Add dynamic linking for functions required by SSL v2/3 disabling patch.
This commit is contained in:
Jonathan G Rennison
KLuka
parent
b06b1f15ac
commit
490781d998
2 changed files with 21 additions and 1 deletions
|
|
@ -136,6 +136,9 @@ int (*SSL_write)(SSL *, const void *, int);
|
|||
SSL_METHOD * (*SSLv23_server_method)(void);
|
||||
X509 * (*d2i_X509)(X509 **px, const unsigned char **in, int len);
|
||||
void (*X509_free)(X509 *a);
|
||||
int (*x_SSL_CTX_set_cipher_list)(SSL_CTX *ctx, const char *str);
|
||||
void (*x_sk_zero)(void *st);
|
||||
void * (*x_SSL_COMP_get_compression_methods)(void);
|
||||
#endif
|
||||
|
||||
static void sslDestroyCachedContext(void *ssl_, char *context_) {
|
||||
|
|
@ -308,7 +311,9 @@ static void loadSSL(void) {
|
|||
{ { &SSL_write }, "SSL_write" },
|
||||
{ { &SSLv23_server_method }, "SSLv23_server_method" },
|
||||
{ { &d2i_X509 }, "d2i_X509" },
|
||||
{ { &X509_free }, "X509_free" }
|
||||
{ { &X509_free }, "X509_free" },
|
||||
{ { &x_SSL_CTX_set_cipher_list }, "SSL_CTX_set_cipher_list" },
|
||||
{ { &x_sk_zero }, "sk_zero" }
|
||||
};
|
||||
for (unsigned i = 0; i < sizeof(symbols)/sizeof(symbols[0]); i++) {
|
||||
if (!(*symbols[i].var = loadSymbol(path_libssl, symbols[i].fn))) {
|
||||
|
|
@ -320,6 +325,10 @@ static void loadSSL(void) {
|
|||
return;
|
||||
}
|
||||
}
|
||||
// These are optional
|
||||
x_SSL_COMP_get_compression_methods = loadSymbol(path_libssl, "SSL_COMP_get_compression_methods");
|
||||
// ends
|
||||
|
||||
SSL_library_init();
|
||||
dcheck(!ERR_peek_error());
|
||||
debug("Loaded SSL suppport");
|
||||
|
|
@ -590,6 +599,11 @@ static SSL_CTX *sslMakeContext(void) {
|
|||
SSL_CTX_set_options(context, SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3);
|
||||
#ifdef SSL_OP_NO_COMPRESSION
|
||||
SSL_CTX_set_options(context, SSL_OP_NO_COMPRESSION);
|
||||
#endif
|
||||
#if defined(HAVE_DLOPEN)
|
||||
if (SSL_COMP_get_compression_methods) {
|
||||
sk_SSL_COMP_zero(SSL_COMP_get_compression_methods());
|
||||
}
|
||||
#elif OPENSSL_VERSION_NUMBER >= 0x00908000L
|
||||
sk_SSL_COMP_zero(SSL_COMP_get_compression_methods());
|
||||
#endif
|
||||
|
|
|
|||
|
|
@ -111,6 +111,9 @@ extern int (*x_SSL_write)(SSL *, const void *, int);
|
|||
extern SSL_METHOD *(*x_SSLv23_server_method)(void);
|
||||
extern X509 * (*x_d2i_X509)(X509 **px, const unsigned char **in, int len);
|
||||
extern void (*x_X509_free)(X509 *a);
|
||||
extern int (*x_SSL_CTX_set_cipher_list)(SSL_CTX *ctx, const char *str);
|
||||
extern void (*x_sk_zero)(void *st);
|
||||
extern void *(*x_SSL_COMP_get_compression_methods)(void);
|
||||
|
||||
#define BIO_ctrl x_BIO_ctrl
|
||||
#define BIO_f_buffer x_BIO_f_buffer
|
||||
|
|
@ -151,6 +154,9 @@ extern void (*x_X509_free)(X509 *a);
|
|||
#define SSLv23_server_method x_SSLv23_server_method
|
||||
#define d2i_X509 x_d2i_X509
|
||||
#define X509_free x_X509_free
|
||||
#define SSL_CTX_set_cipher_list x_SSL_CTX_set_cipher_list
|
||||
#define sk_zero x_sk_zero
|
||||
#define SSL_COMP_get_compression_methods x_SSL_COMP_get_compression_methods
|
||||
|
||||
#undef BIO_set_buffer_read_data
|
||||
#undef SSL_CTX_set_tlsext_servername_arg
|
||||
|
|
|
|||
Loading…
Reference in a new issue