Attachment #201257 for bug #232309

View | Details | Raw Unified | Return to bug 232309 | Differences between
Collapse All | Expand All




--- src/sw_ssl.cxx.orig	2018-09-18 09:32:11 UTC
+++ src/sw_ssl.cxx
@@ -4,7 +4,7 @@
 // Started 020316
 //
 // License: LGPL v2.1+ (see the file LICENSE)
-// (c)2002-2003 Anders Lindström
+// (c)2002-2003 Anders Lindstr?m
 
 /***********************************************************************
  *  This library is free software; you can redistribute it and/or      *
@@ -22,6 +22,7 @@
 #include <openssl/x509.h>
 #include <openssl/rsa.h>
 #include <openssl/evp.h>
+#include <cstring>
 
 using namespace std;
 
@@ -31,7 +32,25 @@ extern int close(int fd);
 extern int fcntl(int fd, int cmd, long arg);
 #endif
 
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
 
+int X509_get_signature_nid(const X509* peer)
+{
+    return OBJ_obj2nid(peer->sig_alg->algorithm);
+}
+int X509_certificate_type(const X509 *, const EVP_PKEY *pubkey)
+{
+    return OBJ_nid2sn(pubkey->type);
+}
+
+int SSL_CTX_up_ref(SSL_CTX *ctx)
+{
+    return ctx->references++;
+}
+
+#endif
+
+
 //====================================================================
 //== Helper functions
 //====================================================================
@@ -557,7 +576,8 @@ bool SWSSLSocket::get_peerCert_info(SWSSLSocket::peerC
 		info->version = X509_get_version(peer);
 		
 		// Signature algorithm
-		int nid = OBJ_obj2nid(peer->sig_alg->algorithm);
+
+		int nid = X509_get_signature_nid(peer);
 		if( nid != NID_undef )
 			info->sgnAlgorithm = OBJ_nid2sn(nid);
 		else
@@ -566,7 +586,7 @@ bool SWSSLSocket::get_peerCert_info(SWSSLSocket::peerC
 		// Key algorithm
 		EVP_PKEY *pkey = X509_get_pubkey(peer);
 		if( pkey ){
-			info->keyAlgorithm = OBJ_nid2sn(pkey->type);
+			info->keyAlgorithm = X509_certificate_type(peer, pkey);
 			info->keySize = 8 * EVP_PKEY_size(pkey);
 		}else{
 			info->keyAlgorithm = "";
@@ -689,7 +709,8 @@ bool SWSSLSocket::check_cert(SWBaseError *error)
 			}
 		}
 		
-		if( !(cert = BuildCertificate("SocketW session cert", NULL, NULL, evp_pkey)) ){
+                char certificateName[22] = "SocketW session cert\0";
+		if( !(cert = BuildCertificate(certificateName, NULL, NULL, evp_pkey)) ){
 			handle_ERRerror(error, fatal, "SWSSLSocket::handle_crypto_data() ");
 			return false;
 		}
@@ -718,7 +739,7 @@ SWBaseSocket* SWSSLSocket::create(int socketdescriptor
 	// Copy CTX object pointer
 	remoteClass->ctx  = ctx;
 	if( ctx )
-		ctx->references++;  // We don't want our destructor to delete ctx if still in use
+            SSL_CTX_up_ref(ctx);
 	
 	remoteClass->have_cert = have_cert; // Do CTX have cert loaded?
 	

Return to bug 232309

Line 0 Link Here

(-)files/patch-src_sw__ssl.cxx (+83 lines)
		1	--- src/sw_ssl.cxx.orig 2018-09-18 09:32:11 UTC
		2	+++ src/sw_ssl.cxx
		3	@@ -4,7 +4,7 @@
		4	// Started 020316
		5	//
		6	// License: LGPL v2.1+ (see the file LICENSE)
		7	-// (c)2002-2003 Anders Lindström
		8	+// (c)2002-2003 Anders Lindstr?m
		9
		10	/***********************************************************************
		11	* This library is free software; you can redistribute it and/or *
		12	@@ -22,6 +22,7 @@
		13	#include <openssl/x509.h>
		14	#include <openssl/rsa.h>
		15	#include <openssl/evp.h>
		16	+#include <cstring>
		17
		18	using namespace std;
		19
		20	@@ -31,7 +32,25 @@ extern int close(int fd);
		21	extern int fcntl(int fd, int cmd, long arg);
		22	#endif
		23
		24	+#if OPENSSL_VERSION_NUMBER < 0x10100000L
		25
		26	+int X509_get_signature_nid(const X509* peer)
		27	+{
		28	+ return OBJ_obj2nid(peer->sig_alg->algorithm);
		29	+}
		30	+int X509_certificate_type(const X509 , const EVP_PKEY pubkey)
		31	+{
		32	+ return OBJ_nid2sn(pubkey->type);
		33	+}
		34	+
		35	+int SSL_CTX_up_ref(SSL_CTX *ctx)
		36	+{
		37	+ return ctx->references++;
		38	+}
		39	+
		40	+#endif
		41	+
		42	+
		43	//====================================================================
		44	//== Helper functions
		45	//====================================================================
		46	@@ -557,7 +576,8 @@ bool SWSSLSocket::get_peerCert_info(SWSSLSocket::peerC
		47	info->version = X509_get_version(peer);
		48
		49	// Signature algorithm
		50	- int nid = OBJ_obj2nid(peer->sig_alg->algorithm);
		51	+
		52	+ int nid = X509_get_signature_nid(peer);
		53	if( nid != NID_undef )
		54	info->sgnAlgorithm = OBJ_nid2sn(nid);
		55	else
		56	@@ -566,7 +586,7 @@ bool SWSSLSocket::get_peerCert_info(SWSSLSocket::peerC
		57	// Key algorithm
		58	EVP_PKEY *pkey = X509_get_pubkey(peer);
		59	if( pkey ){
		60	- info->keyAlgorithm = OBJ_nid2sn(pkey->type);
		61	+ info->keyAlgorithm = X509_certificate_type(peer, pkey);
		62	info->keySize = 8 * EVP_PKEY_size(pkey);
		63	}else{
		64	info->keyAlgorithm = "";
65	@@ -689,7 +709,8 @@ bool SWSSLSocket::check_cert(SWBaseError *error)
66	}
67	}
68
69	- if( !(cert = BuildCertificate("SocketW session cert", NULL, NULL, evp_pkey)) ){
70	+ char certificateName[22] = "SocketW session cert\0";
71	+ if( !(cert = BuildCertificate(certificateName, NULL, NULL, evp_pkey)) ){
72	handle_ERRerror(error, fatal, "SWSSLSocket::handle_crypto_data() ");
73	return false;
74	}
75	@@ -718,7 +739,7 @@ SWBaseSocket* SWSSLSocket::create(int socketdescriptor
76	// Copy CTX object pointer
77	remoteClass->ctx = ctx;
78	if( ctx )
79	- ctx->references++; // We don't want our destructor to delete ctx if still in use
80	+ SSL_CTX_up_ref(ctx);
81
82	remoteClass->have_cert = have_cert; // Do CTX have cert loaded?
83