* modules/ssl/ssl_private.h: Define X509_up_ref and EVP_PKEY_up_ref

for OpenSSL < 1.1. * modules/ssl/ssl_engine_kernel.c (modssl_set_cert_info): * modules/ssl/ssl_util_stapling.c (stapling_get_issuer): Use the above macros for all OpenSSL versions. Github: closes #104 git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1875702 13f79535-47bb-0310-9956-ffa450edef68
author: Joe Orton <jorton@apache.org> 2020-03-26 12:03:54 +0100
committer: Joe Orton <jorton@apache.org> 2020-03-26 12:03:54 +0100
commit: 11d565c3ce89c4a1b0fc9b7c09c9f6b71b8e4fd4 (patch)
tree: 561d2be218bbf6f2873368ac042317dea9bebd3b
parent: Drop -v from arm64 test runs and add to allowed failures, it is still (diff)
download: apache2-11d565c3ce89c4a1b0fc9b7c09c9f6b71b8e4fd4.tar.xz
apache2-11d565c3ce89c4a1b0fc9b7c09c9f6b71b8e4fd4.zip
3 files changed, 2 insertions, 12 deletions
diff --git a/modules/ssl/ssl_engine_kernel.c b/modules/ssl/ssl_engine_kernel.c
index 14f9688fb2..ecff76266a 100644
--- a/modules/ssl/ssl_engine_kernel.c
+++ b/modules/ssl/ssl_engine_kernel.c
@@ -1950,19 +1950,11 @@ static void modssl_proxy_info_log(conn_rec *c,
  * so we need to increment here to prevent them from
  * being freed.
  */
-#if MODSSL_USE_OPENSSL_PRE_1_1_API
-#define modssl_set_cert_info(info, cert, pkey) \
-    *cert = info->x509; \
-    CRYPTO_add(&(*cert)->references, +1, CRYPTO_LOCK_X509); \
-    *pkey = info->x_pkey->dec_pkey; \
-    CRYPTO_add(&(*pkey)->references, +1, CRYPTO_LOCK_X509_PKEY)
-#else
 #define modssl_set_cert_info(info, cert, pkey) \
     *cert = info->x509; \
     X509_up_ref(*cert); \
     *pkey = info->x_pkey->dec_pkey; \
     EVP_PKEY_up_ref(*pkey);
-#endif
 
 int ssl_callback_proxy_cert(SSL *ssl, X509 **x509, EVP_PKEY **pkey)
 {
diff --git a/modules/ssl/ssl_private.h b/modules/ssl/ssl_private.h
index 4148647ac3..12d79208b1 100644
--- a/modules/ssl/ssl_private.h
+++ b/modules/ssl/ssl_private.h
@@ -237,6 +237,8 @@
 #define BIO_get_shutdown(x)        (x->shutdown)
 #define BIO_set_shutdown(x,v)      (x->shutdown=v)
 #define DH_bits(x)                 (BN_num_bits(x->p))
+#define X509_up_ref(x)             (CRYPTO_add(&(x)->references, +1, CRYPTO_LOCK_X509))
+#define EVP_PKEY_up_ref(pk)        (CRYPTO_add(&(pk)->references, +1, CRYPTO_LOCK_X509_PKEY))
 #else
 void init_bio_methods(void);
 void free_bio_methods(void);
diff --git a/modules/ssl/ssl_util_stapling.c b/modules/ssl/ssl_util_stapling.c
index 7f15eeecef..46a3971bac 100644
--- a/modules/ssl/ssl_util_stapling.c
+++ b/modules/ssl/ssl_util_stapling.c
@@ -107,11 +107,7 @@ static X509 *stapling_get_issuer(modssl_ctx_t *mctx, X509 *x)
     for (i = 0; i < sk_X509_num(extra_certs); i++) {
         issuer = sk_X509_value(extra_certs, i);
         if (X509_check_issued(issuer, x) == X509_V_OK) {
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
-            CRYPTO_add(&issuer->references, 1, CRYPTO_LOCK_X509);
-#else
             X509_up_ref(issuer);
-#endif
             return issuer;
         }
     }
author	Joe Orton <jorton@apache.org>	2020-03-26 12:03:54 +0100
committer	Joe Orton <jorton@apache.org>	2020-03-26 12:03:54 +0100
commit	11d565c3ce89c4a1b0fc9b7c09c9f6b71b8e4fd4 (patch)
tree	561d2be218bbf6f2873368ac042317dea9bebd3b
parent	Drop -v from arm64 test runs and add to allowed failures, it is still (diff)
download	apache2-11d565c3ce89c4a1b0fc9b7c09c9f6b71b8e4fd4.tar.xz apache2-11d565c3ce89c4a1b0fc9b7c09c9f6b71b8e4fd4.zip