polarssl: drop use of 1.2 compatibility header.
API has changed since version 1.3. A compatibility header has been created to ensure forward compatibility for code using old API: * x509 certificate structure has been renamed to from x509_cert to x509_crt * new dedicated setter for RSA certificates ssl_set_own_cert_rsa, ssl_set_own_cert is for generic keys * ssl_default_ciphersuites has been replaced by function ssl_list_ciphersuites() This patch drops the use of the compatibly header.
This commit is contained in:
		 Gaël PORTAY
					Gaël PORTAY
				
			
				
					committed by
					
						 Daniel Stenberg
						Daniel Stenberg
					
				
			
			
				
	
			
			
			 Daniel Stenberg
						Daniel Stenberg
					
				
			
						parent
						
							7a1fb8e816
						
					
				
				
					commit
					31265376bc
				
			| @@ -31,7 +31,6 @@ | |||||||
|  |  | ||||||
| #ifdef USE_POLARSSL | #ifdef USE_POLARSSL | ||||||
|  |  | ||||||
| #include <polarssl/compat-1.2.h> |  | ||||||
| #include <polarssl/net.h> | #include <polarssl/net.h> | ||||||
| #include <polarssl/ssl.h> | #include <polarssl/ssl.h> | ||||||
| #include <polarssl/certs.h> | #include <polarssl/certs.h> | ||||||
| @@ -184,7 +183,7 @@ polarssl_connect_step1(struct connectdata *conn, | |||||||
|   memset(&connssl->cacert, 0, sizeof(x509_crt)); |   memset(&connssl->cacert, 0, sizeof(x509_crt)); | ||||||
|  |  | ||||||
|   if(data->set.str[STRING_SSL_CAFILE]) { |   if(data->set.str[STRING_SSL_CAFILE]) { | ||||||
|     ret = x509parse_crtfile(&connssl->cacert, |     ret = x509_crt_parse_file(&connssl->cacert, | ||||||
|                               data->set.str[STRING_SSL_CAFILE]); |                               data->set.str[STRING_SSL_CAFILE]); | ||||||
|  |  | ||||||
|     if(ret<0) { |     if(ret<0) { | ||||||
| @@ -203,7 +202,7 @@ polarssl_connect_step1(struct connectdata *conn, | |||||||
|   memset(&connssl->clicert, 0, sizeof(x509_crt)); |   memset(&connssl->clicert, 0, sizeof(x509_crt)); | ||||||
|  |  | ||||||
|   if(data->set.str[STRING_CERT]) { |   if(data->set.str[STRING_CERT]) { | ||||||
|     ret = x509parse_crtfile(&connssl->clicert, |     ret = x509_crt_parse_file(&connssl->clicert, | ||||||
|                               data->set.str[STRING_CERT]); |                               data->set.str[STRING_CERT]); | ||||||
|  |  | ||||||
|     if(ret) { |     if(ret) { | ||||||
| @@ -219,9 +218,17 @@ polarssl_connect_step1(struct connectdata *conn, | |||||||
|  |  | ||||||
|   /* Load the client private key */ |   /* Load the client private key */ | ||||||
|   if(data->set.str[STRING_KEY]) { |   if(data->set.str[STRING_KEY]) { | ||||||
|     ret = x509parse_keyfile(&connssl->rsa, |     pk_context pk; | ||||||
|                             data->set.str[STRING_KEY], |     pk_init(&pk); | ||||||
|  |     ret = pk_parse_keyfile(&pk, data->set.str[STRING_KEY], | ||||||
|                            data->set.str[STRING_KEY_PASSWD]); |                            data->set.str[STRING_KEY_PASSWD]); | ||||||
|  |     if(ret == 0 && !pk_can_do(&pk, POLARSSL_PK_RSA)) | ||||||
|  |       ret = POLARSSL_ERR_PK_TYPE_MISMATCH; | ||||||
|  |     if(ret == 0) | ||||||
|  |       rsa_copy(&connssl->rsa, pk_rsa(pk)); | ||||||
|  |     else | ||||||
|  |       rsa_free(&connssl->rsa); | ||||||
|  |     pk_free(&pk); | ||||||
|  |  | ||||||
|     if(ret) { |     if(ret) { | ||||||
| #ifdef POLARSSL_ERROR_C | #ifdef POLARSSL_ERROR_C | ||||||
| @@ -238,7 +245,7 @@ polarssl_connect_step1(struct connectdata *conn, | |||||||
|   memset(&connssl->crl, 0, sizeof(x509_crl)); |   memset(&connssl->crl, 0, sizeof(x509_crl)); | ||||||
|  |  | ||||||
|   if(data->set.str[STRING_SSL_CRLFILE]) { |   if(data->set.str[STRING_SSL_CRLFILE]) { | ||||||
|     ret = x509parse_crlfile(&connssl->crl, |     ret = x509_crl_parse_file(&connssl->crl, | ||||||
|                               data->set.str[STRING_SSL_CRLFILE]); |                               data->set.str[STRING_SSL_CRLFILE]); | ||||||
|  |  | ||||||
|     if(ret) { |     if(ret) { | ||||||
| @@ -274,12 +281,7 @@ polarssl_connect_step1(struct connectdata *conn, | |||||||
|               net_recv, &conn->sock[sockindex], |               net_recv, &conn->sock[sockindex], | ||||||
|               net_send, &conn->sock[sockindex]); |               net_send, &conn->sock[sockindex]); | ||||||
|  |  | ||||||
|  |   ssl_set_ciphersuites(&connssl->ssl, ssl_list_ciphersuites()); | ||||||
| #if POLARSSL_VERSION_NUMBER<0x01000000 |  | ||||||
|   ssl_set_ciphers(&connssl->ssl, ssl_default_ciphers); |  | ||||||
| #else |  | ||||||
|   ssl_set_ciphersuites(&connssl->ssl, ssl_default_ciphersuites); |  | ||||||
| #endif |  | ||||||
|   if(!Curl_ssl_getsessionid(conn, &old_session, &old_session_size)) { |   if(!Curl_ssl_getsessionid(conn, &old_session, &old_session_size)) { | ||||||
|     memcpy(&connssl->ssn, old_session, old_session_size); |     memcpy(&connssl->ssn, old_session, old_session_size); | ||||||
|     infof(data, "PolarSSL re-using session\n"); |     infof(data, "PolarSSL re-using session\n"); | ||||||
| @@ -404,15 +406,8 @@ polarssl_connect_step2(struct connectdata *conn, | |||||||
|     /* If the session was resumed, there will be no peer certs */ |     /* If the session was resumed, there will be no peer certs */ | ||||||
|     memset(buffer, 0, sizeof(buffer)); |     memset(buffer, 0, sizeof(buffer)); | ||||||
|  |  | ||||||
| /* PolarSSL SVN revision r1316 to r1317, matching <1.2.0 is to cover Ubuntu's |     if(x509_crt_info(buffer, sizeof(buffer), (char *)"* ", | ||||||
|    1.1.4 version and the like */ |  | ||||||
| #if POLARSSL_VERSION_NUMBER<0x01020000 |  | ||||||
|     if(x509parse_cert_info(buffer, sizeof(buffer), (char *)"* ", |  | ||||||
|                            conn->ssl[sockindex].ssl.peer_cert) != -1) |  | ||||||
| #else |  | ||||||
|     if(x509parse_cert_info(buffer, sizeof(buffer), (char *)"* ", |  | ||||||
|                      ssl_get_peer_cert(&(connssl->ssl))) != -1) |                      ssl_get_peer_cert(&(connssl->ssl))) != -1) | ||||||
| #endif |  | ||||||
|       infof(data, "Dumping cert info:\n%s\n", buffer); |       infof(data, "Dumping cert info:\n%s\n", buffer); | ||||||
|   } |   } | ||||||
|  |  | ||||||
| @@ -497,8 +492,8 @@ void Curl_polarssl_close_all(struct SessionHandle *data) | |||||||
| void Curl_polarssl_close(struct connectdata *conn, int sockindex) | void Curl_polarssl_close(struct connectdata *conn, int sockindex) | ||||||
| { | { | ||||||
|   rsa_free(&conn->ssl[sockindex].rsa); |   rsa_free(&conn->ssl[sockindex].rsa); | ||||||
|   x509_free(&conn->ssl[sockindex].clicert); |   x509_crt_free(&conn->ssl[sockindex].clicert); | ||||||
|   x509_free(&conn->ssl[sockindex].cacert); |   x509_crt_free(&conn->ssl[sockindex].cacert); | ||||||
|   x509_crl_free(&conn->ssl[sockindex].crl); |   x509_crl_free(&conn->ssl[sockindex].crl); | ||||||
|   ssl_free(&conn->ssl[sockindex].ssl); |   ssl_free(&conn->ssl[sockindex].ssl); | ||||||
| } | } | ||||||
|   | |||||||
		Reference in New Issue
	
	Block a user