1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
|
Description: support openssl 3.0
Author: Tom Lee <debian@tomlee.co>
Bug-Debian: https://bugs.debian.org/1006299
Forwarded: https://github.com/capnproto/capnproto/pull/1434
Last-Update: 2022-03-06
--- a/src/kj/compat/tls.c++
+++ b/src/kj/compat/tls.c++
@@ -419,6 +419,9 @@
return reinterpret_cast<TlsConnection*>(BIO_get_data(b))->readBuffer.isAtEnd();
case BIO_CTRL_FLUSH:
return 1;
+ case BIO_CTRL_INFO:
+ // Queries for info
+ return 0;
case BIO_CTRL_PUSH:
case BIO_CTRL_POP:
// Informational?
--- a/src/kj/compat/tls-test.c++
+++ b/src/kj/compat/tls-test.c++
@@ -753,6 +753,13 @@
}).wait(test.io.waitScope);
}
+// OpenSSL 3.0 changed error messages
+#if OPENSSL_VERSION_NUMBER >= 0x30000000L && !defined(OPENSSL_IS_BORINGSSL)
+#define SSL_MESSAGE(v11, v30) v30
+#else
+#define SSL_MESSAGE(v11, v30) v11
+#endif
+
KJ_TEST("TLS certificate validation") {
// Where we've given two possible error texts below, it's because OpenSSL v1 produces the former
// text while v3 produces the latter. Note that as of this writing, our Windows CI build claims
@@ -922,6 +929,8 @@
}
}
+#undef SSL_MESSAGE
+
class MockConnectionReceiver final: public ConnectionReceiver {
// This connection receiver allows mocked async connection establishment without the network.
|
