diff options
author | Kazuki Yamaguchi <k@rhe.jp> | 2016-04-24 02:10:42 +0900 |
---|---|---|
committer | Kazuki Yamaguchi <k@rhe.jp> | 2016-04-27 23:07:42 +0900 |
commit | aee4e753b50fda71c5ea5672ac845060f5e6aa09 (patch) | |
tree | 835c17d61d647bbbbef51e04277eaa424fa34d6e | |
parent | 7e17fed37fb0da9e610156efe2b51ea182a21aa5 (diff) | |
download | ruby-aee4e753b50fda71c5ea5672ac845060f5e6aa09.tar.gz |
ext/openssl: use SSL_is_server() to check if the SSL is server or not
The state returned by SSL_get_state() doesn't become SSL_ST_ACCEPT
anymore in OpenSSL 1.1.0.
-rw-r--r-- | ext/openssl/extconf.rb | 1 | ||||
-rw-r--r-- | ext/openssl/openssl_missing.h | 4 | ||||
-rw-r--r-- | ext/openssl/ossl_ssl.c | 5 |
3 files changed, 7 insertions, 3 deletions
diff --git a/ext/openssl/extconf.rb b/ext/openssl/extconf.rb index 7758694b4b..9dbb4d4b03 100644 --- a/ext/openssl/extconf.rb +++ b/ext/openssl/extconf.rb @@ -104,6 +104,7 @@ have_func("CRYPTO_memcmp") have_func("EC_curve_nist2nid") have_func("X509_REVOKED_dup") have_func("X509_STORE_CTX_get0_store") +have_func("SSL_is_server"); have_func("SSL_CTX_set_alpn_select_cb") have_func_like("SSL_CTX_set1_curves_list", "openssl/ssl.h") have_func_like("SSL_CTX_set_ecdh_auto", "openssl/ssl.h") diff --git a/ext/openssl/openssl_missing.h b/ext/openssl/openssl_missing.h index 55f3adacb4..a23f7d87ea 100644 --- a/ext/openssl/openssl_missing.h +++ b/ext/openssl/openssl_missing.h @@ -70,6 +70,10 @@ int EC_curve_nist2nid(const char *str); # define X509_STORE_CTX_get0_store(x) ((x)->ctx) #endif +#if !defined(HAVE_SSL_IS_SERVER) +# define SSL_is_server(s) ((s)->server) +#endif + /*** added in 1.1.0 ***/ #if !defined(HAVE_BN_GENCB_NEW) # define BN_GENCB_new() ((BN_GENCB *)OPENSSL_malloc(sizeof(BN_GENCB))) diff --git a/ext/openssl/ossl_ssl.c b/ext/openssl/ossl_ssl.c index 4f215376c9..cfde8d7281 100644 --- a/ext/openssl/ossl_ssl.c +++ b/ext/openssl/ossl_ssl.c @@ -654,10 +654,9 @@ ssl_alpn_select_cb(SSL *ssl, const unsigned char **out, unsigned char *outlen, c static void ssl_info_cb(const SSL *ssl, int where, int val) { - int state = SSL_get_state(ssl); + int is_server = SSL_is_server((SSL *)ssl); - if ((where & SSL_CB_HANDSHAKE_START) && - (state & SSL_ST_ACCEPT)) { + if (is_server && (where & SSL_CB_HANDSHAKE_START)) { ssl_renegotiation_cb(ssl); } } |