8db7c48361
Copy from devel:libraries:c_c++/neon based on submit request 38163 from user oertel OBS-URL: https://build.opensuse.org/request/show/38163 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/neon?expand=0&rev=24
84 lines
2.6 KiB
Diff
84 lines
2.6 KiB
Diff
Author: joe
|
|
Date: Sat Sep 12 13:03:49 2009
|
|
New Revision: 1724
|
|
|
|
Modified:
|
|
neon/trunk/macros/neon.m4
|
|
neon/trunk/src/ne_openssl.c
|
|
neon/trunk/src/ne_socket.c
|
|
|
|
Log:
|
|
* macros/neon.m4 (LIBNEON_SOURCE_CHECKS): Require inet_pton for
|
|
getaddrinfo support.
|
|
|
|
* src/ne_socket.c (ne_sock_accept_ssl): Add debug log output if
|
|
session is resumed.
|
|
|
|
* macros/neon.m4 (NEON_SSL): Check for SSL_SESSION_cmp.
|
|
|
|
|
|
Modified: neon/trunk/macros/neon.m4
|
|
==============================================================================
|
|
--- neon/trunk/macros/neon.m4 (original)
|
|
+++ neon/trunk/macros/neon.m4 Sat Sep 12 13:03:49 2009
|
|
@@ -923,7 +923,7 @@
|
|
if test "$ne_cv_lib_ssl097" = "yes"; then
|
|
AC_MSG_NOTICE([OpenSSL >= 0.9.7; EGD support not needed in neon])
|
|
NE_ENABLE_SUPPORT(SSL, [SSL support enabled, using OpenSSL (0.9.7 or later)])
|
|
- NE_CHECK_FUNCS(CRYPTO_set_idptr_callback)
|
|
+ NE_CHECK_FUNCS(CRYPTO_set_idptr_callback SSL_SESSION_cmp)
|
|
else
|
|
# Fail if OpenSSL is older than 0.9.6
|
|
NE_CHECK_OPENSSLVER(ne_cv_lib_ssl096, 0.9.6, 0x00906000L)
|
|
|
|
Modified: neon/trunk/src/ne_openssl.c
|
|
==============================================================================
|
|
--- neon/trunk/src/ne_openssl.c (original)
|
|
+++ neon/trunk/src/ne_openssl.c Sat Sep 12 13:03:49 2009
|
|
@@ -34,6 +34,7 @@
|
|
#include <openssl/pkcs12.h>
|
|
#include <openssl/x509v3.h>
|
|
#include <openssl/rand.h>
|
|
+#include <openssl/opensslv.h>
|
|
|
|
#ifdef NE_HAVE_TS_SSL
|
|
#include <stdlib.h> /* for abort() */
|
|
@@ -632,6 +633,19 @@
|
|
ne_free(ctx);
|
|
}
|
|
|
|
+#if !defined(HAVE_SSL_SESSION_CMP) && !defined(SSL_SESSION_cmp) \
|
|
+ && defined(OPENSSL_VERSION_NUMBER) \
|
|
+ && OPENSSL_VERSION_NUMBER > 0x10000000L
|
|
+/* OpenSSL 1.0 removed SSL_SESSION_cmp for no apparent reason - hoping
|
|
+ * it is reasonable to assume that comparing the session IDs is
|
|
+ * sufficient. */
|
|
+static int SSL_SESSION_cmp(SSL_SESSION *a, SSL_SESSION *b)
|
|
+{
|
|
+ return a->session_id_length == b->session_id_length
|
|
+ && memcmp(a->session_id, b->session_id, a->session_id_length) == 0;
|
|
+}
|
|
+#endif
|
|
+
|
|
/* For internal use only. */
|
|
int ne__negotiate_ssl(ne_session *sess)
|
|
{
|
|
|
|
Modified: neon/trunk/src/ne_socket.c
|
|
==============================================================================
|
|
--- neon/trunk/src/ne_socket.c (original)
|
|
+++ neon/trunk/src/ne_socket.c Sat Sep 12 13:03:49 2009
|
|
@@ -1639,6 +1639,10 @@
|
|
if (ret != 1) {
|
|
return error_ossl(sock, ret);
|
|
}
|
|
+
|
|
+ if (SSL_session_reused(ssl)) {
|
|
+ NE_DEBUG(NE_DBG_SSL, "ssl: Server reused session.\n");
|
|
+ }
|
|
#elif defined(HAVE_GNUTLS)
|
|
gnutls_init(&ssl, GNUTLS_SERVER);
|
|
gnutls_credentials_set(ssl, GNUTLS_CRD_CERTIFICATE, ctx->cred);
|
|
|
|
|