projects / feed / packages.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
haproxy: Update HAProxy to v1.8.26
[feed/packages.git] / net / haproxy / patches / 000-deprecated-openssl.patch
1 --- a/src/ssl_sock.c
2 +++ b/src/ssl_sock.c
3 @@ -39,6 +39,7 @@
4 #include <netdb.h>
5 #include <netinet/tcp.h>
6
7 +#include <openssl/bn.h>
8 #include <openssl/crypto.h>
9 #include <openssl/ssl.h>
10 #include <openssl/x509.h>
11 @@ -60,6 +61,17 @@
12 #include <openssl/async.h>
13 #endif
14
15 +#ifndef OPENSSL_VERSION
16 +#define OPENSSL_VERSION SSLEAY_VERSION
17 +#define OpenSSL_version(x) SSLeay_version(x)
18 +#define OpenSSL_version_num SSLeay
19 +#endif
20 +
21 +#if OPENSSL_VERSION_NUMBER < 0x10100000L
22 +#define X509_getm_notBefore X509_get_notBefore
23 +#define X509_getm_notAfter X509_get_notAfter
24 +#endif
25 +
26 #include <import/lru.h>
27 #include <import/xxhash.h>
28
29 @@ -217,7 +229,7 @@ static struct {
30 .capture_cipherlist = 0,
31 };
32
33 -#ifdef USE_THREAD
34 +#if defined(USE_THREAD) && (OPENSSL_VERSION_NUMBER < 0x10100000L)
35
36 static HA_RWLOCK_T *ssl_rwlocks;
37
38 @@ -1716,8 +1728,8 @@ ssl_sock_do_create_cert(const char *servername, struct bind_conf *bind_conf, SSL
39 ASN1_INTEGER_set(X509_get_serialNumber(newcrt), HA_ATOMIC_ADD(&ssl_ctx_serial, 1));
40
41 /* Set duration for the certificate */
42 - if (!X509_gmtime_adj(X509_get_notBefore(newcrt), (long)-60*60*24) ||
43 - !X509_gmtime_adj(X509_get_notAfter(newcrt),(long)60*60*24*365))
44 + if (!X509_gmtime_adj(X509_getm_notBefore(newcrt), (long)-60*60*24) ||
45 + !X509_gmtime_adj(X509_getm_notAfter(newcrt),(long)60*60*24*365))
46 goto mkcert_error;
47
48 /* set public key in the certificate */
49 @@ -6387,7 +6399,7 @@ smp_fetch_ssl_x_notafter(const struct arg *args, struct sample *smp, const char
50 goto out;
51
52 smp_trash = get_trash_chunk();
53 - if (ssl_sock_get_time(X509_get_notAfter(crt), smp_trash) <= 0)
54 + if (ssl_sock_get_time(X509_getm_notAfter(crt), smp_trash) <= 0)
55 goto out;
56
57 smp->data.u.str = *smp_trash;
58 @@ -6487,7 +6499,7 @@ smp_fetch_ssl_x_notbefore(const struct a
59 goto out;
60
61 smp_trash = get_trash_chunk();
62 - if (ssl_sock_get_time(X509_get_notBefore(crt), smp_trash) <= 0)
63 + if (ssl_sock_get_time(X509_getm_notBefore(crt), smp_trash) <= 0)
64 goto out;
65
66 smp->data.u.str = *smp_trash;
67 @@ -9068,7 +9080,9 @@ static void __ssl_sock_init(void)
68 #endif
69
70 xprt_register(XPRT_SSL, &ssl_sock);
71 +#if OPENSSL_VERSION_NUMBER < 0x10100000L
72 SSL_library_init();
73 +#endif
74 #if (!defined(OPENSSL_NO_COMP) && !defined(SSL_OP_NO_COMPRESSION))
75 cm = SSL_COMP_get_compression_methods();
76 i = sk_SSL_COMP_num(cm);
77 @@ -9077,7 +9091,7 @@ static void __ssl_sock_init(void)
78 }
79 #endif
80
81 -#ifdef USE_THREAD
82 +#if defined(USE_THREAD) && (OPENSSL_VERSION_NUMBER < 0x10100000L)
83 ssl_locking_init();
84 #endif
85 #if (OPENSSL_VERSION_NUMBER >= 0x1000200fL && !defined OPENSSL_NO_TLSEXT && !defined OPENSSL_IS_BORINGSSL && !defined LIBRESSL_VERSION_NUMBER)
86 @@ -9106,8 +9120,8 @@ static void __ssl_sock_init(void)
87 #else /* OPENSSL_IS_BORINGSSL */
88 OPENSSL_VERSION_TEXT
89 "\nRunning on OpenSSL version : %s%s",
90 - SSLeay_version(SSLEAY_VERSION),
91 - ((OPENSSL_VERSION_NUMBER ^ SSLeay()) >> 8) ? " (VERSIONS DIFFER!)" : "");
92 + OpenSSL_version(OPENSSL_VERSION),
93 + ((OPENSSL_VERSION_NUMBER ^ OpenSSL_version_num()) >> 8) ? " (VERSIONS DIFFER!)" : "");
94 #endif
95 memprintf(&ptr, "%s\nOpenSSL library supports TLS extensions : "
96 #if OPENSSL_VERSION_NUMBER < 0x00907000L
97 @@ -9198,12 +9212,14 @@ static void __ssl_sock_deinit(void)
98 }
99 #endif
100
101 +#if OPENSSL_VERSION_NUMBER < 0x10100000L
102 ERR_remove_state(0);
103 ERR_free_strings();
104
105 EVP_cleanup();
106 +#endif
107
108 -#if OPENSSL_VERSION_NUMBER >= 0x00907000L
109 +#if OPENSSL_VERSION_NUMBER >= 0x00907000L && OPENSSL_VERSION_NUMBER < 0x10100000L
110 CRYPTO_cleanup_all_ex_data();
111 #endif
112 }
Mirror of packages feed