This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat-native.git
commit f7930fa16f095717cfc641a8d24e60c343765adc
Author: Mark Thomas <ma...@apache.org>
AuthorDate: Tue May 24 21:49:45 2022 +0100
Update OpenSSL to 3.0.0 and make it required
---
CMakeLists.txt | 2 +-
native/NMAKEmakefile | 2 +-
native/build/rpm/tcnative.spec.in | 4 +-
native/build/tcnative.m4 | 193 ++++++++----------
native/configure.in | 24 +--
native/libtcnative.dsp | 4 +-
native/src/ssl.c | 407 --------------------------------------
native/src/sslconf.c | 60 ------
native/src/sslcontext.c | 364 ----------------------------------
native/src/sslutils.c | 2 -
native/srclib/VERSIONS | 39 +---
native/tcnative.dsp | 4 +-
xdocs/miscellaneous/changelog.xml | 4 +
13 files changed, 103 insertions(+), 1006 deletions(-)
diff --git a/CMakeLists.txt b/CMakeLists.txt
index 5db4ca147..0191acec2 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -42,7 +42,7 @@ include_directories (${TOMCAT_JNI_SOURCE_DIR}/native/include
set (SSL_C_FLAGS "-DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H
-Wa,--noexecstack -DL_ENDIAN -DTERMIO -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT
-DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM
-DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM
-DGHASH_ASM ")
-set (CMAKE_C_FLAGS "-pthread -DHAVE_CONFIG_H -DLINUX=2 -D_REENTRANT
-D_GNU_SOURCE -DHAVE_OPENSSL -fPIC -DOPENSSL_PIC -m64 -O3 -Wall
${SSL_C_FLAGS}")
+set (CMAKE_C_FLAGS "-pthread -DHAVE_CONFIG_H -DLINUX=2 -D_REENTRANT
-D_GNU_SOURCE -fPIC -DOPENSSL_PIC -m64 -O3 -Wall ${SSL_C_FLAGS}")
set (OPENSSL_SRC ${DEPS}/openssl)
diff --git a/native/NMAKEmakefile b/native/NMAKEmakefile
index 1c91b5c47..e32c69e6c 100644
--- a/native/NMAKEmakefile
+++ b/native/NMAKEmakefile
@@ -83,7 +83,7 @@ LFLAGS = $(LFLAGS) libeay32.lib ssleay32.lib
!ENDIF
CFLAGS = $(CFLAGS) -DZLIB_WINAPI -DNO_IDEA -DNO_RC5 -DNO_MDC2
-DOPENSSL_NO_IDEA \
- -DOPENSSL_NO_RC5 -DOPENSSL_NO_MDC2 -DHAVE_OPENSSL -DHAVE_SSL_SET_STATE=1
+ -DOPENSSL_NO_RC5 -DOPENSSL_NO_MDC2 -DHAVE_SSL_SET_STATE=1
PDBFLAGS = -Fo$(WORKDIR)\ -Fd$(WORKDIR)\$(PROJECT)-src
diff --git a/native/build/rpm/tcnative.spec.in
b/native/build/rpm/tcnative.spec.in
index b2a719700..9b2cd6e05 100644
--- a/native/build/rpm/tcnative.spec.in
+++ b/native/build/rpm/tcnative.spec.in
@@ -28,7 +28,7 @@ Group: System Environment/Libraries
URL: http://apr.apache.org/
Source0: %{name}-%{version}.tar.gz
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-buildroot
-BuildPrereq: autoconf, libtool, doxygen, apr-devel >=
%{aprmajor}.%{aprminor}.0, openssl >= 1.0.2
+BuildPrereq: autoconf, libtool, doxygen, apr-devel >=
%{aprmajor}.%{aprminor}.0, openssl >= 3.0.0
%description
The mission of the Tomcat Native Library (TCN) is to provide a
@@ -38,7 +38,7 @@ contains additional utility interfaces for Java.
%package devel
Group: Development/Libraries
Summary: Tomcat Native development kit
-Requires: tcnative = %{version}-%{release}, apr-devel >=
%{aprmajor}.%{aprminor}.0, openssl-devel >= 1.0.2
+Requires: tcnative = %{version}-%{release}, apr-devel >=
%{aprmajor}.%{aprminor}.0, openssl-devel >= 3.0.0
%description devel
The mission of the Tomcat Native Library (TCN) is to provide a
diff --git a/native/build/tcnative.m4 b/native/build/tcnative.m4
index 9681586ae..4997968a5 100644
--- a/native/build/tcnative.m4
+++ b/native/build/tcnative.m4
@@ -149,137 +149,112 @@ dnl as the help string.
AC_DEFUN(TCN_HELP_STRING,[ifelse(regexp(AC_ACVERSION, 2\.1), -1,
AC_HELP_STRING($1,$2),[ ]$1 substr([ ],len($1))$2)])dnl
dnl
-dnl TCN_CHECK_SSL_TOOLKIT
+dnl TCN_FIND_SSL_TOOLKIT
dnl
dnl Configure for the detected openssl toolkit installation, giving
dnl preference to "--with-ssl=<path>" if it was specified.
dnl
-AC_DEFUN(TCN_CHECK_SSL_TOOLKIT,[
-AC_MSG_CHECKING(for OpenSSL library)
-AC_ARG_WITH(ssl,
-[ --with-ssl[=PATH] Build with OpenSSL [yes|no|path]],
- use_openssl="$withval", use_openssl="auto")
-
-openssldirs="/usr /usr/local /usr/local/ssl /usr/pkg /usr/sfw"
-if test "$use_openssl" = "auto"
-then
+AC_DEFUN([TCN_FIND_SSL_TOOLKIT],[
+ AC_ARG_WITH(ssl,[ --with-ssl=DIR Specify the location of your OpenSSL
installation],[
+ AC_MSG_CHECKING([for OpenSSL library])
+ if test -d "$withval"
+ then
+ use_openssl="$withval"
+ AC_MSG_RESULT([$use_openssl])
+ else
+ AC_MSG_RESULT([failed])
+ AC_MSG_ERROR([$withval is not a directory])
+ fi
+ ])
+
+ if test "x$use_openssl" = x
+ then
+ # User did not specify a path - guess it
+ AC_MSG_CHECKING([for OpenSSL location])
+ openssldirs="/usr /usr/local /usr/local/ssl /usr/pkg /usr/sfw"
for d in $openssldirs
- do
+ do
if test -f $d/include/openssl/opensslv.h
then
- use_openssl=$d
- break
+ use_openssl=$d
+ break
fi
- done
-fi
-case "$use_openssl" in
- no)
- AC_MSG_RESULT(no)
- TCN_OPENSSL_INC=""
- USE_OPENSSL=""
+ done
+ fi
+
+ if test x"$use_openssl" = x
+ then
+ AC_MSG_RESULT(not found)
+ AC_MSG_ERROR([OpenSSL was not found in any of $openssldirs; use
--with-ssl=/path])
+ fi
+
+ USE_OPENSSL='-DOPENSSL'
+
+ test -d $use_openssl/lib64 && ssllibdir=lib64 || ssllibdir=lib
+
+ if test "$use_openssl" = "/usr"
+ then
+ TCN_OPENSSL_INC=""
+ TCN_OPENSSL_LIBS="-lssl -lcrypto"
+ else
+ TCN_OPENSSL_INC="-I$use_openssl/include"
+ case $host in
+ *-solaris*)
+ TCN_OPENSSL_LIBS="-L$use_openssl/$ssllibdir -R$use_openssl/$ssllibdir
-lssl -lcrypto"
;;
- auto)
- TCN_OPENSSL_INC=""
- USE_OPENSSL=""
- AC_MSG_RESULT(not found)
+ *-hp-hpux*)
+ # By default cc/aCC on HP-UX IA64 will produce 32 bit output
+ ssllibdir=lib/hpux32
+ TCN_OPENSSL_LIBS="-L$use_openssl/$ssllibdir -lssl -lcrypto"
;;
- *)
- if test "$use_openssl" = "yes"
- then
- # User did not specify a path - guess it
- for d in $openssldirs
- do
- if test -f $d/include/openssl/opensslv.h
- then
- use_openssl=$d
- break
- fi
- done
- if test "$use_openssl" = "yes"
- then
- AC_MSG_RESULT(not found)
- AC_MSG_ERROR(
-[OpenSSL was not found in any of $openssldirs; use --with-ssl=/path])
- fi
- fi
- USE_OPENSSL='-DOPENSSL'
-
- test -d $use_openssl/lib64 && ssllibdir=lib64 || ssllibdir=lib
- if test "$use_openssl" = "/usr"
- then
- TCN_OPENSSL_INC=""
- TCN_OPENSSL_LIBS="-lssl -lcrypto"
- else
- TCN_OPENSSL_INC="-I$use_openssl/include"
- case $host in
- *-solaris*)
- TCN_OPENSSL_LIBS="-L$use_openssl/$ssllibdir
-R$use_openssl/$ssllibdir -lssl -lcrypto"
- ;;
- *-hp-hpux*)
- # By default cc/aCC on HP-UX IA64 will produce 32 bit output
- ssllibdir=lib/hpux32
- TCN_OPENSSL_LIBS="-L$use_openssl/$ssllibdir -lssl -lcrypto"
- ;;
- *linux*|*freebsd*)
- TCN_OPENSSL_LIBS="-L$use_openssl/$ssllibdir
-Wl,-rpath,$use_openssl/$ssllibdir -lssl -lcrypto"
- ;;
- *)
- TCN_OPENSSL_LIBS="-L$use_openssl/$ssllibdir -lssl -lcrypto"
- ;;
- esac
- fi
- AC_MSG_RESULT(using openssl from $use_openssl/$ssllibdir and
$use_openssl/include)
+ *linux*|*freebsd*)
+ TCN_OPENSSL_LIBS="-L$use_openssl/$ssllibdir
-Wl,-rpath,$use_openssl/$ssllibdir -lssl -lcrypto"
+ ;;
+ *)
+ TCN_OPENSSL_LIBS="-L$use_openssl/$ssllibdir -lssl -lcrypto"
+ ;;
+ esac
+ fi
+
+ AC_MSG_RESULT(using openssl from $use_openssl/$ssllibdir and
$use_openssl/include)
- saved_cflags="$CFLAGS"
- saved_libs="$LIBS"
- CFLAGS="$CFLAGS $TCN_OPENSSL_INC"
- LIBS="$LIBS $TCN_OPENSSL_LIBS"
+ saved_cflags="$CFLAGS"
+ saved_libs="$LIBS"
+ CFLAGS="$CFLAGS $TCN_OPENSSL_INC"
+ LIBS="$LIBS $TCN_OPENSSL_LIBS"
-AC_ARG_ENABLE(openssl-version-check,
-[AC_HELP_STRING([--disable-openssl-version-check],
- [disable the OpenSSL version check])])
-case "$enable_openssl_version_check" in
-yes|'')
- AC_MSG_CHECKING(OpenSSL library version >= 1.0.2)
- AC_TRY_RUN([
+ AC_ARG_ENABLE(openssl-version-check,
+ [AC_HELP_STRING([--disable-openssl-version-check],
+ [disable the OpenSSL version check])])
+ case "$enable_openssl_version_check" in
+ yes|'')
+ AC_MSG_CHECKING(OpenSSL library version >= 3.0.0)
+ AC_TRY_RUN([
#include <stdio.h>
#include <openssl/opensslv.h>
int main() {
- if (OPENSSL_VERSION_NUMBER >= 0x1000200fL)
+ if (OPENSSL_VERSION_NUMBER >= 0x3000000fL)
return (0);
printf("\n\nFound OPENSSL_VERSION_NUMBER %#010x (" OPENSSL_VERSION_TEXT
")\n",
OPENSSL_VERSION_NUMBER);
- printf("Require OPENSSL_VERSION_NUMBER 0x1000200f or greater (1.0.2)\n\n");
+ printf("Require OPENSSL_VERSION_NUMBER 0x3000000f or greater (3.0.0)\n\n");
return (1);
}
- ],
- [AC_MSG_RESULT(ok)],
- [AC_MSG_ERROR(Your version of OpenSSL is not compatible with this
version of tcnative)],
- [AC_MSG_RESULT(assuming target platform has compatible version)])
-;;
-no)
+ ],
+ [AC_MSG_RESULT(ok)],
+ [AC_MSG_ERROR(Your version of OpenSSL is not compatible with this version
of tcnative)],
+ [AC_MSG_RESULT(assuming target platform has compatible version)])
+ ;;
+ no)
AC_MSG_RESULT(Skipped OpenSSL version check)
-;;
-esac
+ ;;
+ esac
- AC_MSG_CHECKING(for OpenSSL DSA support)
- if test -f $use_openssl/include/openssl/dsa.h
- then
- AC_DEFINE(HAVE_OPENSSL_DSA)
- AC_MSG_RESULT(yes)
- else
- AC_MSG_RESULT(no)
- fi
- CFLAGS="$saved_cflags"
- LIBS="$saved_libs"
- ;;
-esac
-if test "x$USE_OPENSSL" != "x"
-then
- APR_ADDTO(TCNATIVE_PRIV_INCLUDES, [$TCN_OPENSSL_INC])
- APR_ADDTO(TCNATIVE_LDFLAGS, [$TCN_OPENSSL_LIBS])
- APR_ADDTO(CFLAGS, [-DHAVE_OPENSSL])
-fi
+ CFLAGS="$saved_cflags"
+ LIBS="$saved_libs"
+
+ APR_ADDTO(TCNATIVE_PRIV_INCLUDES, [$TCN_OPENSSL_INC])
+ APR_ADDTO(TCNATIVE_LDFLAGS, [$TCN_OPENSSL_LIBS])
])
dnl
diff --git a/native/configure.in b/native/configure.in
index ee9ff2f93..f7262e9a8 100644
--- a/native/configure.in
+++ b/native/configure.in
@@ -132,23 +132,6 @@ AC_SUBST(JAVA_PLATFORM)
AC_SUBST(JAVA_OS)
-dnl
-dnl Detect openssl toolkit installation
-dnl
-
-use_openssl=true;
-
-AC_ARG_ENABLE(openssl,
-[AS_HELP_STRING([--disable-openssl],[avoid using OpenSSL toolkit])],
-[
- case "${enableval}" in
- no )
- use_openssl=false;
- AC_MSG_RESULT([Disabling SSL support...])
- ;;
- esac
-])
-
AC_ARG_ENABLE(insecure-export-ciphers,
[AS_HELP_STRING([--enable-insecure-export-ciphers],[allow including insecure
export and null ciphers in the cipher string (default is disabled=not
allowed)])],
[
@@ -160,9 +143,10 @@ AC_ARG_ENABLE(insecure-export-ciphers,
esac
])
-if $use_openssl ; then
- TCN_CHECK_SSL_TOOLKIT
-fi
+dnl
+dnl Find the OpenSSL installation
+dnl
+TCN_FIND_SSL_TOOLKIT
so_ext=$APR_SO_EXT
lib_target=$APR_LIB_TARGET
diff --git a/native/libtcnative.dsp b/native/libtcnative.dsp
index 4451dcc64..d4f79e8e8 100644
--- a/native/libtcnative.dsp
+++ b/native/libtcnative.dsp
@@ -43,7 +43,7 @@ RSC=rc.exe
# PROP Ignore_Export_Lib 0
# PROP Target_Dir ""
# ADD BASE CPP /nologo /MD /W3 /Zi /O2 /Oy- /D "WIN32" /D "NDEBUG" /D
"_WINDOWS" /FD /c
-# ADD CPP /nologo /MD /W3 /Zi /O2 /Oy- /I "./include" /I
"./srclib/apr/include" /I "./srclib/apr/include/arch/win32" /I
"$(JAVA_HOME)/include" /I "$(JAVA_HOME)/include/win32" /I
"./srclib/openssl/inc32" /D "NDEBUG" /D "WIN32" /D "_WINDOWS" /D "NO_IDEA" /D
"NO_RC5" /D "NO_MDC2" /D "OPENSSL_NO_IDEA" /D "OPENSSL_NO_RC5" /D
"OPENSSL_NO_MDC2" /D "HAVE_OPENSSL" /D HAVE_SSL_SET_STATE=1
/Fd"Release\libtcnative_src" /FD /c
+# ADD CPP /nologo /MD /W3 /Zi /O2 /Oy- /I "./include" /I
"./srclib/apr/include" /I "./srclib/apr/include/arch/win32" /I
"$(JAVA_HOME)/include" /I "$(JAVA_HOME)/include/win32" /I
"./srclib/openssl/inc32" /D "NDEBUG" /D "WIN32" /D "_WINDOWS" /D "NO_IDEA" /D
"NO_RC5" /D "NO_MDC2" /D "OPENSSL_NO_IDEA" /D "OPENSSL_NO_RC5" /D
"OPENSSL_NO_MDC2" /D HAVE_SSL_SET_STATE=1 /Fd"Release\libtcnative_src" /FD /c
# ADD BASE MTL /nologo /D "NDEBUG" /mktyplib203 /o /win32 "NUL"
# ADD MTL /nologo /D "NDEBUG" /mktyplib203 /o /win32 "NUL"
# ADD BASE RSC /l 0x409 /d "NDEBUG"
@@ -69,7 +69,7 @@ LINK32=link.exe
# PROP Ignore_Export_Lib 0
# PROP Target_Dir ""
# ADD BASE CPP /nologo /MDd /W3 /GX /Zi /Od /D "WIN32" /D "_DEBUG" /D
"_WINDOWS" /FD /c
-# ADD CPP /nologo /MDd /W4 /GX /Zi /Od /I "./include" /I
"./srclib/apr/include" /I "./srclib/apr/include/arch/win32" /I
"$(JAVA_HOME)/include" /I "$(JAVA_HOME)/include/win32" /I
"./srclib/openssl/inc32" /D "_DEBUG" /D "WIN32" /D "_WINDOWS" /D "NO_IDEA" /D
"NO_RC5" /D "NO_MDC2" /D "OPENSSL_NO_IDEA" /D "OPENSSL_NO_RC5" /D
"OPENSSL_NO_MDC2" /D "HAVE_OPENSSL" /D HAVE_SSL_SET_STATE=1
/Fd"Debug\libtcnative_src" /FD /c
+# ADD CPP /nologo /MDd /W4 /GX /Zi /Od /I "./include" /I
"./srclib/apr/include" /I "./srclib/apr/include/arch/win32" /I
"$(JAVA_HOME)/include" /I "$(JAVA_HOME)/include/win32" /I
"./srclib/openssl/inc32" /D "_DEBUG" /D "WIN32" /D "_WINDOWS" /D "NO_IDEA" /D
"NO_RC5" /D "NO_MDC2" /D "OPENSSL_NO_IDEA" /D "OPENSSL_NO_RC5" /D
"OPENSSL_NO_MDC2" /D HAVE_SSL_SET_STATE=1 /Fd"Debug\libtcnative_src" /FD /c
# ADD BASE MTL /nologo /D "_DEBUG" /mktyplib203 /o /win32 "NUL"
# ADD MTL /nologo /D "_DEBUG" /mktyplib203 /o /win32 "NUL"
# ADD BASE RSC /l 0x409 /d "_DEBUG"
diff --git a/native/src/ssl.c b/native/src/ssl.c
index 6d248550f..ca6a5c26a 100644
--- a/native/src/ssl.c
+++ b/native/src/ssl.c
@@ -20,7 +20,6 @@
#include "apr_atomic.h"
#include "apr_poll.h"
-#ifdef HAVE_OPENSSL
#include "ssl_private.h"
static int ssl_initialized = 0;
@@ -2034,409 +2033,3 @@ TCN_IMPLEMENT_CALL(jint, SSL,
getHandshakeCount)(TCN_STDARGS, jlong ssl)
}
/*** End Apple API Additions ***/
-
-#else /* HAVE_OPENSSL */
-/* OpenSSL is not supported.
- * Create empty stubs.
- */
-
-TCN_IMPLEMENT_CALL(jint, SSL, version)(TCN_STDARGS)
-{
- UNREFERENCED_STDARGS;
- return 0;
-}
-
-TCN_IMPLEMENT_CALL(jstring, SSL, versionString)(TCN_STDARGS)
-{
- UNREFERENCED_STDARGS;
- return NULL;
-}
-
-TCN_IMPLEMENT_CALL(jint, SSL, initialize)(TCN_STDARGS, jstring engine)
-{
- UNREFERENCED(o);
- UNREFERENCED(engine);
- tcn_ThrowAPRException(e, APR_ENOTIMPL);
- return (jint)APR_ENOTIMPL;
-}
-
-TCN_IMPLEMENT_CALL(jboolean, SSL, randLoad)(TCN_STDARGS, jstring file)
-{
- UNREFERENCED_STDARGS;
- UNREFERENCED(file);
- return JNI_FALSE;
-}
-
-TCN_IMPLEMENT_CALL(jboolean, SSL, randSave)(TCN_STDARGS, jstring file)
-{
- UNREFERENCED_STDARGS;
- return JNI_FALSE;
-}
-
-TCN_IMPLEMENT_CALL(jboolean, SSL, randMake)(TCN_STDARGS, jstring file,
- jint length, jboolean base64)
-{
- UNREFERENCED_STDARGS;
- UNREFERENCED(file);
- UNREFERENCED(length);
- UNREFERENCED(base64);
- return JNI_FALSE;
-}
-
-TCN_IMPLEMENT_CALL(void, SSL, randSet)(TCN_STDARGS, jstring file)
-{
- UNREFERENCED_STDARGS;
- UNREFERENCED(file);
-}
-
-TCN_IMPLEMENT_CALL(jint, SSL, fipsModeGet)(TCN_STDARGS)
-{
- UNREFERENCED(o);
- tcn_ThrowException(e, "FIPS was not available to tcnative at build time.
You will need to re-build tcnative against an OpenSSL with FIPS.");
- return 0;
-}
-
-TCN_IMPLEMENT_CALL(jint, SSL, fipsModeSet)(TCN_STDARGS, jint mode)
-{
- UNREFERENCED(o);
- UNREFERENCED(mode);
- tcn_ThrowException(e, "FIPS was not available to tcnative at build time.
You will need to re-build tcnative against an OpenSSL with FIPS.");
- return 0;
-}
-
-TCN_IMPLEMENT_CALL(jlong, SSL, newBIO)(TCN_STDARGS, jlong pool,
- jobject callback)
-{
- UNREFERENCED_STDARGS;
- UNREFERENCED(pool);
- UNREFERENCED(callback);
- return 0;
-}
-
-TCN_IMPLEMENT_CALL(jint, SSL, closeBIO)(TCN_STDARGS, jlong bio)
-{
- UNREFERENCED_STDARGS;
- UNREFERENCED(bio);
- return (jint)APR_ENOTIMPL;
-}
-
-TCN_IMPLEMENT_CALL(void, SSL, setPasswordCallback)(TCN_STDARGS,
- jobject callback)
-{
- UNREFERENCED_STDARGS;
- UNREFERENCED(callback);
-}
-
-TCN_IMPLEMENT_CALL(void, SSL, setPassword)(TCN_STDARGS, jstring password)
-{
- UNREFERENCED_STDARGS;
- UNREFERENCED(password);
-}
-
-TCN_IMPLEMENT_CALL(jboolean, SSL, generateRSATempKey)(TCN_STDARGS, jint idx)
-{
- UNREFERENCED_STDARGS;
- UNREFERENCED(idx);
- return JNI_FALSE;
-}
-
-TCN_IMPLEMENT_CALL(jboolean, SSL, loadDSATempKey)(TCN_STDARGS, jint idx,
- jstring file)
-{
- UNREFERENCED_STDARGS;
- UNREFERENCED(idx);
- UNREFERENCED(file);
- return JNI_FALSE;
-}
-
-TCN_IMPLEMENT_CALL(jstring, SSL, getLastError)(TCN_STDARGS)
-{
- UNREFERENCED_STDARGS;
- return NULL;
-}
-
-TCN_IMPLEMENT_CALL(jboolean, SSL, hasOp)(TCN_STDARGS, jint op)
-{
- UNREFERENCED_STDARGS;
- UNREFERENCED(op);
- return JNI_FALSE;
-}
-
-/*** Begin Twitter 1:1 API addition ***/
-TCN_IMPLEMENT_CALL(jint, SSL, getLastErrorNumber)(TCN_STDARGS) {
- UNREFERENCED(o);
- tcn_ThrowException(e, "Not implemented");
- return 0;
-}
-
-TCN_IMPLEMENT_CALL(jlong /* SSL * */, SSL, newSSL)(TCN_STDARGS,
- jlong ctx /* tcn_ssl_ctxt_t
* */,
- jboolean server) {
- UNREFERENCED(o);
- UNREFERENCED(ctx);
- UNREFERENCED(server);
- tcn_ThrowException(e, "Not implemented");
- return 0;
-}
-
-TCN_IMPLEMENT_CALL(void, SSL, setBIO)(TCN_STDARGS, jlong ssl, jlong rbio,
jlong wbio) {
- UNREFERENCED(o);
- UNREFERENCED(ssl);
- UNREFERENCED(rbio);
- UNREFERENCED(wbio);
- tcn_ThrowException(e, "Not implemented");
-}
-
-TCN_IMPLEMENT_CALL(jint, SSL, pendingWrittenBytesInBIO)(TCN_STDARGS, jlong
bio) {
- UNREFERENCED(o);
- UNREFERENCED(bio);
- tcn_ThrowException(e, "Not implemented");
- return 0;
-}
-
-TCN_IMPLEMENT_CALL(jint, SSL, pendingReadableBytesInSSL)(TCN_STDARGS, jlong
ssl) {
- UNREFERENCED(o);
- UNREFERENCED(ssl);
- tcn_ThrowException(e, "Not implemented");
- return 0;
-}
-
-TCN_IMPLEMENT_CALL(jint, SSL, writeToBIO)(TCN_STDARGS, jlong bio, jlong wbuf,
jint wlen) {
- UNREFERENCED(o);
- UNREFERENCED(bio);
- UNREFERENCED(wbuf);
- UNREFERENCED(wlen);
- tcn_ThrowException(e, "Not implemented");
- return 0;
-}
-
-TCN_IMPLEMENT_CALL(jint, SSL, readFromBIO)(TCN_STDARGS, jlong bio, jlong rbuf,
jint rlen) {
- UNREFERENCED(o);
- UNREFERENCED(bio);
- UNREFERENCED(rbuf);
- UNREFERENCED(rlen);
- tcn_ThrowException(e, "Not implemented");
- return 0;
-}
-
-TCN_IMPLEMENT_CALL(jint, SSL, writeToSSL)(TCN_STDARGS, jlong ssl, jlong wbuf,
jint wlen) {
- UNREFERENCED(o);
- UNREFERENCED(ssl);
- UNREFERENCED(wbuf);
- UNREFERENCED(wlen);
- tcn_ThrowException(e, "Not implemented");
- return 0;
-}
-
-TCN_IMPLEMENT_CALL(jint, SSL, readFromSSL)(TCN_STDARGS, jlong ssl, jlong rbuf,
jint rlen) {
- UNREFERENCED(o);
- UNREFERENCED(ssl);
- UNREFERENCED(rbuf);
- UNREFERENCED(rlen);
- tcn_ThrowException(e, "Not implemented");
- return 0;
-}
-
-TCN_IMPLEMENT_CALL(jint, SSL, getShutdown)(TCN_STDARGS, jlong ssl) {
- UNREFERENCED(o);
- UNREFERENCED(ssl);
- tcn_ThrowException(e, "Not implemented");
- return 0;
-}
-
-TCN_IMPLEMENT_CALL(void, SSL, setShutdown)(TCN_STDARGS, jlong ssl, jint mode) {
- UNREFERENCED(o);
- UNREFERENCED(ssl);
- UNREFERENCED(mode);
- tcn_ThrowException(e, "Not implemented");
-}
-
-TCN_IMPLEMENT_CALL(void, SSL, freeSSL)(TCN_STDARGS, jlong ssl) {
- UNREFERENCED(o);
- UNREFERENCED(ssl);
- tcn_ThrowException(e, "Not implemented");
-}
-
-TCN_IMPLEMENT_CALL(jlong, SSL, makeNetworkBIO)(TCN_STDARGS, jlong ssl) {
- UNREFERENCED(o);
- UNREFERENCED(ssl);
- tcn_ThrowException(e, "Not implemented");
- return 0;
-}
-
-TCN_IMPLEMENT_CALL(void, SSL, freeBIO)(TCN_STDARGS, jlong bio) {
- UNREFERENCED(o);
- UNREFERENCED(bio);
- tcn_ThrowException(e, "Not implemented");
-}
-
-TCN_IMPLEMENT_CALL(jint, SSL, shutdownSSL)(TCN_STDARGS, jlong ssl) {
- UNREFERENCED(o);
- UNREFERENCED(ssl);
- tcn_ThrowException(e, "Not implemented");
- return 0;
-}
-
-TCN_IMPLEMENT_CALL(jstring, SSL, getCipherForSSL)(TCN_STDARGS, jlong ssl) {
- UNREFERENCED(o);
- UNREFERENCED(ssl);
- tcn_ThrowException(e, "Not implemented");
- return NULL;
-}
-
-TCN_IMPLEMENT_CALL(jint, SSL, isInInit)(TCN_STDARGS, jlong ssl) {
- UNREFERENCED(o);
- UNREFERENCED(ssl);
- tcn_ThrowException(e, "Not implemented");
- return 0;
-}
-
-TCN_IMPLEMENT_CALL(jint, SSL, doHandshake)(TCN_STDARGS, jlong ssl) {
- UNREFERENCED(o);
- UNREFERENCED(ssl);
- tcn_ThrowException(e, "Not implemented");
- return 0;
-}
-
-TCN_IMPLEMENT_CALL(jint, SSL, renegotiate)(TCN_STDARGS, jlong ssl) {
- UNREFERENCED(o);
- UNREFERENCED(ssl);
- tcn_ThrowException(e, "Not implemented");
- return 0;
-}
-
-TCN_IMPLEMENT_CALL(jint, SSL, renegotiatePending)(TCN_STDARGS, jlong ssl) {
- UNREFERENCED(o);
- UNREFERENCED(ssl);
- tcn_ThrowException(e, "Not implemented");
- return 0;
-}
-
-TCN_IMPLEMENT_CALL(jint, SSL, verifyClientPostHandshake)(TCN_STDARGS, jlong
ssl) {
- UNREFERENCED(o);
- UNREFERENCED(ssl);
- tcn_ThrowException(e, "Not implemented");
- return 0;
-}
-
-TCN_IMPLEMENT_CALL(jint, SSL, getPostHandshakeAuthInProgress)(TCN_STDARGS,
jlong ssl) {
- UNREFERENCED(o);
- UNREFERENCED(ssl);
- tcn_ThrowException(e, "Not implemented");
- return 0;
-}
-
-TCN_IMPLEMENT_CALL(jstring, SSL, getNextProtoNegotiated)(TCN_STDARGS, jlong
ssl) {
- UNREFERENCED(o);
- UNREFERENCED(ssl);
- tcn_ThrowException(e, "Not implemented");
- return NULL;
-}
-
-/*** End Twitter 1:1 API addition ***/
-
-/*** Begin Apple 1:1 API addition ***/
-
-TCN_IMPLEMENT_CALL(jstring, SSL, getAlpnSelected)(TCN_STDARGS, jlong ssl) {
- UNREFERENCED(o);
- UNREFERENCED(ssl);
- tcn_ThrowException(e, "Not implemented");
- return NULL;
-}
-
-TCN_IMPLEMENT_CALL(jobjectArray, SSL, getPeerCertChain)(TCN_STDARGS, jlong ssl)
-{
- UNREFERENCED(o);
- UNREFERENCED(ssl);
- tcn_ThrowException(e, "Not implemented");
- return NULL;
-}
-
-TCN_IMPLEMENT_CALL(jbyteArray, SSL, getPeerCertificate)(TCN_STDARGS, jlong ssl)
-{
- UNREFERENCED(o);
- UNREFERENCED(ssl);
- tcn_ThrowException(e, "Not implemented");
- return NULL;
-}
-
-TCN_IMPLEMENT_CALL(jstring, SSL, getErrorString)(TCN_STDARGS, jlong number)
-{
- UNREFERENCED(o);
- UNREFERENCED(number);
- tcn_ThrowException(e, "Not implemented");
- return NULL;
-}
-
-TCN_IMPLEMENT_CALL(jstring, SSL, getVersion)(TCN_STDARGS, jlong ssl)
-{
- UNREFERENCED(o);
- UNREFERENCED(ssl);
- tcn_ThrowException(e, "Not implemented");
- return NULL;
-}
-
-TCN_IMPLEMENT_CALL(jlong, SSL, getTime)(TCN_STDARGS, jlong ssl)
-{
- UNREFERENCED(o);
- UNREFERENCED(ssl);
- tcn_ThrowException(e, "Not implemented");
- return 0;
-}
-
-TCN_IMPLEMENT_CALL(void, SSL, setVerify)(TCN_STDARGS, jlong ssl,
- jint level, jint depth)
-{
- UNREFERENCED(o);
- UNREFERENCED(ssl);
- tcn_ThrowException(e, "Not implemented");
-}
-
-TCN_IMPLEMENT_CALL(void, SSL, setOptions)(TCN_STDARGS, jlong ssl,
- jint opt)
-{
- UNREFERENCED_STDARGS;
- UNREFERENCED(ssl);
- UNREFERENCED(opt);
- tcn_ThrowException(e, "Not implemented");
-}
-
-TCN_IMPLEMENT_CALL(jint, SSL, getOptions)(TCN_STDARGS, jlong ssl)
-{
- UNREFERENCED_STDARGS;
- UNREFERENCED(ssl);
- tcn_ThrowException(e, "Not implemented");
- return 0;
-}
-TCN_IMPLEMENT_CALL(jobjectArray, SSL, getCiphers)(TCN_STDARGS, jlong ssl)
-{
- UNREFERENCED_STDARGS;
- UNREFERENCED(ssl);
- tcn_ThrowException(e, "Not implemented");
- return 0;
-}
-TCN_IMPLEMENT_CALL(jboolean, SSL, setCipherSuites)(TCN_STDARGS, jlong ssl,
- jstring ciphers)
-{
- UNREFERENCED_STDARGS;
- UNREFERENCED(ssl);
- UNREFERENCED(ciphers);
- tcn_ThrowException(e, "Not implemented");
- return JNI_FALSE;
-}
-TCN_IMPLEMENT_CALL(jbyteArray, SSL, getSessionId)(TCN_STDARGS, jlong ssl)
-{
- UNREFERENCED(o);
- UNREFERENCED(ssl);
- tcn_ThrowException(e, "Not implemented");
- return 0;
-}
-TCN_IMPLEMENT_CALL(jint, SSL, getHandshakeCount)(TCN_STDARGS, jlong ssl)
-{
- UNREFERENCED(o);
- UNREFERENCED(ssl);
- tcn_ThrowException(e, "Not implemented");
- return 0;
-}
-/*** End Apple API Additions ***/
-#endif /* HAVE_OPENSSL */
diff --git a/native/src/sslconf.c b/native/src/sslconf.c
index e2ece6fe5..a3b8cfdfd 100644
--- a/native/src/sslconf.c
+++ b/native/src/sslconf.c
@@ -19,8 +19,6 @@
#include "tcn.h"
-#ifdef HAVE_OPENSSL
-
#include "ssl_private.h"
#ifdef HAVE_SSL_CONF_CMD
@@ -373,61 +371,3 @@ TCN_IMPLEMENT_CALL(jint, SSLConf, finish)(TCN_STDARGS,
jlong cctx)
#endif /* HAVE_SSL_CONF_CMD */
-
-#else /* HAVE_OPENSSL */
-/* OpenSSL is not supported.
- * Create empty stubs.
- */
-
-TCN_IMPLEMENT_CALL(jlong, SSLConf, make)(TCN_STDARGS, jlong pool,
- jint flags)
-{
- UNREFERENCED_STDARGS;
- UNREFERENCED(pool);
- UNREFERENCED(flags);
- return 0;
-}
-
-TCN_IMPLEMENT_CALL(void, SSLConf, free)(TCN_STDARGS, jlong cctx)
-{
- UNREFERENCED_STDARGS;
- UNREFERENCED(cctx);
-}
-
-TCN_IMPLEMENT_CALL(jint, SSLConf, check)(TCN_STDARGS, jlong cctx,
- jstring cmd, jstring value)
-{
- UNREFERENCED_STDARGS;
- UNREFERENCED(cctx);
- UNREFERENCED(cmd);
- UNREFERENCED(value);
- return APR_ENOTIMPL;
-}
-
-TCN_IMPLEMENT_CALL(void, SSLConf, assign)(TCN_STDARGS, jlong cctx,
- jlong ctx)
-{
- UNREFERENCED_STDARGS;
- UNREFERENCED(cctx);
- UNREFERENCED(ctx);
-}
-
-TCN_IMPLEMENT_CALL(jint, SSLConf, apply)(TCN_STDARGS, jlong cctx,
- jstring cmd, jstring value)
-{
- UNREFERENCED_STDARGS;
- UNREFERENCED(cctx);
- UNREFERENCED(cmd);
- UNREFERENCED(value);
- return APR_ENOTIMPL;
-}
-
-TCN_IMPLEMENT_CALL(jint, SSLConf, finish)(TCN_STDARGS, jlong cctx)
-{
- UNREFERENCED_STDARGS;
- UNREFERENCED(cctx);
- return APR_ENOTIMPL;
-}
-
-
-#endif /* HAVE_OPENSSL */
diff --git a/native/src/sslcontext.c b/native/src/sslcontext.c
index 483446dd6..d01c9d532 100644
--- a/native/src/sslcontext.c
+++ b/native/src/sslcontext.c
@@ -23,7 +23,6 @@
#include "apr_thread_mutex.h"
#include "apr_poll.h"
-#ifdef HAVE_OPENSSL
#include "ssl_private.h"
static jclass byteArrayClass;
@@ -2133,366 +2132,3 @@ TCN_IMPLEMENT_CALL(jboolean, SSLContext,
setSessionIdContext)(TCN_STDARGS, jlong
}
/* End of netty-tc-native add */
-#else
-/* OpenSSL is not supported.
- * Create empty stubs.
- */
-
-TCN_IMPLEMENT_CALL(jlong, SSLContext, make)(TCN_STDARGS, jlong pool,
- jint protocol, jint mode)
-{
- UNREFERENCED_STDARGS;
- UNREFERENCED(pool);
- UNREFERENCED(protocol);
- UNREFERENCED(mode);
- return 0;
-}
-
-TCN_IMPLEMENT_CALL(jint, SSLContext, free)(TCN_STDARGS, jlong ctx)
-{
- UNREFERENCED_STDARGS;
- UNREFERENCED(ctx);
- return APR_ENOTIMPL;
-}
-
-TCN_IMPLEMENT_CALL(void, SSLContext, setContextId)(TCN_STDARGS, jlong ctx,
- jstring id)
-{
- UNREFERENCED_STDARGS;
- UNREFERENCED(ctx);
- UNREFERENCED(id);
-}
-
-TCN_IMPLEMENT_CALL(void, SSLContext, setBIO)(TCN_STDARGS, jlong ctx,
- jlong bio, jint dir)
-{
- UNREFERENCED_STDARGS;
- UNREFERENCED(ctx);
- UNREFERENCED(bio);
- UNREFERENCED(dir);
-}
-
-TCN_IMPLEMENT_CALL(void, SSLContext, setOptions)(TCN_STDARGS, jlong ctx,
- jint opt)
-{
- UNREFERENCED_STDARGS;
- UNREFERENCED(ctx);
- UNREFERENCED(opt);
-}
-
-TCN_IMPLEMENT_CALL(jint, SSLContext, getOptions)(TCN_STDARGS, jlong ctx)
-{
- UNREFERENCED_STDARGS;
- UNREFERENCED(ctx);
- return 0;
-}
-
-TCN_IMPLEMENT_CALL(void, SSLContext, clearOptions)(TCN_STDARGS, jlong ctx,
- jint opt)
-{
- UNREFERENCED_STDARGS;
- UNREFERENCED(ctx);
- UNREFERENCED(opt);
-}
-
-TCN_IMPLEMENT_CALL(void, SSLContext, setQuietShutdown)(TCN_STDARGS, jlong ctx,
- jboolean mode)
-{
- UNREFERENCED_STDARGS;
- UNREFERENCED(ctx);
- UNREFERENCED(mode);
-}
-
-TCN_IMPLEMENT_CALL(jboolean, SSLContext, setCipherSuite)(TCN_STDARGS, jlong
ctx,
- jstring ciphers)
-{
- UNREFERENCED_STDARGS;
- UNREFERENCED(ctx);
- UNREFERENCED(ciphers);
- return JNI_FALSE;
-}
-
-TCN_IMPLEMENT_CALL(jboolean, SSLContext, setCARevocation)(TCN_STDARGS, jlong
ctx,
- jstring file,
- jstring path)
-{
- UNREFERENCED_STDARGS;
- UNREFERENCED(ctx);
- UNREFERENCED(file);
- UNREFERENCED(path);
- return JNI_FALSE;
-}
-
-TCN_IMPLEMENT_CALL(jboolean, SSLContext, setCertificateChainFile)(TCN_STDARGS,
jlong ctx,
- jstring file,
- jboolean
skipfirst)
-{
- UNREFERENCED_STDARGS;
- UNREFERENCED(ctx);
- UNREFERENCED(file);
- UNREFERENCED(skipfirst);
- return JNI_FALSE;
-}
-
-TCN_IMPLEMENT_CALL(jboolean, SSLContext, setCACertificate)(TCN_STDARGS,
- jlong ctx,
- jstring file,
- jstring path)
-{
- UNREFERENCED_STDARGS;
- UNREFERENCED(ctx);
- UNREFERENCED(file);
- UNREFERENCED(path);
- return JNI_FALSE;
-}
-
-TCN_IMPLEMENT_CALL(void, SSLContext, setShutdownType)(TCN_STDARGS, jlong ctx,
- jint type)
-{
- UNREFERENCED_STDARGS;
- UNREFERENCED(ctx);
- UNREFERENCED(type);
-}
-
-TCN_IMPLEMENT_CALL(void, SSLContext, setVerify)(TCN_STDARGS, jlong ctx,
- jint level, jint depth)
-{
- UNREFERENCED_STDARGS;
- UNREFERENCED(ctx);
- UNREFERENCED(level);
- UNREFERENCED(depth);
-}
-
-TCN_IMPLEMENT_CALL(void, SSLContext, setRandom)(TCN_STDARGS, jlong ctx,
- jstring file)
-{
- UNREFERENCED_STDARGS;
- UNREFERENCED(ctx);
- UNREFERENCED(file);
-}
-
-TCN_IMPLEMENT_CALL(jboolean, SSLContext, setCertificate)(TCN_STDARGS, jlong
ctx,
- jstring cert, jstring
key,
- jstring password,
jint idx)
-{
- UNREFERENCED_STDARGS;
- UNREFERENCED(ctx);
- UNREFERENCED(cert);
- UNREFERENCED(key);
- UNREFERENCED(password);
- UNREFERENCED(idx);
- return JNI_FALSE;
-}
-
-TCN_IMPLEMENT_CALL(jboolean, SSLContext, setCertificateRaw)(TCN_STDARGS, jlong
ctx,
- jbyteArray javaCert,
jbyteArray javaKey,
- jint idx)
-{
- UNREFERENCED_STDARGS;
- UNREFERENCED(ctx);
- UNREFERENCED(javaCert);
- UNREFERENCED(javaKey);
- UNREFERENCED(idx);
- return JNI_FALSE;
-}
-
-TCN_IMPLEMENT_CALL(jboolean, SSLContext, addChainCertificateRaw)(TCN_STDARGS,
jlong ctx,
- jbyteArray
javaCert)
-{
- UNREFERENCED_STDARGS;
- UNREFERENCED(ctx);
- UNREFERENCED(javaCert);
- return JNI_FALSE;
-}
-
-TCN_IMPLEMENT_CALL(jboolean, SSLContext,
addClientCACertificateRaw)(TCN_STDARGS, jlong ctx,
- jbyteArray
javaCert)
-{
- UNREFERENCED_STDARGS;
- UNREFERENCED(ctx);
- UNREFERENCED(javaCert);
- return JNI_FALSE;
-}
-
-TCN_IMPLEMENT_CALL(jint, SSLContext, setALPN)(TCN_STDARGS, jlong ctx,
- jbyteArray buf, jint len)
-{
- UNREFERENCED_STDARGS;
- UNREFERENCED(ctx);
- UNREFERENCED(buf);
- UNREFERENCED(len);
- return APR_ENOTIMPL;
-}
-
-/* Start of netty-tc-native add */
-
-TCN_IMPLEMENT_CALL(void, SSLContext, setNpnProtos)(TCN_STDARGS, jlong ctx,
jobjectArray next_protos,
- jint selectorFailureBehavior)
-{
- UNREFERENCED_STDARGS;
- UNREFERENCED(ctx);
- UNREFERENCED(next_protos);
-}
-
-
-TCN_IMPLEMENT_CALL(void, SSLContext, setAlpnProtos)(TCN_STDARGS, jlong ctx,
jobjectArray alpn_protos,
- jint selectorFailureBehavior)
-{
- UNREFERENCED_STDARGS;
- UNREFERENCED(ctx);
- UNREFERENCED(alpn_protos);
-}
-
-TCN_IMPLEMENT_CALL(jlong, SSLContext, setSessionCacheMode)(TCN_STDARGS, jlong
ctx, jlong mode)
-{
- UNREFERENCED_STDARGS;
- UNREFERENCED(ctx);
- UNREFERENCED(mode);
- return -1;
-}
-
-TCN_IMPLEMENT_CALL(jlong, SSLContext, getSessionCacheMode)(TCN_STDARGS, jlong
ctx)
-{
- UNREFERENCED_STDARGS;
- UNREFERENCED(ctx);
- return -1;
-}
-
-
-TCN_IMPLEMENT_CALL(jlong, SSLContext, setSessionCacheTimeout)(TCN_STDARGS,
jlong ctx, jlong timeout)
-{
- UNREFERENCED_STDARGS;
- UNREFERENCED(ctx);
- UNREFERENCED(timeout);
- return -1;
-}
-
-TCN_IMPLEMENT_CALL(jlong, SSLContext, getSessionCacheTimeout)(TCN_STDARGS,
jlong ctx)
-{
- UNREFERENCED_STDARGS;
- UNREFERENCED(ctx);
- return -1;
-}
-
-TCN_IMPLEMENT_CALL(jlong, SSLContext, setSessionCacheSize)(TCN_STDARGS, jlong
ctx, jlong size)
-{
- UNREFERENCED_STDARGS;
- UNREFERENCED(ctx);
- UNREFERENCED(size);
- return -1;
-}
-
-TCN_IMPLEMENT_CALL(jlong, SSLContext, getSessionCacheSize)(TCN_STDARGS, jlong
ctx)
-{
- UNREFERENCED_STDARGS;
- UNREFERENCED(ctx);
- return -1;
-}
-
-TCN_IMPLEMENT_CALL(jlong, SSLContext, sessionNumber)(TCN_STDARGS, jlong ctx)
-{
- UNREFERENCED_STDARGS;
- UNREFERENCED(ctx);
- return 0;
-}
-
-TCN_IMPLEMENT_CALL(jlong, SSLContext, sessionConnect)(TCN_STDARGS, jlong ctx)
-{
- UNREFERENCED_STDARGS;
- UNREFERENCED(ctx);
- return 0;
-}
-
-TCN_IMPLEMENT_CALL(jlong, SSLContext, sessionConnectGood)(TCN_STDARGS, jlong
ctx)
-{
- UNREFERENCED_STDARGS;
- UNREFERENCED(ctx);
- return 0;
-}
-
-TCN_IMPLEMENT_CALL(jlong, SSLContext, sessionConnectRenegotiate)(TCN_STDARGS,
jlong ctx)
-{
- UNREFERENCED_STDARGS;
- UNREFERENCED(ctx);
- return 0;
-}
-
-TCN_IMPLEMENT_CALL(jlong, SSLContext, sessionAccept)(TCN_STDARGS, jlong ctx)
-{
- UNREFERENCED_STDARGS;
- UNREFERENCED(ctx);
- return 0;
-}
-
-TCN_IMPLEMENT_CALL(jlong, SSLContext, sessionAcceptGood)(TCN_STDARGS, jlong
ctx)
-{
- UNREFERENCED_STDARGS;
- UNREFERENCED(ctx);
- return 0;
-}
-
-TCN_IMPLEMENT_CALL(jlong, SSLContext, sessionAcceptRenegotiate)(TCN_STDARGS,
jlong ctx)
-{
- UNREFERENCED_STDARGS;
- UNREFERENCED(ctx);
- return 0;
-}
-
-TCN_IMPLEMENT_CALL(jlong, SSLContext, sessionHits)(TCN_STDARGS, jlong ctx)
-{
- UNREFERENCED_STDARGS;
- UNREFERENCED(ctx);
- return 0;
-}
-
-TCN_IMPLEMENT_CALL(jlong, SSLContext, sessionCbHits)(TCN_STDARGS, jlong ctx)
-{
- UNREFERENCED_STDARGS;
- UNREFERENCED(ctx);
- return 0;
-}
-
-TCN_IMPLEMENT_CALL(jlong, SSLContext, sessionTimeouts)(TCN_STDARGS, jlong ctx)
-{
- UNREFERENCED_STDARGS;
- UNREFERENCED(ctx);
- return 0;
-}
-
-TCN_IMPLEMENT_CALL(jlong, SSLContext, sessionCacheFull)(TCN_STDARGS, jlong ctx)
-{
- UNREFERENCED_STDARGS;
- UNREFERENCED(ctx);
- return 0;
-}
-
-TCN_IMPLEMENT_CALL(jlong, SSLContext, sessionMisses)(TCN_STDARGS, jlong ctx)
-{
- UNREFERENCED_STDARGS;
- UNREFERENCED(ctx);
- return 0;
-}
-
-TCN_IMPLEMENT_CALL(void, SSLContext, setSessionTicketKeys)(TCN_STDARGS, jlong
ctx, jbyteArray keys)
-{
- UNREFERENCED_STDARGS;
- UNREFERENCED(ctx);
- UNREFERENCED(keys);
-}
-
-TCN_IMPLEMENT_CALL(void, SSLContext, setCertVerifyCallback)(TCN_STDARGS, jlong
ctx, jobject verifier)
-{
- UNREFERENCED_STDARGS;
- UNREFERENCED(ctx);
- UNREFERENCED(verifier);
-}
-TCN_IMPLEMENT_CALL(jboolean, SSLContext, setSessionIdContext)(TCN_STDARGS,
jlong ctx, jbyteArray sidCtx)
-{
- UNREFERENCED_STDARGS;
- UNREFERENCED(ctx);
- UNREFERENCED(sidCtx);
- return JNI_FALSE;
-}
-/* End of netty-tc-native add */
-
-#endif
diff --git a/native/src/sslutils.c b/native/src/sslutils.c
index 46898be03..580595249 100644
--- a/native/src/sslutils.c
+++ b/native/src/sslutils.c
@@ -19,7 +19,6 @@
#include "tcn.h"
-#ifdef HAVE_OPENSSL
#include "apr_poll.h"
#include "ssl_private.h"
@@ -1126,4 +1125,3 @@ static int ssl_ocsp_request(X509 *cert, X509 *issuer,
X509_STORE_CTX *ctx)
}
#endif /* HAVE_OCSP_STAPLING */
-#endif /* HAVE_OPENSSL */
diff --git a/native/srclib/VERSIONS b/native/srclib/VERSIONS
index 32686396b..671153aa0 100644
--- a/native/srclib/VERSIONS
+++ b/native/srclib/VERSIONS
@@ -1,44 +1,11 @@
The current minimum versions are:
-- OpenSSL 1.0.2
-- APR 1.4.3
+- OpenSSL 3.0.0
+- APR 1.7.0
The following version of the libraries are recommended:
- APR 1.7.0 or later, http://apr.apache.org
-- OpenSSL 1.1.1o or later, http://www.openssl.org
+- OpenSSL 3.0.3 or later, http://www.openssl.org
Older versions should also work but are not as thoroughly tested by the Tomcat
Native team
-
-
-It is current anticipated that Tomcat Native releases will transition to 1.3.x
-after April 2021 when the minimum version will become OpenSSL 1.1.0 and
-APR 1.5.2.
-
-
-The minimum version of OpenSSL is driven by the version of OpenSSL used by
-downstream distributions.
-
-The current state of OpenSSL in Debian is:
-- OpenSSL 1.1.0l in Debian 9 (EOL end June 2022)
-- OpenSSL 1.1.1n in Debian 10 (EOL end June 2024)
-- OpenSSL 1.1.1n in Debian 11 (EOL end June 2026)
-
-And in Ubuntu:
-- OpenSSL 1.0.2g in Ubuntu 16.04 LTS (EOL in April 2021)
-- OpenSSL 1.1.1 in Ubuntu 18.04 LTS (EOL in April 2028)
-- OpenSSL 1.1.1f in Ubuntu 20.04 LTS (EOL in April 2030)
-- OpenSSL 3.0.2 in Ubuntu 22.04 LTS (EOL in April 2032)
-
-The minimum version of APR is driven by the version of APR used by
-downstream distributions.
-
-The current state of APR in Debian is:
-- APR 1.5.2 in Debian 9 (EOL in June 2022)
-- APR 1.6.5 in Debian 10
-
-And in Ubuntu:
-- APR 1.5.2 in Ubuntu 16.04 LTS (EOL in April 2021)
-- APR 1.6.3 in Ubuntu 18.04 LTS (EOL in April 2028)
-- APR 1.6.5 in Ubuntu 20.04 LTS (EOL in April 2030)
-- APR 1.7.0 in Ubuntu 22.04 LTS (EOL in April 2032)
diff --git a/native/tcnative.dsp b/native/tcnative.dsp
index 8a119678b..64755c341 100644
--- a/native/tcnative.dsp
+++ b/native/tcnative.dsp
@@ -43,7 +43,7 @@ RSC=rc.exe
# PROP Ignore_Export_Lib 0
# PROP Target_Dir ""
# ADD BASE CPP /nologo /MD /W3 /Zi /O2 /Oy- /D "WIN32" /D "NDEBUG" /D
"_WINDOWS" /FD /c
-# ADD CPP /nologo /MD /W3 /Zi /O2 /Oy- /I "./include" /I
"./srclib/apr/include" /I "./srclib/apr/include/arch/win32" /I
"$(JAVA_HOME)/include" /I "$(JAVA_HOME)/include/win32" /I
"./srclib/openssl/inc32" /D "NDEBUG" /D "WIN32" /D "_WINDOWS" /D
"APR_DECLARE_STATIC" /D "NO_IDEA" /D "NO_RC5" /D "NO_MDC2" /D "OPENSSL_NO_IDEA"
/D "OPENSSL_NO_RC5" /D "OPENSSL_NO_MDC2" /D "HAVE_OPENSSL" /D
HAVE_SSL_SET_STATE=1 /Fd"LibR\tcnative_src" /FD /c
+# ADD CPP /nologo /MD /W3 /Zi /O2 /Oy- /I "./include" /I
"./srclib/apr/include" /I "./srclib/apr/include/arch/win32" /I
"$(JAVA_HOME)/include" /I "$(JAVA_HOME)/include/win32" /I
"./srclib/openssl/inc32" /D "NDEBUG" /D "WIN32" /D "_WINDOWS" /D
"APR_DECLARE_STATIC" /D "NO_IDEA" /D "NO_RC5" /D "NO_MDC2" /D "OPENSSL_NO_IDEA"
/D "OPENSSL_NO_RC5" /D "OPENSSL_NO_MDC2" /D HAVE_SSL_SET_STATE=1
/Fd"LibR\tcnative_src" /FD /c
# ADD BASE MTL /nologo /D "NDEBUG" /mktyplib203 /o /win32 "NUL"
# ADD MTL /nologo /D "NDEBUG" /mktyplib203 /o /win32 "NUL"
# ADD BASE RSC /l 0x409 /d "NDEBUG"
@@ -69,7 +69,7 @@ LINK32=link.exe
# PROP Ignore_Export_Lib 0
# PROP Target_Dir ""
# ADD BASE CPP /nologo /MDd /W3 /GX /Zi /Od /D "WIN32" /D "_DEBUG" /D
"_WINDOWS" /FD /c
-# ADD CPP /nologo /MDd /W4 /GX /Zi /Od /I "./include" /I
"./srclib/apr/include" /I "./srclib/apr/include/arch/win32" /I
"$(JAVA_HOME)/include" /I "$(JAVA_HOME)/include/win32" /I
"./srclib/openssl/inc32" /D "_DEBUG" /D "WIN32" /D "_WINDOWS" /D
"APR_DECLARE_STATIC" /D "NO_IDEA" /D "NO_RC5" /D "NO_MDC2" /D "OPENSSL_NO_IDEA"
/D "OPENSSL_NO_RC5" /D "OPENSSL_NO_MDC2" /D "HAVE_OPENSSL" /D
HAVE_SSL_SET_STATE=1 /Fd"LibD\tcnative_src" /FD /c
+# ADD CPP /nologo /MDd /W4 /GX /Zi /Od /I "./include" /I
"./srclib/apr/include" /I "./srclib/apr/include/arch/win32" /I
"$(JAVA_HOME)/include" /I "$(JAVA_HOME)/include/win32" /I
"./srclib/openssl/inc32" /D "_DEBUG" /D "WIN32" /D "_WINDOWS" /D
"APR_DECLARE_STATIC" /D "NO_IDEA" /D "NO_RC5" /D "NO_MDC2" /D "OPENSSL_NO_IDEA"
/D "OPENSSL_NO_RC5" /D "OPENSSL_NO_MDC2" /D HAVE_SSL_SET_STATE=1
/Fd"LibD\tcnative_src" /FD /c
# ADD BASE MTL /nologo /D "_DEBUG" /mktyplib203 /o /win32 "NUL"
# ADD MTL /nologo /D "_DEBUG" /mktyplib203 /o /win32 "NUL"
# ADD BASE RSC /l 0x409 /d "_DEBUG"
diff --git a/xdocs/miscellaneous/changelog.xml
b/xdocs/miscellaneous/changelog.xml
index 79305961b..b75237453 100644
--- a/xdocs/miscellaneous/changelog.xml
+++ b/xdocs/miscellaneous/changelog.xml
@@ -37,6 +37,10 @@
</section>
<section name="Changes in 2.0.0">
<changelog>
+ <update>
+ Update the minimum required version of OpenSSL to 3.0.0 and make it a
+ madatory dependency. (markt)
+ </update>
</changelog>
</section>
<section name="Changes in 1.2.x">
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
