diff options
author | Kazuki Yamaguchi <k@rhe.jp> | 2016-05-04 23:00:33 +0900 |
---|---|---|
committer | Kazuki Yamaguchi <k@rhe.jp> | 2016-05-14 20:00:58 +0900 |
commit | 5ca00bab2963a0b6b36e73b32071e7285fa28d9e (patch) | |
tree | e2e180b374bb5d808c6ba5bee9116b6c0e64ac3f /ext | |
parent | 5b1c7cb59c827db967d8baffa776a291e3a25836 (diff) | |
download | ruby-5ca00bab2963a0b6b36e73b32071e7285fa28d9e.tar.gz |
ext/openssl: SSL_SESSION is made opaque
Diffstat (limited to 'ext')
-rw-r--r-- | ext/openssl/extconf.rb | 1 | ||||
-rw-r--r-- | ext/openssl/ossl_ssl_session.c | 17 |
2 files changed, 14 insertions, 4 deletions
diff --git a/ext/openssl/extconf.rb b/ext/openssl/extconf.rb index 008c714854..252a0dab13 100644 --- a/ext/openssl/extconf.rb +++ b/ext/openssl/extconf.rb @@ -110,6 +110,7 @@ OpenSSL.check_func_or_macro("SSL_get_server_tmp_key", "openssl/ssl.h") # added in 1.1.0 have_func("CRYPTO_lock") || $defs.push("-DHAVE_OPENSSL_110_THREADING_API") +have_struct_member("SSL", "ctx", "openssl/ssl.h") || $defs.push("-DHAVE_OPAQUE_OPENSSL") have_func("BN_GENCB_new") have_func("BN_GENCB_free") have_func("BN_GENCB_get_arg") diff --git a/ext/openssl/ossl_ssl_session.c b/ext/openssl/ossl_ssl_session.c index e227e13c13..59087b4fad 100644 --- a/ext/openssl/ossl_ssl_session.c +++ b/ext/openssl/ossl_ssl_session.c @@ -76,13 +76,22 @@ static VALUE ossl_ssl_session_initialize(VALUE self, VALUE arg1) /* SSL_SESSION_cmp() was removed without a replacement in 1.0.0 */ static int ossl_SSL_SESSION_cmp(const SSL_SESSION *a, const SSL_SESSION *b) { - if (a->ssl_version != b->ssl_version || - a->session_id_length != b->session_id_length) + unsigned int a_len; + const unsigned char *a_sid = SSL_SESSION_get_id(a, &a_len); + unsigned int b_len; + const unsigned char *b_sid = SSL_SESSION_get_id(b, &b_len); + +#if !defined(HAVE_OPAQUE_OPENSSL) /* missing SSL_SESSION_get_ssl_version() ? */ + if (a->ssl_version != b->ssl_version) + return 1; +#endif + if (a_len != b_len) return 1; + #if defined(_WIN32) - return memcmp(a->session_id, b->session_id, a->session_id_length); + return memcmp(a_sid, b_sid, a_len); #else - return CRYPTO_memcmp(a->session_id, b->session_id, a->session_id_length); + return CRYPTO_memcmp(a_sid, b_sid, a_len); #endif } |