svn commit: r1705204 - in /tomcat/native/branches/1.1.x/native/src: sslinfo.c sslutils.c

Thu, 24 Sep 2015 18:23:01 -0700 

Author: billbarker
Date: Fri Sep 25 01:22:42 2015
New Revision: 1705204

URL: http://svn.apache.org/viewvc?rev=1705204&view=rev
Log:
Bring code up to date with OpenSSL master. Will port to trunk after I see how 
Gump does with the changes

Modified:
    tomcat/native/branches/1.1.x/native/src/sslinfo.c
    tomcat/native/branches/1.1.x/native/src/sslutils.c

Modified: tomcat/native/branches/1.1.x/native/src/sslinfo.c
URL: 
http://svn.apache.org/viewvc/tomcat/native/branches/1.1.x/native/src/sslinfo.c?rev=1705204&r1=1705203&r2=1705204&view=diff
==============================================================================
--- tomcat/native/branches/1.1.x/native/src/sslinfo.c (original)
+++ tomcat/native/branches/1.1.x/native/src/sslinfo.c Fri Sep 25 01:22:42 2015
@@ -393,14 +393,22 @@ TCN_IMPLEMENT_CALL(jstring, SSLSocket, g
                     }
                 break;
                 case SSL_INFO_CLIENT_A_SIG:
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
                     nid = OBJ_obj2nid((ASN1_OBJECT 
*)xs->cert_info->signature->algorithm);
+#else
+                    nid = X509_get_signature_nid(xs);
+#endif
                     if (nid == NID_undef)
                         value = tcn_new_string(e, "UNKNOWN");
                     else
                         value = tcn_new_string(e, OBJ_nid2ln(nid));
                 break;
                 case SSL_INFO_CLIENT_A_KEY:
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
                     nid = OBJ_obj2nid((ASN1_OBJECT 
*)xs->cert_info->key->algor->algorithm);
+#else
+                    nid = OBJ_obj2nid((ASN1_OBJECT 
*)(X509_get_X509_PUBKEY(xs)->algor->algorithm));
+#endif
                     if (nid == NID_undef)
                         value = tcn_new_string(e, "UNKNOWN");
                     else
@@ -442,14 +450,22 @@ TCN_IMPLEMENT_CALL(jstring, SSLSocket, g
                     }
                 break;
                 case SSL_INFO_SERVER_A_SIG:
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
                     nid = OBJ_obj2nid((ASN1_OBJECT 
*)xs->cert_info->signature->algorithm);
+#else
+                    nid = X509_get_signature_nid(xs);
+#endif
                     if (nid == NID_undef)
                         value = tcn_new_string(e, "UNKNOWN");
                     else
                         value = tcn_new_string(e, OBJ_nid2ln(nid));
                 break;
                 case SSL_INFO_SERVER_A_KEY:
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
                     nid = OBJ_obj2nid((ASN1_OBJECT 
*)xs->cert_info->key->algor->algorithm);
+#else
+                    nid = OBJ_obj2nid((ASN1_OBJECT 
*)(X509_get_X509_PUBKEY(xs)->algor->algorithm));
+#endif
                     if (nid == NID_undef)
                         value = tcn_new_string(e, "UNKNOWN");
                     else

Modified: tomcat/native/branches/1.1.x/native/src/sslutils.c
URL: 
http://svn.apache.org/viewvc/tomcat/native/branches/1.1.x/native/src/sslutils.c?rev=1705204&r1=1705203&r2=1705204&view=diff
==============================================================================
--- tomcat/native/branches/1.1.x/native/src/sslutils.c (original)
+++ tomcat/native/branches/1.1.x/native/src/sslutils.c Fri Sep 25 01:22:42 2015
@@ -405,7 +405,11 @@ static int ssl_verify_CRL(int ok, X509_S
             X509_REVOKED *revoked =
                 sk_X509_REVOKED_value(X509_CRL_get_REVOKED(crl), i);
 
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
             ASN1_INTEGER *sn = revoked->serialNumber;
+#else
+            ASN1_INTEGER *sn = X509_REVOKED_get0_serialNumber(revoked);
+#endif
 
             if (!ASN1_INTEGER_cmp(sn, X509_get_serialNumber(cert))) {
                 X509_STORE_CTX_set_error(ctx, X509_V_ERR_CERT_REVOKED);



---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Reply via email to