Attachment #459242 for bug #605026

Lines 1006-1011 else Link Here

(-)a/configure.in (+5 lines)
1006	if test "$cf_result" != yes; then	1006	if test "$cf_result" != yes; then
1007	AC_LINK_IFELSE([AC_LANG_PROGRAM([[#include <openssl/ssl.h>]], [[SSLeay_add_ssl_algorithms()]])],[cf_result=yes],[cf_result=no])	1007	AC_LINK_IFELSE([AC_LANG_PROGRAM([[#include <openssl/ssl.h>]], [[SSLeay_add_ssl_algorithms()]])],[cf_result=yes],[cf_result=no])
1008	fi	1008	fi
		1009	if test "$cf_result" != yes; then
		1010	AC_LINK_IFELSE([AC_LANG_PROGRAM([[#include <openssl/crypto.h>]], [[OpenSSL_version_num()]])],[cf_result=yes],[cf_result=no])
		1011	fi
1009	fi	1012	fi
1010	done	1013	done
1011		1014
Lines 1020-1025 else Link Here
1020		1023
1021	CFLAGS="$CFLAGS_X"	1024	CFLAGS="$CFLAGS_X"
1022	AC_SUBST(OPENSSL_CFLAGS)	1025	AC_SUBST(OPENSSL_CFLAGS)
		1026
		1027	AC_CHECK_FUNCS([SSL_set_options] [SSL_get_SSL_CTX])
1023	fi	1028	fi
1024	fi	1029	fi
1025		1030

Lines 67-73 static void Link Here

(-)a/src/network/ssl/socket.c (+8 lines)
67	ssl_set_no_tls(struct socket *socket)	67	ssl_set_no_tls(struct socket *socket)
68	{	68	{
69	#ifdef CONFIG_OPENSSL	69	#ifdef CONFIG_OPENSSL
		70	#ifdef HAVE_SSL_SET_OPTIONS
		71	SSL_set_options((ssl_t *) socket->ssl, SSL_OP_NO_TLSv1);
		72	#else
70	((ssl_t *) socket->ssl)->options \|= SSL_OP_NO_TLSv1;	73	((ssl_t *) socket->ssl)->options \|= SSL_OP_NO_TLSv1;
		74	#endif /* HAVE_SSL_SET_OPTIONS */
71	#elif defined(CONFIG_GNUTLS)	75	#elif defined(CONFIG_GNUTLS)
72	{	76	{
73	/* GnuTLS does not support SSLv2 because it is "insecure".	77	/* GnuTLS does not support SSLv2 because it is "insecure".
Lines 145-151 ssl_connect(struct socket *socket) Link Here
145	}	149	}
146		150
147	if (client_cert) {	151	if (client_cert) {
		152	#ifdef HAVE_SSL_GET_SSL_CTX
		153	SSL_CTX *ctx = SSL_get_SSL_CTX(socket->ssl);
		154	#else
148	SSL_CTX ctx = ((SSL ) socket->ssl)->ctx;	155	SSL_CTX ctx = ((SSL ) socket->ssl)->ctx;
		156	#endif /* HAVE_SSL_GET_SSL_CTX */
149		157
150	SSL_CTX_use_certificate_chain_file(ctx, client_cert);	158	SSL_CTX_use_certificate_chain_file(ctx, client_cert);
151	SSL_CTX_use_PrivateKey_file(ctx, client_cert,	159	SSL_CTX_use_PrivateKey_file(ctx, client_cert,




#ifdef CONFIG_OPENSSL
#include <openssl/ssl.h>
#include <openssl/rand.h>
#include <openssl/opensslv.h>
#elif defined(CONFIG_GNUTLS)
#include <gnutls/gnutls.h>
#include <gnutls/x509.h>

	}
#endif

#if OPENSSL_VERSION_NUMBER < 0x10100000L
	SSLeay_add_ssl_algorithms();
#endif
	context = SSL_CTX_new(SSLv23_client_method());
	SSL_CTX_set_options(context, SSL_OP_ALL);
	SSL_CTX_set_default_verify_paths(context);
- 

Return to bug 605026

Lines 7-12 Link Here

(-)a/src/network/ssl/ssl.c (-1 / +3 lines)
7	#ifdef CONFIG_OPENSSL	7	#ifdef CONFIG_OPENSSL
8	#include <openssl/ssl.h>	8	#include <openssl/ssl.h>
9	#include <openssl/rand.h>	9	#include <openssl/rand.h>
		10	#include <openssl/opensslv.h>
10	#elif defined(CONFIG_GNUTLS)	11	#elif defined(CONFIG_GNUTLS)
11	#include <gnutls/gnutls.h>	12	#include <gnutls/gnutls.h>
12	#include <gnutls/x509.h>	13	#include <gnutls/x509.h>
Lines 61-67 init_openssl(struct module *module) Link Here
61	}	62	}
62	#endif	63	#endif
63		64
		65	#if OPENSSL_VERSION_NUMBER < 0x10100000L
64	SSLeay_add_ssl_algorithms();	66	SSLeay_add_ssl_algorithms();
		67	#endif
65	context = SSL_CTX_new(SSLv23_client_method());	68	context = SSL_CTX_new(SSLv23_client_method());
66	SSL_CTX_set_options(context, SSL_OP_ALL);	69	SSL_CTX_set_options(context, SSL_OP_ALL);
67	SSL_CTX_set_default_verify_paths(context);	70	SSL_CTX_set_default_verify_paths(context);
68	-