You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
90 lines
3.3 KiB
90 lines
3.3 KiB
4 years ago
|
--- a/cdk/cmake/DepFindSSL.cmake
|
||
|
+++ b/cdk/cmake/DepFindSSL.cmake
|
||
|
@@ -88,7 +88,7 @@ function(main)
|
||
|
|
||
|
set(OPENSSL_LIB_DIR "${OPENSSL_LIB_DIR}" CACHE INTERNAL "")
|
||
|
|
||
|
- if(NOT OPENSSL_VERSION_MAJOR EQUAL 1)
|
||
|
+ if(NOT OPENSSL_VERSION_MAJOR VERSION_GREATER_EQUAL 1)
|
||
|
message(SEND_ERROR "OpenSSL version 1.x is required but version ${OPENSSL_VERSION} was found")
|
||
|
else()
|
||
|
message(STATUS "Using OpenSSL version: ${OPENSSL_VERSION}")
|
||
|
@@ -182,42 +182,33 @@ function(find_openssl)
|
||
|
set(OPENSSL_INCLUDE_DIR "${OPENSSL_INCLUDE_DIR}" PARENT_SCOPE)
|
||
|
message("-- found OpenSSL headers at: ${OPENSSL_INCLUDE_DIR}")
|
||
|
|
||
|
-
|
||
|
# Verify version number. Version information looks like:
|
||
|
- # #define OPENSSL_VERSION_TEXT "OpenSSL 1.1.1a 20 Nov 2018"
|
||
|
-
|
||
|
+ # #define OPENSSL_VERSION_NUMBER 0x1000103fL
|
||
|
+ # Encoded as MNNFFPPS: major minor fix patch status
|
||
|
FILE(STRINGS "${OPENSSL_INCLUDE_DIR}/openssl/opensslv.h"
|
||
|
OPENSSL_VERSION_NUMBER
|
||
|
- REGEX "#[ ]*define[\t ]+OPENSSL_VERSION_TEXT"
|
||
|
+ REGEX "^#[ ]*define[\t ]+OPENSSL_VERSION_NUMBER[\t ]+0x[0-9].*"
|
||
|
)
|
||
|
-
|
||
|
- #message("== OPENSSL_VERSION_NUMBER: ${OPENSSL_VERSION_NUMBER}")
|
||
|
STRING(REGEX REPLACE
|
||
|
- "^.*OPENSSL_VERSION_TEXT[\t ]+\"OpenSSL[\t ]([0-9]+)\\.([0-9]+)\\.([0-9]+)([a-z]*)[\t ].*$"
|
||
|
- "\\1;\\2;\\3;\\4"
|
||
|
- version_list "${OPENSSL_VERSION_NUMBER}"
|
||
|
+ "^.*OPENSSL_VERSION_NUMBER[\t ]+0x([0-9]).*$" "\\1"
|
||
|
+ OPENSSL_VERSION_MAJOR "${OPENSSL_VERSION_NUMBER}"
|
||
|
+ )
|
||
|
+ STRING(REGEX REPLACE
|
||
|
+ "^.*OPENSSL_VERSION_NUMBER[\t ]+0x[0-9]([0-9][0-9]).*$" "\\1"
|
||
|
+ OPENSSL_VERSION_MINOR "${OPENSSL_VERSION_NUMBER}"
|
||
|
+ )
|
||
|
+ STRING(REGEX REPLACE
|
||
|
+ "^.*OPENSSL_VERSION_NUMBER[\t ]+0x[0-9][0-9][0-9]([0-9][0-9]).*$" "\\1"
|
||
|
+ OPENSSL_VERSION_FIX "${OPENSSL_VERSION_NUMBER}"
|
||
|
)
|
||
|
- #message("-- OPENSSL_VERSION: ${version_list}")
|
||
|
-
|
||
|
- list(GET version_list 0 OPENSSL_VERSION_MAJOR)
|
||
|
- math(EXPR OPENSSL_VERSION_MAJOR ${OPENSSL_VERSION_MAJOR})
|
||
|
-
|
||
|
- list(GET version_list 1 OPENSSL_VERSION_MINOR)
|
||
|
- math(EXPR OPENSSL_VERSION_MINOR ${OPENSSL_VERSION_MINOR})
|
||
|
-
|
||
|
- list(GET version_list 2 OPENSSL_VERSION_FIX)
|
||
|
- math(EXPR OPENSSL_VERSION_FIX ${OPENSSL_VERSION_FIX})
|
||
|
-
|
||
|
- list(GET version_list 3 OPENSSL_VERSION_PATCH)
|
||
|
-
|
||
|
-
|
||
|
|
||
|
set(OPENSSL_VERSION
|
||
|
- "${OPENSSL_VERSION_MAJOR}.${OPENSSL_VERSION_MINOR}.${OPENSSL_VERSION_FIX}${OPENSSL_VERSION_PATCH}"
|
||
|
+ "${OPENSSL_VERSION_MAJOR}.${OPENSSL_VERSION_MINOR}.${OPENSSL_VERSION_FIX}"
|
||
|
PARENT_SCOPE
|
||
|
)
|
||
|
set(OPENSSL_VERSION_MAJOR ${OPENSSL_VERSION_MAJOR} PARENT_SCOPE)
|
||
|
|
||
|
+ CHECK_SYMBOL_EXISTS(TLS1_3_VERSION "openssl/tls1.h" HAVE_TLS1_3_VERSION)
|
||
|
|
||
|
find_library(OPENSSL_LIBRARY
|
||
|
NAMES ssl ssleay32 ssleay32MD libssl
|
||
|
--- a/cdk/foundation/connection_openssl.cc
|
||
|
+++ b/cdk/foundation/connection_openssl.cc
|
||
|
@@ -211,7 +211,7 @@ static void throw_ssl_error(SSL* tls, int err)
|
||
|
case SSL_ERROR_WANT_CONNECT:
|
||
|
case SSL_ERROR_WANT_ACCEPT:
|
||
|
case SSL_ERROR_WANT_X509_LOOKUP:
|
||
|
-# if OPENSSL_VERSION_NUMBER >= 0x10100000L
|
||
|
+# if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
|
||
|
case SSL_ERROR_WANT_ASYNC:
|
||
|
case SSL_ERROR_WANT_ASYNC_JOB:
|
||
|
# endif
|
||
|
@@ -387,7 +387,7 @@ void TLS_helper::setup(SSL_CTX *ctx)
|
||
|
|
||
|
SSL_CTX_set_cipher_list(ctx, m_cipher_list.c_str());
|
||
|
|
||
|
-#if OPENSSL_VERSION_NUMBER>=0x1010100fL
|
||
|
+#if HAVE_TLS1_3_VERSION
|
||
|
|
||
|
/*
|
||
|
Note: If TLSv1.3 is not enabled, there is no need to restrict
|