neon/neon-openssl.patch
OBS User autobuild 8db7c48361 Accepting request 38163 from devel:libraries:c_c++
Copy from devel:libraries:c_c++/neon based on submit request 38163 from user oertel

OBS-URL: https://build.opensuse.org/request/show/38163
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/neon?expand=0&rev=24
2010-04-18 22:20:02 +00:00

84 lines
2.6 KiB
Diff

Author: joe
Date: Sat Sep 12 13:03:49 2009
New Revision: 1724
Modified:
neon/trunk/macros/neon.m4
neon/trunk/src/ne_openssl.c
neon/trunk/src/ne_socket.c
Log:
* macros/neon.m4 (LIBNEON_SOURCE_CHECKS): Require inet_pton for
getaddrinfo support.
* src/ne_socket.c (ne_sock_accept_ssl): Add debug log output if
session is resumed.
* macros/neon.m4 (NEON_SSL): Check for SSL_SESSION_cmp.
Modified: neon/trunk/macros/neon.m4
==============================================================================
--- neon/trunk/macros/neon.m4 (original)
+++ neon/trunk/macros/neon.m4 Sat Sep 12 13:03:49 2009
@@ -923,7 +923,7 @@
if test "$ne_cv_lib_ssl097" = "yes"; then
AC_MSG_NOTICE([OpenSSL >= 0.9.7; EGD support not needed in neon])
NE_ENABLE_SUPPORT(SSL, [SSL support enabled, using OpenSSL (0.9.7 or later)])
- NE_CHECK_FUNCS(CRYPTO_set_idptr_callback)
+ NE_CHECK_FUNCS(CRYPTO_set_idptr_callback SSL_SESSION_cmp)
else
# Fail if OpenSSL is older than 0.9.6
NE_CHECK_OPENSSLVER(ne_cv_lib_ssl096, 0.9.6, 0x00906000L)
Modified: neon/trunk/src/ne_openssl.c
==============================================================================
--- neon/trunk/src/ne_openssl.c (original)
+++ neon/trunk/src/ne_openssl.c Sat Sep 12 13:03:49 2009
@@ -34,6 +34,7 @@
#include <openssl/pkcs12.h>
#include <openssl/x509v3.h>
#include <openssl/rand.h>
+#include <openssl/opensslv.h>
#ifdef NE_HAVE_TS_SSL
#include <stdlib.h> /* for abort() */
@@ -632,6 +633,19 @@
ne_free(ctx);
}
+#if !defined(HAVE_SSL_SESSION_CMP) && !defined(SSL_SESSION_cmp) \
+ && defined(OPENSSL_VERSION_NUMBER) \
+ && OPENSSL_VERSION_NUMBER > 0x10000000L
+/* OpenSSL 1.0 removed SSL_SESSION_cmp for no apparent reason - hoping
+ * it is reasonable to assume that comparing the session IDs is
+ * sufficient. */
+static int SSL_SESSION_cmp(SSL_SESSION *a, SSL_SESSION *b)
+{
+ return a->session_id_length == b->session_id_length
+ && memcmp(a->session_id, b->session_id, a->session_id_length) == 0;
+}
+#endif
+
/* For internal use only. */
int ne__negotiate_ssl(ne_session *sess)
{
Modified: neon/trunk/src/ne_socket.c
==============================================================================
--- neon/trunk/src/ne_socket.c (original)
+++ neon/trunk/src/ne_socket.c Sat Sep 12 13:03:49 2009
@@ -1639,6 +1639,10 @@
if (ret != 1) {
return error_ossl(sock, ret);
}
+
+ if (SSL_session_reused(ssl)) {
+ NE_DEBUG(NE_DBG_SSL, "ssl: Server reused session.\n");
+ }
#elif defined(HAVE_GNUTLS)
gnutls_init(&ssl, GNUTLS_SERVER);
gnutls_credentials_set(ssl, GNUTLS_CRD_CERTIFICATE, ctx->cred);