httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Rainer Jung <rainer.j...@kippdata.de>
Subject Re: svn commit: r1740653 - in /httpd/httpd/trunk/modules/ssl: ssl_engine_kernel.c ssl_engine_ocsp.c ssl_private.h ssl_util_stapling.c
Date Fri, 29 Apr 2016 09:29:52 GMT
Am 29.04.2016 um 10:26 schrieb Yann Ylavic:
> On Fri, Apr 29, 2016 at 10:16 AM, Yann Ylavic <ylavic.dev@gmail.com> wrote:
>> Hi Rainer,
>>
>> On Fri, Apr 29, 2016 at 10:13 AM, Rainer Jung <rainer.jung@kippdata.de> wrote:
>>> The function X509_STORE_CTX_get0_current_issuer() has first shown up in
>>> OpenSSL 1.0.0, but is not available in 0.9.8.
>>
>> I don't see it in 1.0.1s, but it is in 1.0.2g, maybe introduced in 1.0.2?
>
> It seems to (https://github.com/openssl/openssl/commit/75f535315aadb36a4c591c0b6710e4962a7aa841).

That's the change why we need for

+#if OPENSSL_VERSION_NUMBER < 0x10002000L
+#define X509_STORE_CTX_get0_store(x) (x->ctx)
+#endif

But you were asking for

+#if OPENSSL_VERSION_NUMBER < 0x10000000L
+#ifndef X509_STORE_CTX_get0_current_issuer
+#define X509_STORE_CTX_get0_current_issuer(x) (x->current_issuer)
+#endif

And X509_STORE_CTX_get0_current_issuer() is a function since 1.0.0 (no 
letter) and was introduced as a macro somewhere in the middle of 0.9.8. 
Therefore the nested check above.

It is in include/openssl/symhacks.h for 0.9.8 and was added to 1.0.0 with

https://github.com/openssl/openssl/commit/4a7f7171f5dbaa4cbab2d3768a2c93e96a9dcdb5

I didn't check whether the macro in 0.9.8 actually works if it is 
defined, but I hope so ...

Regards,

Rainer



Mime
View raw message