diff options
| author | Slávek Banko <slavek.banko@axis.cz> | 2017-01-01 19:35:39 +0100 |
|---|---|---|
| committer | Slávek Banko <slavek.banko@axis.cz> | 2017-01-01 19:35:39 +0100 |
| commit | e1861cb6811f7bac405ece204407ca46c000a453 (patch) | |
| tree | 8883f182e51c13750d24c5b74ed058d4d9fce99e /tdecert | |
| parent | f32bc5176289b70bf1c6e7d2825d53f190bc4096 (diff) | |
| download | tdelibs-e1861cb6811f7bac405ece204407ca46c000a453.tar.gz tdelibs-e1861cb6811f7bac405ece204407ca46c000a453.zip | |
Added support for OpenSSL 1.1
Some KOpenSSLProxy methods have been renamed to be consistent
with OpenSSL 1.1 API names and to prevent hidden API changes.
To ensure API / ABI compatibility, the original methods are
still included but have been marked as deprecated.
+ SSLv23_client_method => TLS_client_method
+ X509_STORE_CTX_set_chain => X509_STORE_CTX_set0_untrusted
+ sk_dup => OPENSSL_sk_dup
+ sk_free => OPENSSL_sk_free
+ sk_new => OPENSSL_sk_new
+ sk_num => OPENSSL_sk_num
+ sk_pop => OPENSSL_sk_pop
+ sk_push => OPENSSL_sk_push
+ sk_value => OPENSSL_sk_value
Additional methods have been added to KOpenSSLProxy to support
the new OpenSSL 1.1 API functions that provide access to the
(now) opaque SSL structures. Compatibility with OpenSSL < 1.1
is handled internally in KOpenSSLProxy.
+ BIO_get_data
+ DSA_get0_key
+ DSA_get0_pqg
+ EVP_PKEY_base_id
+ EVP_PKEY_get0_DSA
+ EVP_PKEY_get0_RSA
+ RSA_get0_key
+ X509_CRL_get0_lastUpdate
+ X509_CRL_get0_nextUpdate
+ X509_OBJECT_get0_X509
+ X509_OBJECT_get_type
+ X509_STORE_CTX_get_current_cert
+ X509_STORE_CTX_get_error
+ X509_STORE_CTX_get_error_depth
+ X509_STORE_CTX_set_error
+ X509_STORE_get0_objects
+ X509_STORE_set_verify_cb
+ X509_get0_signature
+ X509_getm_notAfter
+ X509_getm_notBefore
+ X509_subject_name_cmp
+ _SSL_session_reused
+ _SSL_set_options
Method "KSSL::setSession" has been renamed to "KSSL::takeSession"
and its functionality has changed: the session is now transferred
from the argument object to the invoked object. Since it is only
used internally in TDE and the functionality is different, the
method with the previous name has not been preserved.
Signed-off-by: Slávek Banko <slavek.banko@axis.cz>
Signed-off-by: Michele Calgaro <michele.calgaro@yahoo.it>
Diffstat (limited to 'tdecert')
| -rw-r--r-- | tdecert/tdecertpart.cc | 13 |
1 files changed, 3 insertions, 10 deletions
diff --git a/tdecert/tdecertpart.cc b/tdecert/tdecertpart.cc index c6b163afb..3c937e9d6 100644 --- a/tdecert/tdecertpart.cc +++ b/tdecert/tdecertpart.cc @@ -557,9 +557,6 @@ if (whatType == "application/x-pkcs12") { return false; } -#define sk_free KOSSL::self()->sk_free -#define sk_num KOSSL::self()->sk_num -#define sk_value KOSSL::self()->sk_value STACK_OF(X509_INFO) *sx5i = KOSSL::self()->PEM_X509_INFO_read(fp, NULL, KSSLPemCallback, NULL); if (!sx5i) { @@ -569,8 +566,8 @@ if (whatType == "application/x-pkcs12") { } _ca_filenameLabel->setText(m_file); - for (int i = 0; i < sk_X509_INFO_num(sx5i); i++) { - X509_INFO* x5i = sk_X509_INFO_value(sx5i, i); + for (int i = 0; i < KOSSL::self()->OPENSSL_sk_num(sx5i); i++) { + X509_INFO* x5i = reinterpret_cast<X509_INFO*>(KOSSL::self()->OPENSSL_sk_value(sx5i, i)); if (x5i->x_pkey && x5i->x509) { // a personal cert (like PKCS12) KSSLCertificate *xc = KSSLCertificate::fromX509(x5i->x509); new KX509Item(_sideList, xc); @@ -584,11 +581,7 @@ if (whatType == "application/x-pkcs12") { } } - sk_X509_INFO_free(sx5i); - -#undef sk_free -#undef sk_num -#undef sk_value + KOSSL::self()->OPENSSL_sk_free(sx5i); fclose(fp); return true; |