Updated Branches: refs/heads/master 738ccb605 -> 75c6dd83c
TS-462: Conditional build support for missing openssl/ts.h Project: http://git-wip-us.apache.org/repos/asf/trafficserver/repo Commit: http://git-wip-us.apache.org/repos/asf/trafficserver/commit/75c6dd83 Tree: http://git-wip-us.apache.org/repos/asf/trafficserver/tree/75c6dd83 Diff: http://git-wip-us.apache.org/repos/asf/trafficserver/diff/75c6dd83 Branch: refs/heads/master Commit: 75c6dd83c22cfdb04090db123a61c3e32d00b787 Parents: 738ccb6 Author: James Peach <[email protected]> Authored: Tue Mar 13 20:54:10 2012 -0700 Committer: James Peach <[email protected]> Committed: Tue Mar 13 20:54:10 2012 -0700 ---------------------------------------------------------------------- build/crypto.m4 | 2 +- iocore/net/SSLCertLookup.cc | 9 +++++++-- 2 files changed, 8 insertions(+), 3 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/trafficserver/blob/75c6dd83/build/crypto.m4 ---------------------------------------------------------------------- diff --git a/build/crypto.m4 b/build/crypto.m4 index 3cee32f..7602d5b 100644 --- a/build/crypto.m4 +++ b/build/crypto.m4 @@ -130,7 +130,7 @@ AC_DEFUN([TS_CHECK_CRYPTO_SNI], [ enable_tls_sni=yes TS_ADDTO(LIBS, [$LIBSSL]) - AC_CHECK_HEADERS(openssl/tls1.h openssl/ssl.h) + AC_CHECK_HEADERS(openssl/tls1.h openssl/ssl.h openssl/ts.h) # We are looking for SSL_CTX_set_tlsext_servername_callback, but it's a # macro, so AC_CHECK_FUNCS is not going to do the business. AC_MSG_CHECKING([for SSL_CTX_set_tlsext_servername_callback]) http://git-wip-us.apache.org/repos/asf/trafficserver/blob/75c6dd83/iocore/net/SSLCertLookup.cc ---------------------------------------------------------------------- diff --git a/iocore/net/SSLCertLookup.cc b/iocore/net/SSLCertLookup.cc index 42f6681..5d4a3ff 100644 --- a/iocore/net/SSLCertLookup.cc +++ b/iocore/net/SSLCertLookup.cc @@ -31,7 +31,10 @@ #include <openssl/pem.h> #include <openssl/x509.h> #include <openssl/asn1.h> + +#if HAVE_OPENSSL_TS_H #include <openssl/ts.h> +#endif #if (OPENSSL_VERSION_NUMBER >= 0x10000000L) // openssl returns a const SSL_METHOD typedef const SSL_METHOD * ink_ssl_method_t; @@ -326,7 +329,6 @@ asn1_strdup(ASN1_STRING * s) static void insert_ssl_certificate(InkHashTable * htable, SSL_CTX * ctx, const char * certfile) { - GENERAL_NAMES * names = NULL; X509_NAME * subject = NULL; ats_file_bio bio(certfile, "r"); @@ -352,8 +354,9 @@ insert_ssl_certificate(InkHashTable * htable, SSL_CTX * ctx, const char * certfi } } +#if HAVE_OPENSSL_TS_H // Traverse the subjectAltNames (if any) and insert additional keys for the SSL context. - names = (GENERAL_NAMES *)X509_get_ext_d2i(certificate.x509, NID_subject_alt_name, NULL, NULL); + GENERAL_NAMES * names = (GENERAL_NAMES *)X509_get_ext_d2i(certificate.x509, NID_subject_alt_name, NULL, NULL); if (names) { unsigned count = sk_GENERAL_NAME_num(names); for (unsigned i = 0; i < count; ++i) { @@ -373,4 +376,6 @@ insert_ssl_certificate(InkHashTable * htable, SSL_CTX * ctx, const char * certfi GENERAL_NAMES_free(names); } +#endif // HAVE_OPENSSL_TS_H + }
