commons-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From mt...@apache.org
Subject svn commit: r1169761 - in /commons/sandbox/runtime/trunk/src/main/native: include/acr/ssl.h modules/openssl/api.c
Date Mon, 12 Sep 2011 14:22:06 GMT
Author: mturk
Date: Mon Sep 12 14:22:05 2011
New Revision: 1169761

URL: http://svn.apache.org/viewvc?rev=1169761&view=rev
Log:
Add more SSL methods

Modified:
    commons/sandbox/runtime/trunk/src/main/native/include/acr/ssl.h
    commons/sandbox/runtime/trunk/src/main/native/modules/openssl/api.c

Modified: commons/sandbox/runtime/trunk/src/main/native/include/acr/ssl.h
URL: http://svn.apache.org/viewvc/commons/sandbox/runtime/trunk/src/main/native/include/acr/ssl.h?rev=1169761&r1=1169760&r2=1169761&view=diff
==============================================================================
--- commons/sandbox/runtime/trunk/src/main/native/include/acr/ssl.h (original)
+++ commons/sandbox/runtime/trunk/src/main/native/include/acr/ssl.h Mon Sep 12 14:22:05 2011
@@ -60,41 +60,74 @@
 #define RAND_MAX INT_MAX
 #endif
 
-#define SSL_ALGO_UNKNOWN (0)
-#define SSL_ALGO_RSA     (1<<0)
-#define SSL_ALGO_DSA     (1<<1)
+#if OPENSSL_VERSION_NUMBER >= 0x00908080 && !defined(OPENSSL_NO_OCSP) \
+    && !defined(OPENSSL_NO_TLSEXT)
+#define HAVE_OCSP_STAPLING
+#if (OPENSSL_VERSION_NUMBER < 0x10000000)
+#define sk_OPENSSL_STRING_pop sk_pop
+#endif
+#endif
+
+/* Default setting for per-dir reneg buffer. */
+#ifndef DEFAULT_RENEG_BUFFER_SIZE
+#define DEFAULT_RENEG_BUFFER_SIZE (128 * 1024)
+#endif
+
+/* Default for OCSP response validity */
+#ifndef DEFAULT_OCSP_MAX_SKEW
+#define DEFAULT_OCSP_MAX_SKEW (60 * 5)
+#endif
+
+/* Default timeout for OCSP queries */
+#ifndef DEFAULT_OCSP_TIMEOUT
+#define DEFAULT_OCSP_TIMEOUT 10
+#endif
+
+#define SSL_ALGO_UNKNOWN 0
+#define SSL_ALGO_RSA     1
+#define SSL_ALGO_DSA     2
+#ifndef OPENSSL_NO_EC
+#define SSL_ALGO_ECC     4
+#define SSL_ALGO_ALL     (SSL_ALGO_RSA|SSL_ALGO_DSA|SSL_ALGO_ECC)
+#else
 #define SSL_ALGO_ALL     (SSL_ALGO_RSA|SSL_ALGO_DSA)
+#endif
 
-#define SSL_AIDX_RSA     (0)
-#define SSL_AIDX_DSA     (1)
-#define SSL_AIDX_MAX     (2)
+#define SSL_AIDX_RSA     0
+#define SSL_AIDX_DSA     1
+#ifndef OPENSSL_NO_EC
+#define SSL_AIDX_ECC     2
+#define SSL_AIDX_MAX     3
+#else
+#define SSL_AIDX_MAX     2
+#endif
 
 /*
  * Define IDs for the temporary RSA keys and DH params
  */
 
-#define SSL_TMP_KEY_RSA_512     (0)
-#define SSL_TMP_KEY_RSA_1024    (1)
-#define SSL_TMP_KEY_RSA_2048    (2)
-#define SSL_TMP_KEY_RSA_4096    (3)
-#define SSL_TMP_KEY_DH_512      (4)
-#define SSL_TMP_KEY_DH_1024     (5)
-#define SSL_TMP_KEY_DH_2048     (6)
-#define SSL_TMP_KEY_DH_4096     (7)
-#define SSL_TMP_KEY_MAX         (8)
-
-#define SSL_CRT_FORMAT_UNDEF    (0)
-#define SSL_CRT_FORMAT_ASN1     (1)
-#define SSL_CRT_FORMAT_TEXT     (2)
-#define SSL_CRT_FORMAT_PEM      (3)
-#define SSL_CRT_FORMAT_NETSCAPE (4)
-#define SSL_CRT_FORMAT_PKCS12   (5)
-#define SSL_CRT_FORMAT_SMIME    (6)
-#define SSL_CRT_FORMAT_ENGINE   (7)
+#define SSL_TMP_KEY_RSA_512     0
+#define SSL_TMP_KEY_RSA_1024    1
+#define SSL_TMP_KEY_RSA_2048    2
+#define SSL_TMP_KEY_RSA_4096    3
+#define SSL_TMP_KEY_DH_512      4
+#define SSL_TMP_KEY_DH_1024     5
+#define SSL_TMP_KEY_DH_2048     6
+#define SSL_TMP_KEY_DH_4096     7
+#define SSL_TMP_KEY_MAX         8
+
+#define SSL_CRT_FORMAT_UNDEF    0
+#define SSL_CRT_FORMAT_ASN1     1
+#define SSL_CRT_FORMAT_TEXT     2
+#define SSL_CRT_FORMAT_PEM      3
+#define SSL_CRT_FORMAT_NETSCAPE 4
+#define SSL_CRT_FORMAT_PKCS12   5
+#define SSL_CRT_FORMAT_SMIME    6
+#define SSL_CRT_FORMAT_ENGINE   7
 /* XXX this stupid macro helps us to avoid
  * adding yet another param to load_*key()
  */
-#define SSL_KEY_FORMAT_IISSGC   (8)
+#define SSL_KEY_FORMAT_IISSGC   8
 
 /*
  * Define the SSL options
@@ -111,84 +144,85 @@
 /*
  * Define the SSL Protocol options
  */
-#define SSL_PROTOCOL_NONE       (0)
-#define SSL_PROTOCOL_SSLV2      (1)
-#define SSL_PROTOCOL_SSLV3      (2)
-#define SSL_PROTOCOL_SSLV23     (3)
-#define SSL_PROTOCOL_TLSV1      (4)
-#define SSL_PROTOCOL_DTLSV1     (5)
-
-#define SSL_MODE_CLIENT         (0)
-#define SSL_MODE_SERVER         (1)
-#define SSL_MODE_COMBINED       (2)
-
-#define SSL_BIO_FLAG_RDONLY     (1<<0)
-#define SSL_BIO_FLAG_CALLBACK   (1<<1)
-#define SSL_DEFAULT_CACHE_SIZE  (256)
-#define SSL_MAX_STR_LEN         (2048)
-
-#define SSL_CVERIFY_UNSET           (-1)
-#define SSL_CVERIFY_NONE            (0)
-#define SSL_CVERIFY_OPTIONAL        (1)
-#define SSL_CVERIFY_REQUIRE         (2)
-#define SSL_CVERIFY_OPTIONAL_NO_CA  (3)
+#define SSL_PROTOCOL_NONE       0
+#define SSL_PROTOCOL_SSLV2      1
+#define SSL_PROTOCOL_SSLV3      2
+#define SSL_PROTOCOL_SSLV23     3
+#define SSL_PROTOCOL_TLSV1      4
+#define SSL_PROTOCOL_DTLSV1     5
+
+#define SSL_MODE_CLIENT         0
+#define SSL_MODE_SERVER         1
+#define SSL_MODE_COMBINED       2
+
+#define SSL_BIO_FLAG_RDONLY     1
+#define SSL_BIO_FLAG_CALLBACK   2
+#define SSL_DEFAULT_CACHE_SIZE  256
+#define SSL_MAX_STR_LEN         2048
+
+#define SSL_CVERIFY_UNSET          (-1)
+#define SSL_CVERIFY_NONE            0
+#define SSL_CVERIFY_OPTIONAL        1
+#define SSL_CVERIFY_REQUIRE         2
+#define SSL_CVERIFY_OPTIONAL_NO_CA  3
 #define SSL_VERIFY_PEER_STRICT      (SSL_VERIFY_PEER|SSL_VERIFY_FAIL_IF_NO_PEER_CERT)
 
-#define SSL_SHUTDOWN_TYPE_UNSET     (0)
-#define SSL_SHUTDOWN_TYPE_STANDARD  (1)
-#define SSL_SHUTDOWN_TYPE_UNCLEAN   (2)
-#define SSL_SHUTDOWN_TYPE_ACCURATE  (3)
+#define SSL_SHUTDOWN_TYPE_UNSET     0
+#define SSL_SHUTDOWN_TYPE_STANDARD  1
+#define SSL_SHUTDOWN_TYPE_UNCLEAN   2
+#define SSL_SHUTDOWN_TYPE_ACCURATE  3
 
 #define SSL_TO_ACR_ERROR(X)         (ACR_OS_START_USERERR + 1000 + X)
 
-#define SSL_INFO_SESSION_ID                 (0x0001)
-#define SSL_INFO_CIPHER                     (0x0002)
-#define SSL_INFO_CIPHER_USEKEYSIZE          (0x0003)
-#define SSL_INFO_CIPHER_ALGKEYSIZE          (0x0004)
-#define SSL_INFO_CIPHER_VERSION             (0x0005)
-#define SSL_INFO_CIPHER_DESCRIPTION         (0x0006)
-#define SSL_INFO_PROTOCOL                   (0x0007)
-
-#define SSL_INFO_CLIENT_S_DN                (0x0010)
-#define SSL_INFO_CLIENT_I_DN                (0x0020)
-#define SSL_INFO_SERVER_S_DN                (0x0040)
-#define SSL_INFO_SERVER_I_DN                (0x0080)
-
-#define SSL_INFO_DN_COUNTRYNAME             (0x0001)
-#define SSL_INFO_DN_STATEORPROVINCENAME     (0x0002)
-#define SSL_INFO_DN_LOCALITYNAME            (0x0003)
-#define SSL_INFO_DN_ORGANIZATIONNAME        (0x0004)
-#define SSL_INFO_DN_ORGANIZATIONALUNITNAME  (0x0005)
-#define SSL_INFO_DN_COMMONNAME              (0x0006)
-#define SSL_INFO_DN_TITLE                   (0x0007)
-#define SSL_INFO_DN_INITIALS                (0x0008)
-#define SSL_INFO_DN_GIVENNAME               (0x0009)
-#define SSL_INFO_DN_SURNAME                 (0x000A)
-#define SSL_INFO_DN_DESCRIPTION             (0x000B)
-#define SSL_INFO_DN_UNIQUEIDENTIFIER        (0x000C)
-#define SSL_INFO_DN_EMAILADDRESS            (0x000D)
-
-#define SSL_INFO_CLIENT_MASK                (0x0100)
-
-#define SSL_INFO_CLIENT_M_VERSION           (0x0101)
-#define SSL_INFO_CLIENT_M_SERIAL            (0x0102)
-#define SSL_INFO_CLIENT_V_START             (0x0103)
-#define SSL_INFO_CLIENT_V_END               (0x0104)
-#define SSL_INFO_CLIENT_A_SIG               (0x0105)
-#define SSL_INFO_CLIENT_A_KEY               (0x0106)
-#define SSL_INFO_CLIENT_CERT                (0x0107)
-#define SSL_INFO_CLIENT_V_REMAIN            (0x0108)
-
-#define SSL_INFO_SERVER_MASK                (0x0200)
-
-#define SSL_INFO_SERVER_M_VERSION           (0x0201)
-#define SSL_INFO_SERVER_M_SERIAL            (0x0202)
-#define SSL_INFO_SERVER_V_START             (0x0203)
-#define SSL_INFO_SERVER_V_END               (0x0204)
-#define SSL_INFO_SERVER_A_SIG               (0x0205)
-#define SSL_INFO_SERVER_A_KEY               (0x0206)
-#define SSL_INFO_SERVER_CERT                (0x0207)
-#define SSL_INFO_CLIENT_CERT_CHAIN          (0x0400)
+#define SSL_INFO_SESSION_ID                 0x0001
+#define SSL_INFO_CIPHER                     0x0002
+#define SSL_INFO_CIPHER_USEKEYSIZE          0x0003
+#define SSL_INFO_CIPHER_ALGKEYSIZE          0x0004
+#define SSL_INFO_CIPHER_VERSION             0x0005
+#define SSL_INFO_CIPHER_DESCRIPTION         0x0006
+#define SSL_INFO_PROTOCOL                   0x0007
+
+#define SSL_INFO_CLIENT_S_DN                0x0010
+#define SSL_INFO_CLIENT_I_DN                0x0020
+#define SSL_INFO_SERVER_S_DN                0x0040
+#define SSL_INFO_SERVER_I_DN                0x0080
+
+#define SSL_INFO_DN_COUNTRYNAME             0x0001
+#define SSL_INFO_DN_STATEORPROVINCENAME     0x0002
+#define SSL_INFO_DN_LOCALITYNAME            0x0003
+#define SSL_INFO_DN_ORGANIZATIONNAME        0x0004
+#define SSL_INFO_DN_ORGANIZATIONALUNITNAME  0x0005
+#define SSL_INFO_DN_COMMONNAME              0x0006
+#define SSL_INFO_DN_TITLE                   0x0007
+#define SSL_INFO_DN_INITIALS                0x0008
+#define SSL_INFO_DN_GIVENNAME               0x0009
+#define SSL_INFO_DN_SURNAME                 0x000A
+#define SSL_INFO_DN_DESCRIPTION             0x000B
+#define SSL_INFO_DN_UNIQUEIDENTIFIER        0x000C
+#define SSL_INFO_DN_EMAILADDRESS            0x000D
+
+#define SSL_INFO_CLIENT_MASK                0x0100
+
+#define SSL_INFO_CLIENT_M_VERSION           0x0101
+#define SSL_INFO_CLIENT_M_SERIAL            0x0102
+#define SSL_INFO_CLIENT_V_START             0x0103
+#define SSL_INFO_CLIENT_V_END               0x0104
+#define SSL_INFO_CLIENT_A_SIG               0x0105
+#define SSL_INFO_CLIENT_A_KEY               0x0106
+#define SSL_INFO_CLIENT_CERT                0x0107
+#define SSL_INFO_CLIENT_V_REMAIN            0x0108
+
+#define SSL_INFO_SERVER_MASK                0x0200
+
+#define SSL_INFO_SERVER_M_VERSION           0x0201
+#define SSL_INFO_SERVER_M_SERIAL            0x0202
+#define SSL_INFO_SERVER_V_START             0x0203
+#define SSL_INFO_SERVER_V_END               0x0204
+#define SSL_INFO_SERVER_A_SIG               0x0205
+#define SSL_INFO_SERVER_A_KEY               0x0206
+#define SSL_INFO_SERVER_CERT                0x0207
+
+#define SSL_INFO_CLIENT_CERT_CHAIN          0x0400
 
 #define SSL_VERIFY_ERROR_IS_OPTIONAL(errnum) \
    ((errnum == X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT) \
@@ -249,6 +283,18 @@ typedef struct acr_ssl_ctxt_t {
     /* for client or downstream server authentication */
     int              verify_depth;
     int              verify_mode;
+#ifdef HAVE_OCSP_STAPLING
+    /** OCSP stapling options */
+    int              stapling_enabled;
+    long             stapling_resptime_skew;
+    long             stapling_resp_maxage;
+    int              stapling_cache_timeout;
+    BOOL             stapling_return_errors;
+    BOOL             stapling_fake_trylater;
+    int              stapling_errcache_timeout;
+    arc_time_t       stapling_responder_timeout;
+    const char      *stapling_force_url;
+#endif
 
     int              ocsp_enabled;       /* true if OCSP verification enabled */
     int              ocsp_force_default; /* true if the default responder URL is
@@ -267,6 +313,38 @@ typedef struct acr_ssl_ctxt_t {
         (ctx)->extra_certs = (value);           \
     } while (0)
 
+/**
+ * SSL socket descriptor.
+ * Make sure it is in sync with acr_sd_t so
+ * it can be casted to it
+ */
+typedef struct ssl_sd_t ssl_sd_t;
+struct ssl_sd_t {
+    volatile acr_atomic32_t refs;       /**< Reference  counter      */
+    int                     type;       /**< Descriptor type         */
+    int                     timeout;
+    int                     flags;
+#if defined(WINDOWS)
+    union {
+        HANDLE              h;
+        SOCKET              s;
+        LPVOID              p;
+    };
+#else
+    int                     s;
+#endif
+#if defined(WINDOWS)
+    WCHAR                  *socketfname;
+#endif
+   /*** SSL struct members ***/ 
+    acr_ssl_ctxt_t         *ctx;    
+    SSL                    *ssl;
+    X509                   *peer;
+    int                     shutdown_type;
+    int                     is_proxy;
+    int                     disabled;
+    int                     non_ssl_request;
+};
 
 /**
  *  Additional Functions

Modified: commons/sandbox/runtime/trunk/src/main/native/modules/openssl/api.c
URL: http://svn.apache.org/viewvc/commons/sandbox/runtime/trunk/src/main/native/modules/openssl/api.c?rev=1169761&r1=1169760&r2=1169761&view=diff
==============================================================================
--- commons/sandbox/runtime/trunk/src/main/native/modules/openssl/api.c (original)
+++ commons/sandbox/runtime/trunk/src/main/native/modules/openssl/api.c Mon Sep 12 14:22:05
2011
@@ -148,6 +148,25 @@ struct SSLAPIst {
     void                (*fpSSL_load_error_strings)(void);
     int                 (*fpSSL_set_ex_data)(SSL *, int, void *);
 
+    const SSL_METHOD*   (*fpSSLv3_method)(void);           /* SSLv3 */
+    const SSL_METHOD*   (*fpSSLv3_server_method)(void);    /* SSLv3 */
+    const SSL_METHOD*   (*fpSSLv3_client_method)(void);    /* SSLv3 */
+
+    const SSL_METHOD*   (*fpSSLv23_method)(void);          /* SSLv3 but can rollback to v2
*/
+    const SSL_METHOD*   (*fpSSLv23_server_method)(void);   /* SSLv3 but can rollback to v2
*/
+    const SSL_METHOD*   (*fpSSLv23_client_method)(void);   /* SSLv3 but can rollback to v2
*/
+
+    const SSL_METHOD*   (*fpTLSv1_method)(void);           /* TLSv1.0 */
+    const SSL_METHOD*   (*fpTLSv1_server_method)(void);    /* TLSv1.0 */
+    const SSL_METHOD*   (*fpTLSv1_client_method)(void);    /* TLSv1.0 */
+
+    const SSL_METHOD*   (*fpDTLSv1_method)(void);          /* DTLSv1.0 */
+    const SSL_METHOD*   (*fpDTLSv1_server_method)(void);   /* DTLSv1.0 */
+    const SSL_METHOD*   (*fpDTLSv1_client_method)(void);   /* DTLSv1.0 */
+
+    void                (*fpSSL_CTX_set_default_passwd_cb)(SSL_CTX *, pem_password_cb *);
+    void                (*fpSSL_CTX_set_default_passwd_cb_userdata)(SSL_CTX *ctx, void *u);
+    
     /*** X509     ***/
     void                (*fpX509_free)(X509 *);
     void                (*fpNULL)(void);
@@ -179,7 +198,14 @@ struct SSLOPTst {
 
     /*** RAND     ***/
     int                 (*fpRAND_set_rand_engine)(ENGINE *);
-#endif    
+#endif
+
+#ifndef OPENSSL_NO_SSL2
+    const SSL_METHOD*   (*fpSSLv2_method)(void);           /* SSLv2 */
+    const SSL_METHOD*   (*fpSSLv2_server_method)(void);    /* SSLv2 */
+    const SSL_METHOD*   (*fpSSLv2_client_method)(void);    /* SSLv2 */
+#endif
+    
     void                (*fpNULL)(void);
 };
 
@@ -218,10 +244,26 @@ ACR_JNI_EXPORT(jboolean, Native, ldopens
     LIBSSL_FPLOAD(SSL_load_error_strings);
     LIBSSL_FPLOAD(SSL_set_ex_data);
 
+    LIBSSL_FPLOAD(SSLv3_method);
+    LIBSSL_FPLOAD(SSLv3_server_method);
+    LIBSSL_FPLOAD(SSLv3_client_method);
+    LIBSSL_FPLOAD(SSLv23_method);
+    LIBSSL_FPLOAD(SSLv23_server_method);
+    LIBSSL_FPLOAD(SSLv23_client_method);
+    LIBSSL_FPLOAD(TLSv1_method);
+    LIBSSL_FPLOAD(TLSv1_server_method);
+    LIBSSL_FPLOAD(TLSv1_client_method);
+    LIBSSL_FPLOAD(DTLSv1_method);
+    LIBSSL_FPLOAD(DTLSv1_server_method);
+    LIBSSL_FPLOAD(DTLSv1_client_method);
+    
     /*** SSL_CTX  ***/
     LIBSSL_FPLOAD(SSL_CTX_ctrl);
     LIBSSL_FPLOAD(SSL_CTX_new);
     LIBSSL_FPLOAD(SSL_CTX_free);
+    LIBSSL_FPLOAD(SSL_CTX_set_default_passwd_cb);
+    LIBSSL_FPLOAD(SSL_CTX_set_default_passwd_cb_userdata);
+
     
     /*** BIO      ***/
     CRYPTO_FPLOAD(BIO_ctrl);
@@ -303,6 +345,12 @@ ACR_JNI_EXPORT(jboolean, Native, ldopens
     CRYPTO_LDDOPT(ENGINE_set_default);
     CRYPTO_LDDOPT(RAND_set_rand_engine);
 #endif    
+#ifndef OPENSSL_NO_SSL2
+    LIBSSL_LDDOPT(SSLv2_method);
+    LIBSSL_LDDOPT(SSLv2_server_method);
+    LIBSSL_LDDOPT(SSLv2_client_method);
+#endif
+
     return JNI_TRUE;
 failed:
     AcrThrowEx(env, ACR_EX_ENOENT, "Cannot find %s::%s()", dname, fname);
@@ -606,11 +654,58 @@ void SSL_load_error_strings(void)
     SSLAPI_CALL(SSL_load_error_strings)();
 }
 
-int SSL_set_ex_data(SSL *ssl,int idx,void *data)
+int SSL_set_ex_data(SSL *ssl, int idx, void *data)
 {
     return SSLAPI_CALL(SSL_set_ex_data)(ssl, idx, data);
 }
 
+#define IMPLEMENT_SSLAPI_METHOD(name)                   \
+const SSL_METHOD *name##_method(void) {                 \
+    return (*SSLapi.fp##name##_method)();               \
+}
+
+#define IMPLEMENT_SSLOPT_METHOD(name)                   \
+const SSL_METHOD *name##_method(void) {                 \
+    if (SSLopt.fp##name##_method != 0)                  \
+        return (*SSLopt.fp##name##_method)();           \
+    else { ACR_SET_OS_ERROR(ACR_ENOTIMPL); return 0; }  \
+}
+
+#ifndef OPENSSL_NO_SSL2
+IMPLEMENT_SSLOPT_METHOD(SSLv2)
+IMPLEMENT_SSLOPT_METHOD(SSLv2_server)
+IMPLEMENT_SSLOPT_METHOD(SSLv2_client)
+#endif
+
+IMPLEMENT_SSLAPI_METHOD(SSLv3)
+IMPLEMENT_SSLAPI_METHOD(SSLv3_server)
+IMPLEMENT_SSLAPI_METHOD(SSLv3_client)
+
+IMPLEMENT_SSLAPI_METHOD(SSLv23)
+IMPLEMENT_SSLAPI_METHOD(SSLv23_server)
+IMPLEMENT_SSLAPI_METHOD(SSLv23_client)
+
+IMPLEMENT_SSLAPI_METHOD(TLSv1)
+IMPLEMENT_SSLAPI_METHOD(TLSv1_server)
+IMPLEMENT_SSLAPI_METHOD(TLSv1_client)
+
+IMPLEMENT_SSLAPI_METHOD(DTLSv1)
+IMPLEMENT_SSLAPI_METHOD(DTLSv1_server)
+IMPLEMENT_SSLAPI_METHOD(DTLSv1_client)
+
+#undef IMPLEMENT_SSLOPT_METHOD
+#undef IMPLEMENT_SSLAPI_METHOD
+
+void SSL_CTX_set_default_passwd_cb(SSL_CTX *ctx, pem_password_cb *cb)
+{
+    SSLAPI_CALL(SSL_CTX_set_default_passwd_cb)(ctx, cb);
+}
+
+void SSL_CTX_set_default_passwd_cb_userdata(SSL_CTX *ctx, void *u)
+{
+    SSLAPI_CALL(SSL_CTX_set_default_passwd_cb_userdata)(ctx, u);
+}
+
 void X509_free(X509 *x)
 {
     SSLAPI_CALL(X509_free)(x);



Mime
View raw message