ASIO_WINDOWS) && !defined(__CYGWIN__) >+- // The thread identifiers to be used by openssl. >+- asio::detail::tss_ptr<void> thread_id_; >+-#endif // !defined(ASIO_WINDOWS) && !defined(__CYGWIN__) >++#endif // (OPENSSL_VERSION_NUMBER < 0x10100000L) >+ >+ #if !defined(SSL_OP_NO_COMPRESSION) \ >+ && (OPENSSL_VERSION_NUMBER >= 0x00908000L) >+diff --git src/third_party/asio-asio-1-11-0/asio/include/asio/ssl/detail/openssl_types.hpp src/third_party/asio-asio-1-11-0/asio/include/asio/ssl/detail/openssl_types.hpp >+index d9cfc71..eda740d 100644 >+--- src/third_party/asio-asio-1-11-0/asio/include/asio/ssl/detail/openssl_types.hpp >++++ src/third_party/asio-asio-1-11-0/asio/include/asio/ssl/detail/openssl_types.hpp >+@@ -21,7 +21,9 @@ >+ #if !defined(OPENSSL_NO_ENGINE) >+ # include <openssl/engine.h> >+ #endif // !defined(OPENSSL_NO_ENGINE) >++#include <openssl/dh.h> >+ #include <openssl/err.h> >++#include <openssl/rsa.h> >+ #include <openssl/x509v3.h> >+ #include "asio/detail/socket_types.hpp" >+ >+From 2cde22623ca0fd9571d8d57c5a8965082d815e1c Mon Sep 17 00:00:00 2001 >+From: Christopher Kohlhoff <chris@kohlhoff.com> >+Date: Tue, 13 Sep 2016 21:59:03 +1000 >+Subject: [PATCH] Call SSL_COMP_free_compression_methods() on ssl cleanup. >+ >+This call is needed for OpenSSL >=1.0.2 and <1.1.0. >+--- >+ asio/include/asio/ssl/detail/impl/openssl_init.ipp | 5 +++++ >+ 1 file changed, 5 insertions(+) >+ >+diff --git src/third_party/asio-asio-1-11-0/asio/include/asio/ssl/detail/impl/openssl_init.ipp src/third_party/asio-asio-1-11-0/asio/include/asio/ssl/detail/impl/openssl_init.ipp >+index 4cc9859..392eff9 100644 >+--- src/third_party/asio-asio-1-11-0/asio/include/asio/ssl/detail/impl/openssl_init.ipp >++++ src/third_party/asio-asio-1-11-0/asio/include/asio/ssl/detail/impl/openssl_init.ipp >+@@ -78,6 +78,11 @@ public: >+ #elif (OPENSSL_VERSION_NUMBER < 0x10100000L) >+ ::ERR_remove_thread_state(NULL); >+ #endif // (OPENSSL_VERSION_NUMBER < 0x10000000L) >++#if (OPENSSL_VERSION_NUMBER >= 0x10002000L) \ >++ && (OPENSSL_VERSION_NUMBER < 0x10100000L) >++ ::SSL_COMP_free_compression_methods(); >++#endif // (OPENSSL_VERSION_NUMBER >= 0x10002000L) >++ // && (OPENSSL_VERSION_NUMBER < 0x10100000L) >+ #if !defined(OPENSSL_IS_BORINGSSL) >+ ::CONF_modules_unload(1); >+ #endif // !defined(OPENSSL_IS_BORINGSSL) >+From dc2b5b9ac09326ba1e38a28b48170063ca2b1332 Mon Sep 17 00:00:00 2001 >+From: Marcel Raad <MarcelRaad@users.noreply.github.com> >+Date: Mon, 31 Oct 2016 10:32:19 +0100 >+Subject: [PATCH] Fix compilation with OpenSSL 1.1 API >+ >+With OPENSSL_API_COMPAT=0x10100000L, SSL_library_init, SSL_load_error_strings, and OpenSSL_add_all_algorithms are removed. >+With OPENSSL_API_COMPAT=0x10000000L, these are function-style macros mapping to OPENSSL_init_ssl, which is called automatically anyway. >+ >+References: >+https://www.openssl.org/docs/man1.1.0/ssl/OPENSSL_init_ssl.html >+https://www.openssl.org/docs/man1.1.0/crypto/OPENSSL_init_crypto.html >+--- >+ asio/include/asio/ssl/detail/impl/openssl_init.ipp | 2 +- >+ 1 file changed, 1 insertion(+), 1 deletion(-) >+ >+diff --git src/third_party/asio-asio-1-11-0/asio/include/asio/ssl/detail/impl/openssl_init.ipp src/third_party/asio-asio-1-11-0/asio/include/asio/ssl/detail/impl/openssl_init.ipp >+index 392eff9..5de0caa 100644 >+--- src/third_party/asio-asio-1-11-0/asio/include/asio/ssl/detail/impl/openssl_init.ipp >++++ src/third_party/asio-asio-1-11-0/asio/include/asio/ssl/detail/impl/openssl_init.ipp >+@@ -35,11 +35,11 @@ class openssl_init_base::do_init >+ public: >+ do_init() >+ { >++#if (OPENSSL_VERSION_NUMBER < 0x10100000L) >+ ::SSL_library_init(); >+ ::SSL_load_error_strings(); >+ ::OpenSSL_add_all_algorithms(); >+ >+-#if (OPENSSL_VERSION_NUMBER < 0x10100000L) >+ mutexes_.resize(::CRYPTO_num_locks()); >+ for (size_t i = 0; i < mutexes_.size(); ++i) >+ mutexes_[i].reset(new asio::detail::mutex); > >Property changes on: files/patch-asio-openssl-1.1.0 >___________________________________________________________________ >Added: fbsd:nokeywords >## -0,0 +1 ## >+yes >\ No newline at end of property >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=199541">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 230698
:
199330
|
199456
|
199458
| 199541