diff options
author | Kazuki Yamaguchi <k@rhe.jp> | 2016-05-04 23:00:33 +0900 |
---|---|---|
committer | Kazuki Yamaguchi <k@rhe.jp> | 2016-05-05 18:43:53 +0900 |
commit | 59292c48350fe56f5ea9c995d94f76617f0b6d15 (patch) | |
tree | d70e5343283a5750dd6c1da61cd14f902f56951d | |
parent | d37bbbcdfbbba46b7fe0af6a0630d1e05d21375b (diff) | |
download | ruby-59292c48350fe56f5ea9c995d94f76617f0b6d15.tar.gz |
ext/openssl: SSL_SESSION is made opaque
-rw-r--r-- | ext/openssl/extconf.rb | 1 | ||||
-rw-r--r-- | ext/openssl/ossl_ssl_session.c | 17 |
2 files changed, 14 insertions, 4 deletions
diff --git a/ext/openssl/extconf.rb b/ext/openssl/extconf.rb index 40cadb5795..e192a80f0c 100644 --- a/ext/openssl/extconf.rb +++ b/ext/openssl/extconf.rb @@ -103,6 +103,7 @@ OpenSSL.check_func_or_macro("SSL_get_server_tmp_key", "openssl/ssl.h") # added in 1.1.0 have_func("CRYPTO_lock") || $defs.push("-DHAVE_OPENSSL_110_THREADING_API") +have_struct_member("SSL", "ctx", "openssl/ssl.h") || $defs.push("-DHAVE_OPAQUE_OPENSSL") have_func("BN_GENCB_new") have_func("BN_GENCB_free") have_func("BN_GENCB_get_arg") diff --git a/ext/openssl/ossl_ssl_session.c b/ext/openssl/ossl_ssl_session.c index e227e13c13..59087b4fad 100644 --- a/ext/openssl/ossl_ssl_session.c +++ b/ext/openssl/ossl_ssl_session.c @@ -76,13 +76,22 @@ static VALUE ossl_ssl_session_initialize(VALUE self, VALUE arg1) /* SSL_SESSION_cmp() was removed without a replacement in 1.0.0 */ static int ossl_SSL_SESSION_cmp(const SSL_SESSION *a, const SSL_SESSION *b) { - if (a->ssl_version != b->ssl_version || - a->session_id_length != b->session_id_length) + unsigned int a_len; + const unsigned char *a_sid = SSL_SESSION_get_id(a, &a_len); + unsigned int b_len; + const unsigned char *b_sid = SSL_SESSION_get_id(b, &b_len); + +#if !defined(HAVE_OPAQUE_OPENSSL) /* missing SSL_SESSION_get_ssl_version() ? */ + if (a->ssl_version != b->ssl_version) + return 1; +#endif + if (a_len != b_len) return 1; + #if defined(_WIN32) - return memcmp(a->session_id, b->session_id, a->session_id_length); + return memcmp(a_sid, b_sid, a_len); #else - return CRYPTO_memcmp(a->session_id, b->session_id, a->session_id_length); + return CRYPTO_memcmp(a_sid, b_sid, a_len); #endif } |