Author: markt
Date: Wed Aug 23 11:10:58 2017
New Revision: 1805879
URL: http://svn.apache.org/viewvc?rev=1805879&view=rev
Log:
Partial fix for https://bz.apache.org/bugzilla/show_bug.cgi?id=58434
Fix enough of the remaining warnings to enable Tomcat to start and a serve
pages over TLS.
Some warnings remain to be fixed.
Not extensively tested
Modified:
tomcat/native/trunk/native/src/ssl.c
tomcat/native/trunk/native/src/sslcontext.c
Modified: tomcat/native/trunk/native/src/ssl.c
URL:
http://svn.apache.org/viewvc/tomcat/native/trunk/native/src/ssl.c?rev=1805879&r1=1805878&r2=1805879&view=diff
==============================================================================
--- tomcat/native/trunk/native/src/ssl.c (original)
+++ tomcat/native/trunk/native/src/ssl.c Wed Aug 23 11:10:58 2017
@@ -303,7 +303,7 @@ DH *SSL_get_dh_params(unsigned keylen)
return NULL; /* impossible to reach. */
}
-#if OPENSSL_VERSION_NUMBER >= 0x10100000L
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
static void init_bio_methods(void);
static void free_bio_methods(void);
#endif
@@ -338,7 +338,7 @@ static apr_status_t ssl_init_cleanup(voi
tcn_password_callback.cb.obj);
}
-#if OPENSSL_VERSION_NUMBER >= 0x10100000L
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
free_bio_methods();
#endif
free_dh_params();
@@ -357,7 +357,7 @@ static apr_status_t ssl_init_cleanup(voi
ENGINE_cleanup();
#endif
CRYPTO_cleanup_all_ex_data();
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
ERR_remove_thread_state(NULL);
#endif
@@ -813,7 +813,7 @@ TCN_IMPLEMENT_CALL(jint, SSL, initialize
SSL_init_app_data2_3_idx();
init_dh_params();
-#if OPENSSL_VERSION_NUMBER >= 0x10100000L
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
init_bio_methods();
#endif
@@ -1111,7 +1111,7 @@ static long jbs_ctrl(BIO *b, int cmd, lo
return ret;
}
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
static BIO_METHOD jbs_methods = {
BIO_TYPE_FILE,
"Java Callback",
@@ -1147,7 +1147,7 @@ static void free_bio_methods(void)
static BIO_METHOD *BIO_jbs()
{
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
return(&jbs_methods);
#else
return jbs_methods;
Modified: tomcat/native/trunk/native/src/sslcontext.c
URL:
http://svn.apache.org/viewvc/tomcat/native/trunk/native/src/sslcontext.c?rev=1805879&r1=1805878&r2=1805879&view=diff
==============================================================================
--- tomcat/native/trunk/native/src/sslcontext.c (original)
+++ tomcat/native/trunk/native/src/sslcontext.c Wed Aug 23 11:10:58 2017
@@ -226,7 +226,7 @@ TCN_IMPLEMENT_CALL(jlong, SSLContext, ma
BIO_set_fp(c->bio_os, stderr, BIO_NOCLOSE | BIO_FP_TEXT);
SSL_CTX_set_options(c->ctx, SSL_OP_ALL);
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
/* always disable SSLv2, as per RFC 6176 */
SSL_CTX_set_options(ctx, SSL_OP_NO_SSLv2);
if (!(protocol & SSL_PROTOCOL_SSLV3))
@@ -242,7 +242,7 @@ TCN_IMPLEMENT_CALL(jlong, SSLContext, ma
SSL_CTX_set_options(c->ctx, SSL_OP_NO_TLSv1_2);
#endif
-#else /* if OPENSSL_VERSION_NUMBER < 0x10100000L */
+#else /* if OPENSSL_VERSION_NUMBER < 0x10100000L ||
defined(LIBRESSL_VERSION_NUMBER) */
/* We first determine the maximum protocol version we should provide */
if (protocol & SSL_PROTOCOL_TLSV1_2) {
prot = TLS1_2_VERSION;
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
