diff options
author | Joe Orton <jorton@redhat.com> | 2020-02-24 16:24:54 +0000 |
---|---|---|
committer | Joe Orton <jorton@redhat.com> | 2020-02-24 16:24:54 +0000 |
commit | 281c84fc3996c757efdf6e9b3f906d7a1fc08b1d (patch) | |
tree | 106f626532d42f5cbdac4fe1ef7001da85a7405f | |
parent | dba92bc0513c9110b9efbe9e588ef461475710c3 (diff) | |
download | neon-git-281c84fc3996c757efdf6e9b3f906d7a1fc08b1d.tar.gz |
Advertise TS_SSL feature with OpenSSL >= 1.1.0.
* macros/neon.m4 (NEON_SSL): Enable TS_SSL feature with OpenSSL 1.1.0+.
* src/ne_openssl.c: Only provide thread-safety hooks with OpenSSL <1.1.0.
-rw-r--r-- | macros/neon.m4 | 14 | ||||
-rw-r--r-- | src/ne_openssl.c | 4 |
2 files changed, 12 insertions, 6 deletions
diff --git a/macros/neon.m4 b/macros/neon.m4 index d092768..f713a60 100644 --- a/macros/neon.m4 +++ b/macros/neon.m4 @@ -915,9 +915,12 @@ yes|openssl) AC_CHECK_HEADERS(openssl/ssl.h openssl/opensslv.h,, [AC_MSG_ERROR([OpenSSL headers not found, cannot enable SSL support])]) - # Enable EGD support if using 0.9.7 or newer NE_CHECK_OPENSSLVER(ne_cv_lib_ssl097, 0.9.7, 0x00907000L) - if test "$ne_cv_lib_ssl097" = "yes"; then + NE_CHECK_OPENSSLVER(ne_cv_lib_ssl110, 1.1.0, 0x10100000L) + if test "$ne_cv_lib_ssl110" = "yes"; then + NE_ENABLE_SUPPORT(SSL, [SSL support enabled, using OpenSSL $NE_SSL_VERSION]) + elif test "$ne_cv_lib_ssl097" = "yes"; then + # Enable EGD support if using 0.9.7 or newer AC_MSG_NOTICE([OpenSSL >= 0.9.7; EGD support not needed in neon]) NE_ENABLE_SUPPORT(SSL, [SSL support enabled, using OpenSSL $NE_SSL_VERSION]) NE_CHECK_FUNCS(CRYPTO_set_idptr_callback SSL_SESSION_cmp) @@ -1025,8 +1028,11 @@ CC/CFLAGS/LIBS must be used to make the POSIX library interfaces available]),, enable_threadsafe_ssl=no) -case $enable_threadsafe_ssl in -posix|yes) +case ${enable_threadsafe_ssl}X${ne_cv_lib_ssl110} in +*Xyes) + NE_ENABLE_SUPPORT(TS_SSL, [OpenSSL is natively thread-safe]) + ;; +posixX*|yesX*) ne_pthr_ok=yes AC_CHECK_FUNCS([pthread_mutex_init pthread_mutex_lock],,[ne_pthr_ok=no]) if test "${ne_pthr_ok}" = "no"; then diff --git a/src/ne_openssl.c b/src/ne_openssl.c index 462e0ee..48f657d 100644 --- a/src/ne_openssl.c +++ b/src/ne_openssl.c @@ -1137,8 +1137,8 @@ int ne_ssl_cert_digest(const ne_ssl_certificate *cert, char *digest) return 0; } -#if defined(NE_HAVE_TS_SSL) && OPENSSL_VERSION_NUMBER < 0x10101000L -/* For OpenSSL 1.1.1 locking callbacks are no longer need at all. */ +#if defined(NE_HAVE_TS_SSL) && OPENSSL_VERSION_NUMBER < 0x10100000L +/* From OpenSSL 1.1.0 locking callbacks are no longer neede. */ #define WITH_OPENSSL_LOCKING (1) /* Implementation of locking callbacks to make OpenSSL thread-safe. |