Package: lua-sec / 0.6-3

0009-Compatibility-with-OpenSSL-1.1.0.patch Patch series | download
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
From: Bruno Silvestre <brunoos@inf.ufg.br>
Date: Wed, 14 Sep 2016 17:47:09 -0300
Subject: Compatibility with OpenSSL 1.1.0

Defining macros X509_up_ref() and SSL_is_server to use the same
API of OpenSSL 1.1.0.
---
 src/context.c |  4 ----
 src/ssl.c     | 15 +++++++++++----
 2 files changed, 11 insertions(+), 8 deletions(-)

diff --git a/src/context.c b/src/context.c
index 22f43b7..4187314 100644
--- a/src/context.c
+++ b/src/context.c
@@ -35,10 +35,6 @@ typedef const SSL_METHOD LSEC_SSL_METHOD;
 typedef       SSL_METHOD LSEC_SSL_METHOD;
 #endif
 
-#if OPENSSL_VERSION_NUMBER>=0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
-#define SSLv23_method() TLS_method()
-#endif
-
 /*-- Compat - Lua 5.1 --------------------------------------------------------*/
 
 #if (LUA_VERSION_NUM == 501)
diff --git a/src/ssl.c b/src/ssl.c
index 84c609d..d7b7243 100644
--- a/src/ssl.c
+++ b/src/ssl.c
@@ -31,6 +31,13 @@
 #include "context.h"
 #include "ssl.h"
 
+
+#if defined(LIBRESSL_VERSION_NUMBER) || OPENSSL_VERSION_NUMBER<0x10100000L
+#define SSL_is_server(s) (s->server)
+#define X509_up_ref(c)   CRYPTO_add(&c->references, 1, CRYPTO_LOCK_X509)
+#endif
+
+
 /**
  * Underline socket error.
  */
@@ -460,7 +467,7 @@ static int meth_getpeercertificate(lua_State *L)
   /* In a server-context, the stack doesn't contain the peer cert,
    * so adjust accordingly.
    */
-  if (ssl->ssl->server)
+  if (SSL_is_server(ssl->ssl))
     --n;
   certs = SSL_get_peer_cert_chain(ssl->ssl);
   if (n >= sk_X509_num(certs)) {
@@ -470,7 +477,7 @@ static int meth_getpeercertificate(lua_State *L)
   cert = sk_X509_value(certs, n);
   /* Increment the reference counting of the object. */
   /* See SSL_get_peer_certificate() source code.     */
-  CRYPTO_add(&cert->references, 1, CRYPTO_LOCK_X509);
+  X509_up_ref(cert);
   lsec_pushx509(L, cert);
   return 1;
 }
@@ -492,7 +499,7 @@ static int meth_getpeerchain(lua_State *L)
     return 2;
   }
   lua_newtable(L);
-  if (ssl->ssl->server) {
+  if (SSL_is_server(ssl->ssl)) {
     lsec_pushx509(L, SSL_get_peer_certificate(ssl->ssl));
     lua_rawseti(L, -2, idx++);
   }
@@ -502,7 +509,7 @@ static int meth_getpeerchain(lua_State *L)
     cert = sk_X509_value(certs, i);
     /* Increment the reference counting of the object. */
     /* See SSL_get_peer_certificate() source code.     */
-    CRYPTO_add(&cert->references, 1, CRYPTO_LOCK_X509);
+    X509_up_ref(cert);
     lsec_pushx509(L, cert);
     lua_rawseti(L, -2, idx++);
   }