diff options
| author | Kaspar Brand <kbrand@apache.org> | 2011-12-24 06:31:37 +0000 |
|---|---|---|
| committer | Kaspar Brand <kbrand@apache.org> | 2011-12-24 06:31:37 +0000 |
| commit | 99004652052da401e5c9730a3734de6c2de50f75 (patch) | |
| tree | aa048723f4de3ba7827beb26974bc220cb283b17 /modules/ssl/ssl_engine_vars.c | |
| parent | da4b2f451355b3d458246207d921738e527b9eab (diff) | |
| download | httpd-99004652052da401e5c9730a3734de6c2de50f75.tar.gz | |
Set OPENSSL_NO_SSL_INTERN when compiling against OpenSSL 1.0.1
or later, so that mod_ssl retains binary compatibility with future
versions when internal structures are changed. Use API functions
where available, and fall back to direct access for OpenSSL up
to 1.0.0, where needed.
Remove SSL_make_ciphersuite() from ssl_util_ssl.[ch], as it was
never used by any released version of mod_ssl.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1222917 13f79535-47bb-0310-9956-ffa450edef68
Diffstat (limited to 'modules/ssl/ssl_engine_vars.c')
| -rw-r--r-- | modules/ssl/ssl_engine_vars.c | 22 |
1 files changed, 17 insertions, 5 deletions
diff --git a/modules/ssl/ssl_engine_vars.c b/modules/ssl/ssl_engine_vars.c index 3815cd4323..febc176efa 100644 --- a/modules/ssl/ssl_engine_vars.c +++ b/modules/ssl/ssl_engine_vars.c @@ -335,10 +335,18 @@ static char *ssl_var_lookup_ssl(apr_pool_t *p, conn_rec *c, request_rec *r, char buf[SSL_SESSION_ID_STRING_LEN]; SSL_SESSION *pSession = SSL_get_session(ssl); if (pSession) { - result = apr_pstrdup(p, SSL_SESSION_id2sz( - pSession->session_id, - pSession->session_id_length, - buf, sizeof(buf))); + unsigned char *id; + unsigned int idlen; + +#ifdef OPENSSL_NO_SSL_INTERN + id = (unsigned char *)SSL_SESSION_get_id(pSession, &idlen); +#else + id = pSession->session_id; + idlen = pSession->session_id_length; +#endif + + result = apr_pstrdup(p, SSL_SESSION_id2sz(id, idlen, + buf, sizeof(buf))); } } else if(ssl != NULL && strcEQ(var, "SESSION_RESUMED")) { @@ -955,11 +963,15 @@ apr_array_header_t *ssl_ext_list(apr_pool_t *p, conn_rec *c, int peer, static char *ssl_var_lookup_ssl_compress_meth(SSL *ssl) { char *result = "NULL"; -#if (OPENSSL_VERSION_NUMBER >= 0x00908000) +#if (OPENSSL_VERSION_NUMBER >= 0x00908000) && !defined(OPENSSL_NO_COMP) SSL_SESSION *pSession = SSL_get_session(ssl); if (pSession) { +#ifdef OPENSSL_NO_SSL_INTERN + switch (SSL_SESSION_get_compress_id(pSession)) { +#else switch (pSession->compress_meth) { +#endif case 0: /* default "NULL" already set */ break; |