diff options
| author | Doug MacEachern <dougm@apache.org> | 2002-01-10 05:55:19 +0100 |
|---|---|---|
| committer | Doug MacEachern <dougm@apache.org> | 2002-01-10 05:55:19 +0100 |
| commit | c53456b4c121f8727c7fc6fc5dbce623db7adb84 (patch) | |
| tree | 27e4c554601f9336b34710c693063de9eca298ae /modules/ssl/ssl_engine_init.c | |
| parent | wrowe's veto'd this. (diff) | |
| download | apache2-c53456b4c121f8727c7fc6fc5dbce623db7adb84.tar.xz apache2-c53456b4c121f8727c7fc6fc5dbce623db7adb84.zip | |
mod_ssl adjustments to help with using toolkits other than OpenSSL:
Use SSL functions/macros instead of directly dereferencing SSL
structures wherever possible.
Add type-casts for the cases where functions return a generic pointer.
Add $SSL/include to configure search path.
PR:
Obtained from:
Submitted by: Madhusudan Mathihalli <madhusudan_mathihalli@hp.com>
Reviewed by: dougm
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@92800 13f79535-47bb-0310-9956-ffa450edef68
Diffstat (limited to 'modules/ssl/ssl_engine_init.c')
| -rw-r--r-- | modules/ssl/ssl_engine_init.c | 10 |
1 files changed, 5 insertions, 5 deletions
diff --git a/modules/ssl/ssl_engine_init.c b/modules/ssl/ssl_engine_init.c index 26fb44db57..7d4e4e197d 100644 --- a/modules/ssl/ssl_engine_init.c +++ b/modules/ssl/ssl_engine_init.c @@ -604,7 +604,7 @@ void ssl_init_ConfigureServer(server_rec *s, apr_pool_t *p, SSLSrvConfigRec *sc) "CA certificates for client authentication", cpVHostID); ssl_die(); } - SSL_CTX_set_client_CA_list(sc->pSSLCtx, skCAList); + SSL_CTX_set_client_CA_list(sc->pSSLCtx, (STACK *)skCAList); } /* @@ -628,7 +628,7 @@ void ssl_init_ConfigureServer(server_rec *s, apr_pool_t *p, SSLSrvConfigRec *sc) * should take place. This cannot work. */ if (sc->nVerifyClient == SSL_CVERIFY_REQUIRE) { - skCAList = SSL_CTX_get_client_CA_list(ctx); + skCAList = (STACK_OF(X509_NAME) *)SSL_CTX_get_client_CA_list(ctx); if (sk_X509_NAME_num(skCAList) == 0) ssl_log(s, SSL_LOG_WARN, "Init: Ops, you want to request client authentication, " @@ -785,7 +785,7 @@ void ssl_init_ConfigureServer(server_rec *s, apr_pool_t *p, SSLSrvConfigRec *sc) && sc->pPrivateKey[SSL_AIDX_DSA] != NULL) { pKey = X509_get_pubkey(sc->pPublicCert[SSL_AIDX_DSA]); if ( pKey != NULL - && EVP_PKEY_type(pKey->type) == EVP_PKEY_DSA + && EVP_PKEY_key_type(pKey) == EVP_PKEY_DSA && EVP_PKEY_missing_parameters(pKey)) EVP_PKEY_copy_parameters(pKey, sc->pPrivateKey[SSL_AIDX_DSA]); } @@ -924,7 +924,7 @@ STACK_OF(X509_NAME) *ssl_init_FindCAList(server_rec *s, apr_pool_t *pp, const ch * Process CA certificate bundle file */ if (cpCAfile != NULL) { - sk = SSL_load_client_CA_file(cpCAfile); + sk = (STACK_OF(X509_NAME) *)SSL_load_client_CA_file(cpCAfile); for(n = 0; sk != NULL && n < sk_X509_NAME_num(sk); n++) { ssl_log(s, SSL_LOG_TRACE, "CA certificate: %s", @@ -941,7 +941,7 @@ STACK_OF(X509_NAME) *ssl_init_FindCAList(server_rec *s, apr_pool_t *pp, const ch apr_dir_open(&dir, cpCApath, p); while ((apr_dir_read(&direntry, APR_FINFO_DIRENT, dir)) != APR_SUCCESS) { cp = apr_pstrcat(p, cpCApath, "/", direntry.name, NULL); - sk = SSL_load_client_CA_file(cp); + sk = (STACK_OF(X509_NAME) *)SSL_load_client_CA_file(cp); for(n = 0; sk != NULL && n < sk_X509_NAME_num(sk); n++) { ssl_log(s, SSL_LOG_TRACE, "CA certificate: %s", |