diff options
Diffstat (limited to 'databases/mongodb34/files/patch-asio-openssl-1.1.0')
| -rw-r--r-- | databases/mongodb34/files/patch-asio-openssl-1.1.0 | 666 |
1 files changed, 0 insertions, 666 deletions
diff --git a/databases/mongodb34/files/patch-asio-openssl-1.1.0 b/databases/mongodb34/files/patch-asio-openssl-1.1.0 deleted file mode 100644 index e127e0dd6d19..000000000000 --- a/databases/mongodb34/files/patch-asio-openssl-1.1.0 +++ /dev/null @@ -1,666 +0,0 @@ -From 628e3ca9fe7a1bed1ce2308e2df4a1a4ecd1dfe7 Mon Sep 17 00:00:00 2001 -From: Christopher Kohlhoff <chris@kohlhoff.com> -Date: Fri, 20 Mar 2015 08:46:51 +1100 -Subject: [PATCH] ERR_remove_state is deprecated, use ERR_remove_thread_state - instead. - ---- - asio/include/asio/ssl/detail/impl/openssl_init.ipp | 4 ++++ - 1 file changed, 4 insertions(+) - -diff --git src/third_party/asio-asio-1-11-0/asio/include/asio/ssl/detail/impl/openssl_init.ipp src/third_party/asio-asio-1-11-0/asio/include/asio/ssl/detail/impl/openssl_init.ipp -index 2c40d40..da66fc1 100644 ---- src/third_party/asio-asio-1-11-0/asio/include/asio/ssl/detail/impl/openssl_init.ipp -+++ src/third_party/asio-asio-1-11-0/asio/include/asio/ssl/detail/impl/openssl_init.ipp -@@ -63,7 +63,11 @@ public: - ::CRYPTO_set_id_callback(0); - ::CRYPTO_set_locking_callback(0); - ::ERR_free_strings(); -+#if (OPENSSL_VERSION_NUMBER >= 0x10000000L) -+ ::ERR_remove_thread_state(NULL); -+#else // (OPENSSL_VERSION_NUMBER >= 0x10000000L) - ::ERR_remove_state(0); -+#endif // (OPENSSL_VERSION_NUMBER >= 0x10000000L) - ::EVP_cleanup(); - ::CRYPTO_cleanup_all_ex_data(); - ::CONF_modules_unload(1); -From aa21de0944b4327f998fe161dde5ddaaf38cec5c Mon Sep 17 00:00:00 2001 -From: Christopher Kohlhoff <chris@kohlhoff.com> -Date: Sat, 21 Mar 2015 20:52:42 +1100 -Subject: [PATCH] Remove redundant pointer check in SSL engine. - ---- - asio/include/asio/ssl/detail/impl/engine.ipp | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git src/third_party/asio-asio-1-11-0/asio/include/asio/ssl/detail/impl/engine.ipp src/third_party/asio-asio-1-11-0/asio/include/asio/ssl/detail/impl/engine.ipp -index 5504411..2e4a39d 100644 ---- src/third_party/asio-asio-1-11-0/asio/include/asio/ssl/detail/impl/engine.ipp -+++ src/third_party/asio-asio-1-11-0/asio/include/asio/ssl/detail/impl/engine.ipp -@@ -206,7 +206,7 @@ const asio::error_code& engine::map_error_code( - - // SSL v2 doesn't provide a protocol-level shutdown, so an eof on the - // underlying transport is passed through. -- if (ssl_ && ssl_->version == SSL2_VERSION) -+ if (ssl_->version == SSL2_VERSION) - return ec; - - // Otherwise, the peer should have negotiated a proper shutdown. -From 6c70257e20ef159c581298b54838361bb54bfce4 Mon Sep 17 00:00:00 2001 -From: Christopher Kohlhoff <chris@kohlhoff.com> -Date: Thu, 1 Oct 2015 08:44:30 +1000 -Subject: [PATCH] Use SSL_CTX_clear_chain_certs, if available. - ---- - asio/include/asio/ssl/impl/context.ipp | 4 ++++ - 1 file changed, 4 insertions(+) - -diff --git src/third_party/asio-asio-1-11-0/asio/include/asio/ssl/impl/context.ipp src/third_party/asio-asio-1-11-0/asio/include/asio/ssl/impl/context.ipp -index 08705e7..77da84e 100644 ---- src/third_party/asio-asio-1-11-0/asio/include/asio/ssl/impl/context.ipp -+++ src/third_party/asio-asio-1-11-0/asio/include/asio/ssl/impl/context.ipp -@@ -539,11 +539,15 @@ asio::error_code context::use_certificate_chain( - return ec; - } - -+#if (OPENSSL_VERSION_NUMBER >= 0x10002000L) -+ ::SSL_CTX_clear_chain_certs(handle_); -+#else - if (handle_->extra_certs) - { - ::sk_X509_pop_free(handle_->extra_certs, X509_free); - handle_->extra_certs = 0; - } -+#endif // (OPENSSL_VERSION_NUMBER >= 0x10002000L) - - while (X509* cacert = ::PEM_read_bio_X509(bio.p, 0, - handle_->default_passwd_callback, -From 92bfc623e6a71353dd2c783f4c9fef5591ac550d Mon Sep 17 00:00:00 2001 -From: Christopher Kohlhoff <chris@kohlhoff.com> -Date: Thu, 19 Nov 2015 10:24:56 +1100 -Subject: [PATCH] Add new error category and constant for - ssl::error::stream_truncated. - -This error replaces uses of SSL_R_SHORT_READ, and indicates that the -SSL stream has been shut down abruptly. (I.e. the underlying socket -has been closed without performing an SSL-layer shutdown.) ---- - asio/include/asio/ssl/detail/impl/engine.ipp | 8 ++----- - asio/include/asio/ssl/error.hpp | 34 ++++++++++++++++++++++++++++ - asio/include/asio/ssl/impl/error.ipp | 33 ++++++++++++++++++++++++++- - 3 files changed, 68 insertions(+), 7 deletions(-) - -diff --git src/third_party/asio-asio-1-11-0/asio/include/asio/ssl/detail/impl/engine.ipp src/third_party/asio-asio-1-11-0/asio/include/asio/ssl/detail/impl/engine.ipp -index b59cf18..9abe010 100644 ---- src/third_party/asio-asio-1-11-0/asio/include/asio/ssl/detail/impl/engine.ipp -+++ src/third_party/asio-asio-1-11-0/asio/include/asio/ssl/detail/impl/engine.ipp -@@ -195,9 +195,7 @@ const asio::error_code& engine::map_error_code( - // If there's data yet to be read, it's an error. - if (BIO_wpending(ext_bio_)) - { -- ec = asio::error_code( -- ERR_PACK(ERR_LIB_SSL, 0, SSL_R_SHORT_READ), -- asio::error::get_ssl_category()); -+ ec = asio::ssl::error::stream_truncated; - return ec; - } - -@@ -209,9 +207,7 @@ const asio::error_code& engine::map_error_code( - // Otherwise, the peer should have negotiated a proper shutdown. - if ((::SSL_get_shutdown(ssl_) & SSL_RECEIVED_SHUTDOWN) == 0) - { -- ec = asio::error_code( -- ERR_PACK(ERR_LIB_SSL, 0, SSL_R_SHORT_READ), -- asio::error::get_ssl_category()); -+ ec = asio::ssl::error::stream_truncated; - } - - return ec; -diff --git src/third_party/asio-asio-1-11-0/asio/include/asio/ssl/error.hpp src/third_party/asio-asio-1-11-0/asio/include/asio/ssl/error.hpp -index 1385d2a..f044f59 100644 ---- src/third_party/asio-asio-1-11-0/asio/include/asio/ssl/error.hpp -+++ src/third_party/asio-asio-1-11-0/asio/include/asio/ssl/error.hpp -@@ -25,6 +25,7 @@ namespace error { - - enum ssl_errors - { -+ // Error numbers are those produced by openssl. - }; - - extern ASIO_DECL -@@ -34,6 +35,23 @@ static const asio::error_category& ssl_category - = asio::error::get_ssl_category(); - - } // namespace error -+namespace ssl { -+namespace error { -+ -+enum stream_errors -+{ -+ /// The underlying stream closed before the ssl stream gracefully shut down. -+ stream_truncated = 1 -+}; -+ -+extern ASIO_DECL -+const asio::error_category& get_stream_category(); -+ -+static const asio::error_category& stream_category -+ = asio::ssl::error::get_stream_category(); -+ -+} // namespace error -+} // namespace ssl - } // namespace asio - - #if defined(ASIO_HAS_STD_SYSTEM_ERROR) -@@ -44,6 +62,11 @@ template<> struct is_error_code_enum<asio::error::ssl_errors> - static const bool value = true; - }; - -+template<> struct is_error_code_enum<asio::ssl::error::stream_errors> -+{ -+ static const bool value = true; -+}; -+ - } // namespace std - #endif // defined(ASIO_HAS_STD_SYSTEM_ERROR) - -@@ -57,6 +80,17 @@ inline asio::error_code make_error_code(ssl_errors e) - } - - } // namespace error -+namespace ssl { -+namespace error { -+ -+inline asio::error_code make_error_code(stream_errors e) -+{ -+ return asio::error_code( -+ static_cast<int>(e), get_stream_category()); -+} -+ -+} // namespace error -+} // namespace ssl - } // namespace asio - - #include "asio/detail/pop_options.hpp" -diff --git src/third_party/asio-asio-1-11-0/asio/include/asio/ssl/impl/error.ipp src/third_party/asio-asio-1-11-0/asio/include/asio/ssl/impl/error.ipp -index 9e76039..8c20e81 100644 ---- src/third_party/asio-asio-1-11-0/asio/include/asio/ssl/impl/error.ipp -+++ src/third_party/asio-asio-1-11-0/asio/include/asio/ssl/impl/error.ipp -@@ -23,7 +23,6 @@ - - namespace asio { - namespace error { -- - namespace detail { - - class ssl_category : public asio::error_category -@@ -50,6 +49,38 @@ const asio::error_category& get_ssl_category() - } - - } // namespace error -+namespace ssl { -+namespace error { -+namespace detail { -+ -+class stream_category : public asio::error_category -+{ -+public: -+ const char* name() const ASIO_ERROR_CATEGORY_NOEXCEPT -+ { -+ return "asio.ssl.stream"; -+ } -+ -+ std::string message(int value) const -+ { -+ switch (value) -+ { -+ case stream_truncated: return "stream truncated"; -+ default: return "asio.ssl.stream error"; -+ } -+ } -+}; -+ -+} // namespace detail -+ -+const asio::error_category& get_stream_category() -+{ -+ static detail::stream_category instance; -+ return instance; -+} -+ -+} // namespace error -+} // namespace ssl - } // namespace asio - - #include "asio/detail/pop_options.hpp" -From 5fa80539834c10406611bb02c20cdba2a9171f4a Mon Sep 17 00:00:00 2001 -From: Christopher Kohlhoff <chris@kohlhoff.com> -Date: Thu, 19 Nov 2015 10:25:42 +1100 -Subject: [PATCH] BoringSSL does not provide CONF_modules_unload. - ---- - asio/include/asio/ssl/detail/impl/openssl_init.ipp | 2 ++ - 1 file changed, 2 insertions(+) - -diff --git src/third_party/asio-asio-1-11-0/asio/include/asio/ssl/detail/impl/openssl_init.ipp src/third_party/asio-asio-1-11-0/asio/include/asio/ssl/detail/impl/openssl_init.ipp -index da66fc1..2a70bf5 100644 ---- src/third_party/asio-asio-1-11-0/asio/include/asio/ssl/detail/impl/openssl_init.ipp -+++ src/third_party/asio-asio-1-11-0/asio/include/asio/ssl/detail/impl/openssl_init.ipp -@@ -70,7 +70,9 @@ public: - #endif // (OPENSSL_VERSION_NUMBER >= 0x10000000L) - ::EVP_cleanup(); - ::CRYPTO_cleanup_all_ex_data(); -+#if !defined(OPENSSL_IS_BORINGSSL) - ::CONF_modules_unload(1); -+#endif // !defined(OPENSSL_IS_BORINGSSL) - #if !defined(OPENSSL_NO_ENGINE) - ::ENGINE_cleanup(); - #endif // !defined(OPENSSL_NO_ENGINE) -From 062b19c97bb85f4625b46f93ee19b234948ff235 Mon Sep 17 00:00:00 2001 -From: Marcel Raad <raad@teamviewer.com> -Date: Fri, 1 Apr 2016 10:46:17 +0200 -Subject: [PATCH] Add compatibility with OpenSSL 1.1 - SSLv2 has been - completely removed from OpenSSL, even without OPENSSL_NO_SSL2 - there is a - new threading API without locking callbacks - struct SSL_CTX has been made - opaque and must be used via accessor functions - some cleanup functions have - been removed - ---- - asio/include/asio/ssl/detail/impl/engine.ipp | 2 + - asio/include/asio/ssl/detail/impl/openssl_init.ipp | 20 ++++-- - asio/include/asio/ssl/impl/context.ipp | 71 +++++++++++++++++----- - 3 files changed, 72 insertions(+), 21 deletions(-) - -diff --git src/third_party/asio-asio-1-11-0/asio/include/asio/ssl/detail/impl/engine.ipp src/third_party/asio-asio-1-11-0/asio/include/asio/ssl/detail/impl/engine.ipp -index fa5d4b0..22b7cdd 100644 ---- src/third_party/asio-asio-1-11-0/asio/include/asio/ssl/detail/impl/engine.ipp -+++ src/third_party/asio-asio-1-11-0/asio/include/asio/ssl/detail/impl/engine.ipp -@@ -201,8 +201,10 @@ const asio::error_code& engine::map_error_code( - - // SSL v2 doesn't provide a protocol-level shutdown, so an eof on the - // underlying transport is passed through. -+#if (OPENSSL_VERSION_NUMBER < 0x10100000L) - if (ssl_->version == SSL2_VERSION) - return ec; -+#endif // (OPENSSL_VERSION_NUMBER < 0x10100000L) - - // Otherwise, the peer should have negotiated a proper shutdown. - if ((::SSL_get_shutdown(ssl_) & SSL_RECEIVED_SHUTDOWN) == 0) -diff --git src/third_party/asio-asio-1-11-0/asio/include/asio/ssl/detail/impl/openssl_init.ipp src/third_party/asio-asio-1-11-0/asio/include/asio/ssl/detail/impl/openssl_init.ipp -index 700b678..62a49cd 100644 ---- src/third_party/asio-asio-1-11-0/asio/include/asio/ssl/detail/impl/openssl_init.ipp -+++ src/third_party/asio-asio-1-11-0/asio/include/asio/ssl/detail/impl/openssl_init.ipp -@@ -39,11 +39,13 @@ public: - ::SSL_load_error_strings(); - ::OpenSSL_add_all_algorithms(); - -+#if (OPENSSL_VERSION_NUMBER < 0x10100000L) - mutexes_.resize(::CRYPTO_num_locks()); - for (size_t i = 0; i < mutexes_.size(); ++i) - mutexes_[i].reset(new asio::detail::mutex); - ::CRYPTO_set_locking_callback(&do_init::openssl_locking_func); - ::CRYPTO_set_id_callback(&do_init::openssl_id_func); -+#endif // (OPENSSL_VERSION_NUMBER < 0x10100000L) - - #if !defined(SSL_OP_NO_COMPRESSION) \ - && (OPENSSL_VERSION_NUMBER >= 0x00908000L) -@@ -60,22 +62,26 @@ public: - #endif // !defined(SSL_OP_NO_COMPRESSION) - // && (OPENSSL_VERSION_NUMBER >= 0x00908000L) - -+#if (OPENSSL_VERSION_NUMBER < 0x10100000L) - ::CRYPTO_set_id_callback(0); - ::CRYPTO_set_locking_callback(0); - ::ERR_free_strings(); --#if (OPENSSL_VERSION_NUMBER >= 0x10000000L) -- ::ERR_remove_thread_state(NULL); --#else // (OPENSSL_VERSION_NUMBER >= 0x10000000L) -- ::ERR_remove_state(0); --#endif // (OPENSSL_VERSION_NUMBER >= 0x10000000L) - ::EVP_cleanup(); - ::CRYPTO_cleanup_all_ex_data(); -+#endif // (OPENSSL_VERSION_NUMBER < 0x10100000L) -+#if (OPENSSL_VERSION_NUMBER < 0x10000000L) -+ ::ERR_remove_state(0); -+#elif (OPENSSL_VERSION_NUMBER < 0x10100000L) -+ ::ERR_remove_thread_state(NULL); -+#endif // (OPENSSL_VERSION_NUMBER < 0x10000000L) - #if !defined(OPENSSL_IS_BORINGSSL) - ::CONF_modules_unload(1); - #endif // !defined(OPENSSL_IS_BORINGSSL) --#if !defined(OPENSSL_NO_ENGINE) -+#if !defined(OPENSSL_NO_ENGINE) \ -+ && (OPENSSL_VERSION_NUMBER < 0x10100000L) - ::ENGINE_cleanup(); - #endif // !defined(OPENSSL_NO_ENGINE) -+ // && (OPENSSL_VERSION_NUMBER < 0x10100000L) - } - - #if !defined(SSL_OP_NO_COMPRESSION) \ -@@ -104,10 +110,12 @@ private: - static void openssl_locking_func(int mode, int n, - const char* /*file*/, int /*line*/) - { -+#if (OPENSSL_VERSION_NUMBER < 0x10100000L) - if (mode & CRYPTO_LOCK) - instance()->mutexes_[n]->lock(); - else - instance()->mutexes_[n]->unlock(); -+#endif // (OPENSSL_VERSION_NUMBER < 0x10100000L) - } - - // Mutexes to be used in locking callbacks. -diff --git src/third_party/asio-asio-1-11-0/asio/include/asio/ssl/impl/context.ipp src/third_party/asio-asio-1-11-0/asio/include/asio/ssl/impl/context.ipp -index 02210d9..fde7709 100644 ---- src/third_party/asio-asio-1-11-0/asio/include/asio/ssl/impl/context.ipp -+++ src/third_party/asio-asio-1-11-0/asio/include/asio/ssl/impl/context.ipp -@@ -66,7 +66,8 @@ context::context(context::method m) - - switch (m) - { --#if defined(OPENSSL_NO_SSL2) -+#if defined(OPENSSL_NO_SSL2) \ -+ || (OPENSSL_VERSION_NUMBER >= 0x10100000L) - case context::sslv2: - case context::sslv2_client: - case context::sslv2_server: -@@ -74,6 +75,7 @@ context::context(context::method m) - asio::error::invalid_argument, "context"); - break; - #else // defined(OPENSSL_NO_SSL2) -+ // || (OPENSSL_VERSION_NUMBER >= 0x10100000L) - case context::sslv2: - handle_ = ::SSL_CTX_new(::SSLv2_method()); - break; -@@ -84,6 +86,7 @@ context::context(context::method m) - handle_ = ::SSL_CTX_new(::SSLv2_server_method()); - break; - #endif // defined(OPENSSL_NO_SSL2) -+ // || (OPENSSL_VERSION_NUMBER >= 0x10100000L) - #if defined(OPENSSL_NO_SSL3) - case context::sslv3: - case context::sslv3_client: -@@ -192,13 +195,22 @@ context::~context() - { - if (handle_) - { -- if (handle_->default_passwd_callback_userdata) -+#if (OPENSSL_VERSION_NUMBER >= 0x10100000L) -+ void* cb_userdata = ::SSL_CTX_get_default_passwd_cb_userdata(handle_); -+#else // (OPENSSL_VERSION_NUMBER >= 0x10100000L) -+ void* cb_userdata = handle_->default_passwd_callback_userdata; -+#endif // (OPENSSL_VERSION_NUMBER >= 0x10100000L) -+ if (cb_userdata) - { - detail::password_callback_base* callback = - static_cast<detail::password_callback_base*>( -- handle_->default_passwd_callback_userdata); -+ cb_userdata); - delete callback; -+#if (OPENSSL_VERSION_NUMBER >= 0x10100000L) -+ ::SSL_CTX_set_default_passwd_cb_userdata(handle_, 0); -+#else // (OPENSSL_VERSION_NUMBER >= 0x10100000L) - handle_->default_passwd_callback_userdata = 0; -+#endif // (OPENSSL_VERSION_NUMBER >= 0x10100000L) - } - - if (SSL_CTX_get_app_data(handle_)) -@@ -528,10 +540,17 @@ ASIO_SYNC_OP_VOID context::use_certificate_chain( - bio_cleanup bio = { make_buffer_bio(chain) }; - if (bio.p) - { -+#if (OPENSSL_VERSION_NUMBER >= 0x10100000L) -+ pem_password_cb* callback = ::SSL_CTX_get_default_passwd_cb(handle_); -+ void* cb_userdata = ::SSL_CTX_get_default_passwd_cb_userdata(handle_); -+#else // (OPENSSL_VERSION_NUMBER >= 0x10100000L) -+ pem_password_cb* callback = handle_->default_passwd_callback; -+ void* cb_userdata = handle_->default_passwd_callback_userdata; -+#endif // (OPENSSL_VERSION_NUMBER >= 0x10100000L) - x509_cleanup cert = { - ::PEM_read_bio_X509_AUX(bio.p, 0, -- handle_->default_passwd_callback, -- handle_->default_passwd_callback_userdata) }; -+ callback, -+ cb_userdata) }; - if (!cert.p) - { - ec = asio::error_code(ERR_R_PEM_LIB, -@@ -559,8 +578,8 @@ ASIO_SYNC_OP_VOID context::use_certificate_chain( - #endif // (OPENSSL_VERSION_NUMBER >= 0x10002000L) - - while (X509* cacert = ::PEM_read_bio_X509(bio.p, 0, -- handle_->default_passwd_callback, -- handle_->default_passwd_callback_userdata)) -+ callback, -+ cb_userdata)) - { - if (!::SSL_CTX_add_extra_chain_cert(handle_, cacert)) - { -@@ -625,6 +644,14 @@ ASIO_SYNC_OP_VOID context::use_private_key( - { - ::ERR_clear_error(); - -+#if (OPENSSL_VERSION_NUMBER >= 0x10100000L) -+ pem_password_cb* callback = ::SSL_CTX_get_default_passwd_cb(handle_); -+ void* cb_userdata = ::SSL_CTX_get_default_passwd_cb_userdata(handle_); -+#else // (OPENSSL_VERSION_NUMBER >= 0x10100000L) -+ pem_password_cb* callback = handle_->default_passwd_callback; -+ void* cb_userdata = handle_->default_passwd_callback_userdata; -+#endif // (OPENSSL_VERSION_NUMBER >= 0x10100000L) -+ - bio_cleanup bio = { make_buffer_bio(private_key) }; - if (bio.p) - { -@@ -636,8 +663,8 @@ ASIO_SYNC_OP_VOID context::use_private_key( - break; - case context_base::pem: - evp_private_key.p = ::PEM_read_bio_PrivateKey( -- bio.p, 0, handle_->default_passwd_callback, -- handle_->default_passwd_callback_userdata); -+ bio.p, 0, callback, -+ cb_userdata); - break; - default: - { -@@ -684,6 +711,14 @@ ASIO_SYNC_OP_VOID context::use_rsa_private_key( - { - ::ERR_clear_error(); - -+#if (OPENSSL_VERSION_NUMBER >= 0x10100000L) -+ pem_password_cb* callback = ::SSL_CTX_get_default_passwd_cb(handle_); -+ void* cb_userdata = ::SSL_CTX_get_default_passwd_cb_userdata(handle_); -+#else // (OPENSSL_VERSION_NUMBER >= 0x10100000L) -+ pem_password_cb* callback = handle_->default_passwd_callback; -+ void* cb_userdata = handle_->default_passwd_callback_userdata; -+#endif // (OPENSSL_VERSION_NUMBER >= 0x10100000L) -+ - bio_cleanup bio = { make_buffer_bio(private_key) }; - if (bio.p) - { -@@ -695,8 +730,8 @@ ASIO_SYNC_OP_VOID context::use_rsa_private_key( - break; - case context_base::pem: - rsa_private_key.p = ::PEM_read_bio_RSAPrivateKey( -- bio.p, 0, handle_->default_passwd_callback, -- handle_->default_passwd_callback_userdata); -+ bio.p, 0, callback, -+ cb_userdata); - break; - default: - { -@@ -915,11 +950,17 @@ int context::verify_callback_function(int preverified, X509_STORE_CTX* ctx) - ASIO_SYNC_OP_VOID context::do_set_password_callback( - detail::password_callback_base* callback, asio::error_code& ec) - { -- if (handle_->default_passwd_callback_userdata) -- delete static_cast<detail::password_callback_base*>( -- handle_->default_passwd_callback_userdata); -- -+#if (OPENSSL_VERSION_NUMBER >= 0x10100000L) -+ void* old_callback = ::SSL_CTX_get_default_passwd_cb_userdata(handle_); -+ ::SSL_CTX_set_default_passwd_cb_userdata(handle_, callback); -+#else // (OPENSSL_VERSION_NUMBER >= 0x10100000L) -+ void* old_callback = handle_->default_passwd_callback_userdata; - handle_->default_passwd_callback_userdata = callback; -+#endif // (OPENSSL_VERSION_NUMBER >= 0x10100000L) -+ -+ if (old_callback) -+ delete static_cast<detail::password_callback_base*>( -+ old_callback); - - SSL_CTX_set_default_passwd_cb(handle_, &context::password_callback_function); - -From 69e44a4cc6eb5ba21ede409779a7b777c0eb3869 Mon Sep 17 00:00:00 2001 -From: Christopher Kohlhoff <chris@kohlhoff.com> -Date: Sun, 28 Aug 2016 10:02:08 +1000 -Subject: [PATCH] Fix errors when OPENSSL_NO_DEPRECATED is defined. - ---- - asio/include/asio/ssl/detail/impl/openssl_init.ipp | 23 +++++++++++----------- - asio/include/asio/ssl/detail/openssl_types.hpp | 2 ++ - 2 files changed, 13 insertions(+), 12 deletions(-) - -diff --git src/third_party/asio-asio-1-11-0/asio/include/asio/ssl/detail/impl/openssl_init.ipp src/third_party/asio-asio-1-11-0/asio/include/asio/ssl/detail/impl/openssl_init.ipp -index 62a49cd..4cc9859 100644 ---- src/third_party/asio-asio-1-11-0/asio/include/asio/ssl/detail/impl/openssl_init.ipp -+++ src/third_party/asio-asio-1-11-0/asio/include/asio/ssl/detail/impl/openssl_init.ipp -@@ -44,8 +44,10 @@ public: - for (size_t i = 0; i < mutexes_.size(); ++i) - mutexes_[i].reset(new asio::detail::mutex); - ::CRYPTO_set_locking_callback(&do_init::openssl_locking_func); -- ::CRYPTO_set_id_callback(&do_init::openssl_id_func); - #endif // (OPENSSL_VERSION_NUMBER < 0x10100000L) -+#if (OPENSSL_VERSION_NUMBER < 0x10000000L) -+ ::CRYPTO_set_id_callback(&do_init::openssl_id_func); -+#endif // (OPENSSL_VERSION_NUMBER < 0x10000000L) - - #if !defined(SSL_OP_NO_COMPRESSION) \ - && (OPENSSL_VERSION_NUMBER >= 0x00908000L) -@@ -62,8 +64,10 @@ public: - #endif // !defined(SSL_OP_NO_COMPRESSION) - // && (OPENSSL_VERSION_NUMBER >= 0x00908000L) - --#if (OPENSSL_VERSION_NUMBER < 0x10100000L) -+#if (OPENSSL_VERSION_NUMBER < 0x10000000L) - ::CRYPTO_set_id_callback(0); -+#endif // (OPENSSL_VERSION_NUMBER < 0x10000000L) -+#if (OPENSSL_VERSION_NUMBER < 0x10100000L) - ::CRYPTO_set_locking_callback(0); - ::ERR_free_strings(); - ::EVP_cleanup(); -@@ -94,38 +98,33 @@ public: - // && (OPENSSL_VERSION_NUMBER >= 0x00908000L) - - private: -+#if (OPENSSL_VERSION_NUMBER < 0x10000000L) - static unsigned long openssl_id_func() - { - #if defined(ASIO_WINDOWS) || defined(__CYGWIN__) - return ::GetCurrentThreadId(); - #else // defined(ASIO_WINDOWS) || defined(__CYGWIN__) -- void* id = instance()->thread_id_; -- if (id == 0) -- instance()->thread_id_ = id = &id; // Ugh. -+ void* id = &errno; - ASIO_ASSERT(sizeof(unsigned long) >= sizeof(void*)); - return reinterpret_cast<unsigned long>(id); - #endif // defined(ASIO_WINDOWS) || defined(__CYGWIN__) - } -+#endif // (OPENSSL_VERSION_NUMBER < 0x10000000L) - -+#if (OPENSSL_VERSION_NUMBER < 0x10100000L) - static void openssl_locking_func(int mode, int n, - const char* /*file*/, int /*line*/) - { --#if (OPENSSL_VERSION_NUMBER < 0x10100000L) - if (mode & CRYPTO_LOCK) - instance()->mutexes_[n]->lock(); - else - instance()->mutexes_[n]->unlock(); --#endif // (OPENSSL_VERSION_NUMBER < 0x10100000L) - } - - // Mutexes to be used in locking callbacks. - std::vector<asio::detail::shared_ptr< - asio::detail::mutex> > mutexes_; -- --#if !defined(ASIO_WINDOWS) && !defined(__CYGWIN__) -- // The thread identifiers to be used by openssl. -- asio::detail::tss_ptr<void> thread_id_; --#endif // !defined(ASIO_WINDOWS) && !defined(__CYGWIN__) -+#endif // (OPENSSL_VERSION_NUMBER < 0x10100000L) - - #if !defined(SSL_OP_NO_COMPRESSION) \ - && (OPENSSL_VERSION_NUMBER >= 0x00908000L) -diff --git src/third_party/asio-asio-1-11-0/asio/include/asio/ssl/detail/openssl_types.hpp src/third_party/asio-asio-1-11-0/asio/include/asio/ssl/detail/openssl_types.hpp -index d9cfc71..eda740d 100644 ---- src/third_party/asio-asio-1-11-0/asio/include/asio/ssl/detail/openssl_types.hpp -+++ src/third_party/asio-asio-1-11-0/asio/include/asio/ssl/detail/openssl_types.hpp -@@ -21,7 +21,9 @@ - #if !defined(OPENSSL_NO_ENGINE) - # include <openssl/engine.h> - #endif // !defined(OPENSSL_NO_ENGINE) -+#include <openssl/dh.h> - #include <openssl/err.h> -+#include <openssl/rsa.h> - #include <openssl/x509v3.h> - #include "asio/detail/socket_types.hpp" - -From 2cde22623ca0fd9571d8d57c5a8965082d815e1c Mon Sep 17 00:00:00 2001 -From: Christopher Kohlhoff <chris@kohlhoff.com> -Date: Tue, 13 Sep 2016 21:59:03 +1000 -Subject: [PATCH] Call SSL_COMP_free_compression_methods() on ssl cleanup. - -This call is needed for OpenSSL >=1.0.2 and <1.1.0. ---- - asio/include/asio/ssl/detail/impl/openssl_init.ipp | 5 +++++ - 1 file changed, 5 insertions(+) - -diff --git src/third_party/asio-asio-1-11-0/asio/include/asio/ssl/detail/impl/openssl_init.ipp src/third_party/asio-asio-1-11-0/asio/include/asio/ssl/detail/impl/openssl_init.ipp -index 4cc9859..392eff9 100644 ---- src/third_party/asio-asio-1-11-0/asio/include/asio/ssl/detail/impl/openssl_init.ipp -+++ src/third_party/asio-asio-1-11-0/asio/include/asio/ssl/detail/impl/openssl_init.ipp -@@ -78,6 +78,11 @@ public: - #elif (OPENSSL_VERSION_NUMBER < 0x10100000L) - ::ERR_remove_thread_state(NULL); - #endif // (OPENSSL_VERSION_NUMBER < 0x10000000L) -+#if (OPENSSL_VERSION_NUMBER >= 0x10002000L) \ -+ && (OPENSSL_VERSION_NUMBER < 0x10100000L) -+ ::SSL_COMP_free_compression_methods(); -+#endif // (OPENSSL_VERSION_NUMBER >= 0x10002000L) -+ // && (OPENSSL_VERSION_NUMBER < 0x10100000L) - #if !defined(OPENSSL_IS_BORINGSSL) - ::CONF_modules_unload(1); - #endif // !defined(OPENSSL_IS_BORINGSSL) -From dc2b5b9ac09326ba1e38a28b48170063ca2b1332 Mon Sep 17 00:00:00 2001 -From: Marcel Raad <MarcelRaad@users.noreply.github.com> -Date: Mon, 31 Oct 2016 10:32:19 +0100 -Subject: [PATCH] Fix compilation with OpenSSL 1.1 API - -With OPENSSL_API_COMPAT=0x10100000L, SSL_library_init, SSL_load_error_strings, and OpenSSL_add_all_algorithms are removed. -With OPENSSL_API_COMPAT=0x10000000L, these are function-style macros mapping to OPENSSL_init_ssl, which is called automatically anyway. - -References: -https://www.openssl.org/docs/man1.1.0/ssl/OPENSSL_init_ssl.html -https://www.openssl.org/docs/man1.1.0/crypto/OPENSSL_init_crypto.html ---- - asio/include/asio/ssl/detail/impl/openssl_init.ipp | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git src/third_party/asio-asio-1-11-0/asio/include/asio/ssl/detail/impl/openssl_init.ipp src/third_party/asio-asio-1-11-0/asio/include/asio/ssl/detail/impl/openssl_init.ipp -index 392eff9..5de0caa 100644 ---- src/third_party/asio-asio-1-11-0/asio/include/asio/ssl/detail/impl/openssl_init.ipp -+++ src/third_party/asio-asio-1-11-0/asio/include/asio/ssl/detail/impl/openssl_init.ipp -@@ -35,11 +35,11 @@ class openssl_init_base::do_init - public: - do_init() - { -+#if (OPENSSL_VERSION_NUMBER < 0x10100000L) - ::SSL_library_init(); - ::SSL_load_error_strings(); - ::OpenSSL_add_all_algorithms(); - --#if (OPENSSL_VERSION_NUMBER < 0x10100000L) - mutexes_.resize(::CRYPTO_num_locks()); - for (size_t i = 0; i < mutexes_.size(); ++i) - mutexes_[i].reset(new asio::detail::mutex); |