File 31c355f.patch of Package openwsman.11151

Overview Repositories Revisions Requests Users Attributes Meta

File 31c355f.patch of Package openwsman.11151

From 31c355f512ea7a929d054cc38343b6f52fe15e73 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Klaus=20K=C3=A4mpf?= <kkaempf@suse.de>
Date: Mon, 19 Nov 2018 15:31:27 +0100
Subject: [PATCH] openSSL 1.1.0 API fixes

---
 src/server/shttpd/io_ssl.c |  5 +++++
 src/server/shttpd/shttpd.c | 11 ++++++++++-
 src/server/shttpd/ssl.h    |  3 +++
 3 files changed, 18 insertions(+), 1 deletion(-)

diff --git a/src/server/shttpd/io_ssl.c b/src/server/shttpd/io_ssl.c
index 6de0db2a..ece610ef 100644
--- a/src/server/shttpd/io_ssl.c
+++ b/src/server/shttpd/io_ssl.c
@@ -21,8 +21,13 @@ struct ssl_func	ssl_sw[] = {
 	{"SSL_set_fd",			{0}},
 	{"SSL_new",			{0}},
 	{"SSL_CTX_new",			{0}},
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
 	{"SSLv23_server_method",	{0}},
 	{"SSL_library_init",		{0}},
+#else
+	{"TLS_server_method",	{0}},
+	{"OPENSSL_init_ssl",		{0}},
+#endif
 	{"SSL_CTX_use_PrivateKey_file",	{0}},
 	{"SSL_CTX_use_certificate_file",{0}},
 	{NULL,				{0}}
diff --git a/src/server/shttpd/shttpd.c b/src/server/shttpd/shttpd.c
index f0f3fbd8..652aea17 100644
--- a/src/server/shttpd/shttpd.c
+++ b/src/server/shttpd/shttpd.c
@@ -1489,9 +1489,14 @@ set_ssl(struct shttpd_ctx *ctx, const char *pem)
 		}
 
 	/* Initialize SSL crap */
-	SSL_library_init();
 
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
+	SSL_library_init();
 	if ((CTX = SSL_CTX_new(SSLv23_server_method())) == NULL)
+#else
+        OPENSSL_init_ssl();
+	if ((CTX = SSL_CTX_new(TLS_server_method())) == NULL)
+#endif
 		_shttpd_elog(E_LOG, NULL, "SSL_CTX_new error");
 	else if (SSL_CTX_use_certificate_file(CTX, wsmand_options_get_ssl_cert_file(), SSL_FILETYPE_PEM) != 1)
 		_shttpd_elog(E_LOG, NULL, "cannot open certificate file %s", pem);
@@ -1552,6 +1557,10 @@ set_ssl(struct shttpd_ctx *ctx, const char *pem)
           if (rc != 1) {
             _shttpd_elog(E_LOG, NULL, "Failed to set SSL cipher list \"%s\"", ssl_cipher_list);
           }
+          else if ((*ssl_cipher_list == 0) || (*ssl_cipher_list == ' ')) {
+            _shttpd_elog(E_LOG, NULL, "Empty 'ssl_cipher_list' defaults to 'TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256'.");
+            _shttpd_elog(E_LOG, NULL, "Check openSSL documentation.");
+          }
         }
 	ctx->ssl_ctx = CTX;
 
diff --git a/src/server/shttpd/ssl.h b/src/server/shttpd/ssl.h
index 2304b70a..89a73c49 100644
--- a/src/server/shttpd/ssl.h
+++ b/src/server/shttpd/ssl.h
@@ -56,6 +56,9 @@ extern struct ssl_func	ssl_sw[];
 #if OPENSSL_VERSION_NUMBER < 0x10100000L
 #define	SSLv23_server_method()	(* (SSL_METHOD * (*)(void)) FUNC(9))()
 #define	SSL_library_init() (* (int (*)(void)) FUNC(10))()
+#else
+#define	TLS_server_method()	(* (SSL_METHOD * (*)(void)) FUNC(9))()
+#define	OPENSSL_init_ssl() (* (int (*)(void)) FUNC(10))()
 #endif
 #define	SSL_CTX_use_PrivateKey_file(x,y,z)	(* (int (*)(SSL_CTX *, \
 		const char *, int)) FUNC(11))((x), (y), (z))

Places

File 31c355f.patch of Package openwsman.11151

Places