summaryrefslogtreecommitdiff
path: root/include/ssl_compat.h
diff options
context:
space:
mode:
authorSergei Golubchik <serg@mariadb.org>2017-09-11 12:29:37 +0200
committerSergei Golubchik <serg@mariadb.org>2017-09-18 10:12:23 +0200
commitbba169b984fdee72e7e727696ff0f921acae07e0 (patch)
tree451e42894d79a879472afd55f0d85dbd9eaf6b95 /include/ssl_compat.h
parent031a0404e7b946179d0e8d155717b46d4547ab95 (diff)
downloadmariadb-git-bba169b984fdee72e7e727696ff0f921acae07e0.tar.gz
MDEV-12763 10.2 uses deprecated openssl 1.0 apis even with 1.1
Use OpenSSL 1.1 when applicable. Create compatibility macros for OpenSSL 1.0- and YaSSL.
Diffstat (limited to 'include/ssl_compat.h')
-rw-r--r--include/ssl_compat.h23
1 files changed, 22 insertions, 1 deletions
diff --git a/include/ssl_compat.h b/include/ssl_compat.h
index b0e3ed497cd..568af6e1db4 100644
--- a/include/ssl_compat.h
+++ b/include/ssl_compat.h
@@ -25,8 +25,8 @@
#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
#define HAVE_OPENSSL11 1
+#define SSL_LIBRARY OpenSSL_version(OPENSSL_VERSION)
#define ERR_remove_state(X) ERR_clear_error()
-#define EVP_MD_CTX_cleanup(X) EVP_MD_CTX_reset(X)
#define EVP_CIPHER_CTX_SIZE 168
#define EVP_MD_CTX_SIZE 48
#undef EVP_MD_CTX_init
@@ -34,8 +34,23 @@
#undef EVP_CIPHER_CTX_init
#define EVP_CIPHER_CTX_init(X) do { bzero((X), EVP_CIPHER_CTX_SIZE); EVP_CIPHER_CTX_reset(X); } while(0)
+/*
+ Macros below are deprecated. OpenSSL 1.1 may define them or not,
+ depending on how it was built.
+*/
+#undef ERR_free_strings
+#define ERR_free_strings()
+#undef EVP_cleanup
+#define EVP_cleanup()
+#undef CRYPTO_cleanup_all_ex_data
+#define CRYPTO_cleanup_all_ex_data()
+#undef SSL_load_error_strings
+#define SSL_load_error_strings()
+
#else
#define HAVE_OPENSSL10 1
+#define SSL_LIBRARY SSLeay_version(SSLEAY_VERSION)
+
/*
Unfortunately RAND_bytes manual page does not provide any guarantees
in relation to blocking behavior. Here we explicitly use SSLeay random
@@ -51,6 +66,7 @@
#endif /* HAVE_OPENSSL11 */
#elif defined(HAVE_YASSL)
+#define SSL_LIBRARY "YaSSL " YASSL_VERSION
#define BN_free(X) do { } while(0)
#endif /* !defined(HAVE_YASSL) */
@@ -62,6 +78,11 @@
#define EVP_CIPHER_CTX_encrypting(ctx) ((ctx)->encrypt)
#define EVP_CIPHER_CTX_SIZE sizeof(EVP_CIPHER_CTX)
#define EVP_MD_CTX_SIZE sizeof(EVP_MD_CTX)
+
+#define EVP_MD_CTX_reset(X) EVP_MD_CTX_cleanup(X)
+#define EVP_CIPHER_CTX_reset(X) EVP_CIPHER_CTX_cleanup(X)
+#define X509_get0_notBefore(X) X509_get_notBefore(X)
+#define X509_get0_notAfter(X) X509_get_notAfter(X)
#endif
#ifdef __cplusplus
View Lorry Controller Status