mirror of
https://gitlab.alpinelinux.org/alpine/aports.git
synced 2025-07-21 10:15:12 +03:00
90 lines
2.7 KiB
Diff
90 lines
2.7 KiB
Diff
OPENSSL deprecated several cleanup functions since
|
|
[quote]
|
|
... the OpenSSL libraries now normally do all thread initialisation and
|
|
deinitialisation automatically (see OPENSSL_init_crypto).
|
|
[end of quote]
|
|
|
|
To hint the appropriate API version exposed by openssl, the opensslconf.h
|
|
suggests:
|
|
[quote]
|
|
/*
|
|
* Applications should use -DOPENSSL_API_COMPAT=<version> to suppress the
|
|
* declarations of functions deprecated in or before <version>. Otherwise, they
|
|
* still won't see them if the library has been built to disable deprecated
|
|
* functions.
|
|
*/
|
|
[end of quote]
|
|
|
|
Due to -Werror the deprecation warnings lead to compilation errors so
|
|
let's just specify that we want OpenSSL API version >= 1.1.x in the
|
|
Makefile (and retain the old, pre OpenSSL-1.0, code for now).
|
|
|
|
All tests in Crypt-OpenSSL-VerifyX509-0.10 pass for me.
|
|
|
|
--- Crypt-OpenSSL-VerifyX509-0.10.orig/Makefile.PL 2017-05-10 20:08:03.338777954 +0200
|
|
+++ Crypt-OpenSSL-VerifyX509-0.10/Makefile.PL 2017-05-10 19:30:13.250719288 +0200
|
|
@@ -54,7 +54,7 @@ if (-d "/usr/include/openssl") {
|
|
}
|
|
|
|
cc_lib_links('crypto');
|
|
-cc_optimize_flags('-O3 -Wall -Werror');
|
|
+cc_optimize_flags('-O3 -Wall -Werror -DOPENSSL_API_COMPAT=0x10100000L');
|
|
|
|
requires 'Crypt::OpenSSL::X509';
|
|
|
|
--- Crypt-OpenSSL-VerifyX509-0.10.orig/VerifyX509.xs 2017-05-10 15:45:17.838331883 +0200
|
|
+++ Crypt-OpenSSL-VerifyX509-0.10/VerifyX509.xs 2017-05-10 20:06:03.094774846 +0200
|
|
@@ -17,7 +17,7 @@ typedef X509* Crypt__OpenSSL__X509;
|
|
|
|
static int verify_cb(int ok, X509_STORE_CTX *ctx) {
|
|
if (!ok)
|
|
- switch (ctx->error) {
|
|
+ switch (X509_STORE_CTX_get_error (ctx)) {
|
|
case X509_V_ERR_CERT_HAS_EXPIRED:
|
|
/* case X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT: */
|
|
case X509_V_ERR_INVALID_CA:
|
|
@@ -37,13 +37,20 @@ static const char *ssl_error(void) {
|
|
}
|
|
|
|
static const char *ctx_error(X509_STORE_CTX *ctx) {
|
|
- return X509_verify_cert_error_string(ctx->error);
|
|
+ return X509_verify_cert_error_string(X509_STORE_CTX_get_error (ctx));
|
|
}
|
|
|
|
MODULE = Crypt::OpenSSL::VerifyX509 PACKAGE = Crypt::OpenSSL::VerifyX509
|
|
|
|
PROTOTYPES: DISABLE
|
|
|
|
+#if OPENSSL_API_COMPAT >= 0x10100000L
|
|
+#undef ERR_load_crypto_strings
|
|
+#define ERR_load_crypto_strings() /* nothing */
|
|
+#undef OpenSSL_add_all_algorithms
|
|
+# define OpenSSL_add_all_algorithms() /* nothing */
|
|
+#endif
|
|
+
|
|
BOOT:
|
|
ERR_load_crypto_strings();
|
|
ERR_load_ERR_strings();
|
|
@@ -134,6 +141,15 @@ DESTROY(store)
|
|
|
|
if (store) X509_STORE_free(store); store = 0;
|
|
|
|
+
|
|
+#if OPENSSL_API_COMPAT >= 0x10100000L
|
|
+void
|
|
+__X509_cleanup(void)
|
|
+ PPCODE:
|
|
+
|
|
+ /* deinitialisation is done automatically */
|
|
+
|
|
+#else
|
|
void
|
|
__X509_cleanup(void)
|
|
PPCODE:
|
|
@@ -142,3 +158,6 @@ __X509_cleanup(void)
|
|
ERR_free_strings();
|
|
ERR_remove_state(0);
|
|
EVP_cleanup();
|
|
+
|
|
+#endif
|
|
+
|