From ab7b4b9d6404755e85f6193e0fbb8fe000c96e35 Mon Sep 17 00:00:00 2001
From: Michal Rokos <m.rokos@sh.cvut.cz>
Date: Mon, 21 Jul 2003 11:23:10 +0000
Subject: OpenSSL 0.9.6 compatibility II

---
 ChangeLog         |  3 +++
 extconf.rb        |  8 +++++++
 openssl_missing.c | 64 +++++++++++++++++++++++++++++++++++++++++++++++++++++++
 openssl_missing.h | 23 ++++++++++++++++++++
 ossl.h            |  6 ------
 ossl_bn.c         |  6 +-----
 ossl_config.c     | 10 +--------
 ossl_x509.c       |  6 ------
 8 files changed, 100 insertions(+), 26 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index 41f350a..b62cc07 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,6 @@
+Mon, 21 Jul 2003 13:23:30 +0200 -- Michal Rokos <m.rokos@sh.cvut.cz>
+	* further OpenSSL 0.9.6 compatibility
+
 Mon, 21 Jul 2003 12:33:14 +0200 -- Michal Rokos <m.rokos@sh.cvut.cz>
 	* Added OpenSSL 0.9.6 compatibility
 
diff --git a/extconf.rb b/extconf.rb
index 1343539..0bd9ccd 100644
--- a/extconf.rb
+++ b/extconf.rb
@@ -144,6 +144,14 @@ have_struct_member("X509_STORE", "purpose", "openssl/x509.h")
 have_struct_member("X509_STORE", "trust", "openssl/x509.h")
 have_struct_member("EVP_CIPHER_CTX", "flags", "openssl/evp.h")
 have_func("BN_mod_sqr")
+have_func("BN_mod_add")
+have_func("BN_mod_sub")
+have_func("CONF_get1_default_config_file")
+have_defined("X509_V_FLAG_CRL_CHECK", "openssl/x509_vfy.h")
+have_defined("X509_V_FLAG_CRL_CHECK_ALL", "openssl/x509_vfy.h")
+have_defined("X509_PURPOSE_OCSP_HELPER", "openssl/x509v3.h")
+have_defined("X509_TRUST_OCSP_SIGN", "openssl/x509.h")
+have_defined("X509_TRUST_OCSP_REQUEST", "openssl/x509.h")
 
 message "=== Checking for Ruby features... ===\n"
 have_func("rb_obj_init_copy", "ruby.h")
diff --git a/openssl_missing.c b/openssl_missing.c
index 2ff719e..a23e070 100644
--- a/openssl_missing.c
+++ b/openssl_missing.c
@@ -177,3 +177,67 @@ int BN_mod_sqr(BIGNUM *r, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx)
     }
 #endif
 
+#if !defined(HAVE_BN_MOD_ADD) || !defined(HAVE_BN_MOD_SUB)
+int BN_nnmod(BIGNUM *r, const BIGNUM *m, const BIGNUM *d, BN_CTX *ctx)
+    {
+    /* like BN_mod, but returns non-negative remainder
+     * (i.e.,  0 <= r < |d|  always holds) */
+
+    if (!(BN_mod(r,m,d,ctx)))
+	return 0;
+    if (!r->neg)
+	return 1;
+    /* now   -|d| < r < 0,  so we have to set  r := r + |d| */
+    return (d->neg ? BN_sub : BN_add)(r, r, d);
+    }
+#endif
+
+#if !defined(HAVE_BN_MOD_ADD)
+int BN_mod_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m, BN_CTX *ctx)
+    {
+    if (!BN_add(r, a, b)) return 0;
+    return BN_nnmod(r, r, m, ctx);
+    }
+#endif
+
+#if !defined(HAVE_BN_MOD_SUB)
+int BN_mod_sub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m, BN_CTX *ctx)
+    {
+    if (!BN_sub(r, a, b)) return 0;
+    return BN_nnmod(r, r, m, ctx);
+    }
+#endif
+
+#if !defined(HAVE_CONF_GET1_DEFAULT_CONFIG_FILE)
+
+#define OPENSSL_CONF "openssl.cnf"
+
+char *CONF_get1_default_config_file(void)
+    {
+    char *file;
+    int len;
+
+    file = getenv("OPENSSL_CONF");
+    if (file)
+	return BUF_strdup(file);
+
+    len = strlen(X509_get_default_cert_area());
+#ifndef OPENSSL_SYS_VMS
+    len++;
+#endif
+    len += strlen(OPENSSL_CONF);
+
+    file = OPENSSL_malloc(len + 1);
+
+    if (!file)
+	return NULL;
+    strcpy(file,X509_get_default_cert_area());
+#ifndef OPENSSL_SYS_VMS
+    strcat(file,"/");
+#endif
+    strcat(file,OPENSSL_CONF);
+
+    return file;
+}
+#endif
+
diff --git a/openssl_missing.h b/openssl_missing.h
index 5872982..a45d779 100644
--- a/openssl_missing.h
+++ b/openssl_missing.h
@@ -88,6 +88,29 @@ int X509_CRL_set_issuer_name(X509_CRL *x, X509_NAME *name);
 int X509_CRL_sort(X509_CRL *c);
 int X509_CRL_add0_revoked(X509_CRL *crl, X509_REVOKED *rev);
 int BN_mod_sqr(BIGNUM *r, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx);
+int BN_mod_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m, BN_CTX *ctx);
+int BN_mod_sub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m, BN_CTX *ctx);
+char *CONF_get1_default_config_file(void);
+
+#if !defined(HAVE_X509_V_FLAG_CRL_CHECK)
+#  define X509_V_FLAG_CRL_CHECK 0x4
+#endif
+
+#if !defined(HAVE_X509_V_FLAG_CRL_CHECK_ALL)
+#  define X509_V_FLAG_CRL_CHECK_ALL 0x8
+#endif
+
+#if !defined(HAVE_X509_PURPOSE_OCSP_HELPER)
+#  define X509_PURPOSE_OCSP_HELPER 8
+#endif
+
+#if !defined(HAVE_X509_TRUST_OCSP_SIGN)
+#  define X509_TRUST_OCSP_SIGN 6
+#endif
+
+#if !defined(TRUST_X509_OCSP_REQUEST)
+#  define X509_TRUST_OCSP_REQUEST 7
+#endif
 
 #if defined(__cplusplus)
 }
diff --git a/ossl.h b/ossl.h
index 456ff91..7aa92d4 100644
--- a/ossl.h
+++ b/ossl.h
@@ -24,12 +24,6 @@ extern "C" {
 #include <version.h>
 #include <openssl/opensslv.h>
 
-/*
-#if (OPENSSL_VERSION_NUMBER < 0x00907000L)
-#  error ! This version of OSSL needs OpenSSL >= 0.9.7 for its run!
-#endif
- */
-
 #if defined(NT) || defined(_WIN32)
 #  define OpenFile WINAPI_OpenFile
 #endif
diff --git a/ossl_bn.c b/ossl_bn.c
index 8566cf1..92b43bd 100644
--- a/ossl_bn.c
+++ b/ossl_bn.c
@@ -372,10 +372,8 @@ ossl_bn_div(VALUE self, VALUE other)
 	WrapBN(CLASS_OF(self), obj, result);			\
 	return obj;						\
     }
-#if (OPENSSL_VERSION_NUMBER >= 0x00907000L)
 BIGNUM_3c(mod_add);
 BIGNUM_3c(mod_sub);
-#endif
 BIGNUM_3c(mod_mul);
 BIGNUM_3c(mod_exp);
 
@@ -649,12 +647,10 @@ Init_ossl_bn()
     rb_define_method(cBN, "%", ossl_bn_mod, 1);
     /* nnmod */
 
-#if (OPENSSL_VERSION_NUMBER >= 0x00907000L)
     rb_define_method(cBN, "mod_add", ossl_bn_mod_add, 2);
     rb_define_method(cBN, "mod_sub", ossl_bn_mod_sub, 2);
-#endif
-    rb_define_method(cBN, "mod_sqr", ossl_bn_mod_sqr, 1);
     rb_define_method(cBN, "mod_mul", ossl_bn_mod_mul, 2);
+    rb_define_method(cBN, "mod_sqr", ossl_bn_mod_sqr, 1);
     rb_define_method(cBN, "**", ossl_bn_exp, 1);
     rb_define_method(cBN, "mod_exp", ossl_bn_mod_exp, 2);
     rb_define_method(cBN, "gcd", ossl_bn_gcd, 1);
diff --git a/ossl_config.c b/ossl_config.c
index 08bfb8e..5109d3d 100644
--- a/ossl_config.c
+++ b/ossl_config.c
@@ -45,23 +45,15 @@ ossl_config_s_load(int argc, VALUE *argv, VALUE klass)
     char *filename;
     VALUE path, obj;
 
-    if (rb_scan_args(argc, argv, 
-#if (OPENSSL_VERSION_NUMBER >= 0x00907000L)
-		"01"
-#else
-		"10"
-#endif
-		, &path) == 1) {
+    if (rb_scan_args(argc, argv, "01", &path) == 1) {
 	SafeStringValue(path);
 	filename = RSTRING(path)->ptr;
     }
-#if (OPENSSL_VERSION_NUMBER >= 0x00907000L)
     else {
 	if (!(filename = CONF_get1_default_config_file())) {
 	    ossl_raise(eConfigError, NULL);
 	}
     }
-#endif
 /*
  * FIXME
  * Does't work for Windows?
diff --git a/ossl_x509.c b/ossl_x509.c
index 0363086..5de2b6b 100644
--- a/ossl_x509.c
+++ b/ossl_x509.c
@@ -62,10 +62,8 @@ Init_ossl_x509()
     DefX509Const(V_ERR_KEYUSAGE_NO_CERTSIGN);
     DefX509Const(V_ERR_APPLICATION_VERIFICATION);
 
-#if (OPENSSL_VERSION_NUMBER >= 0x00907000L)
     DefX509Const(V_FLAG_CRL_CHECK);
     DefX509Const(V_FLAG_CRL_CHECK_ALL);
-#endif
 
     DefX509Const(PURPOSE_SSL_CLIENT);
     DefX509Const(PURPOSE_SSL_SERVER);
@@ -74,17 +72,13 @@ Init_ossl_x509()
     DefX509Const(PURPOSE_SMIME_ENCRYPT);
     DefX509Const(PURPOSE_CRL_SIGN);
     DefX509Const(PURPOSE_ANY);
-#if (OPENSSL_VERSION_NUMBER >= 0x00907000L)
     DefX509Const(PURPOSE_OCSP_HELPER);
-#endif
 
     DefX509Const(TRUST_COMPAT);
     DefX509Const(TRUST_SSL_CLIENT);
     DefX509Const(TRUST_SSL_SERVER);
     DefX509Const(TRUST_EMAIL);
     DefX509Const(TRUST_OBJECT_SIGN);
-#if (OPENSSL_VERSION_NUMBER >= 0x00907000L)
     DefX509Const(TRUST_OCSP_SIGN);
     DefX509Const(TRUST_OCSP_REQUEST);
-#endif
 }
-- 
cgit v1.2.3