*) adds compile-time/run time SSL-C version support

*) simplify a ton of overly-verbose legacy code
*) split the compiled-against v.s. runtime library
*) precache the results of the version string touchup



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@520701 13f79535-47bb-0310-9956-ffa450edef68

CHANGES

@@ -2,6 +2,13 @@
 Changes with Apache 2.3.0
   [Remove entries to the current 2.0 and 2.2 section below, when backported]
 
+  *) mod_ssl: Version reporting update; displays 'compiled against'
+     Apache and build-time SSL Library versions at loglevel [info],
+     while reporting the run-time SSL Library version in the server
+     info tags.  Helps to identify a mod_ssl built against one flavor
+     of OpenSSL but running against another (also adds SSL-C version
+     number reporting.)  [William Rowe]
+
   *) core: Change etag generation to produce identical results on 
      32-bit and 64-bit platforms.  PR 40064.  [Joe Orton]
 

modules/ssl/ssl_engine_init.c

@@ -34,42 +34,21 @@
 **  _________________________________________________________________
 */
 
-static char *ssl_add_version_component(apr_pool_t *p,
-                                       server_rec *s,
-                                       char *name)
-{
-    char *val = ssl_var_lookup(p, s, NULL, NULL, name);
-
-    if (val && *val) {
-        ap_add_version_component(p, val);
-    }
-
-    return val;
-}
-
-static char *version_components[] = {
-    "SSL_VERSION_PRODUCT",
-    "SSL_VERSION_INTERFACE",
-    "SSL_VERSION_LIBRARY",
-    NULL
-};
 
 static void ssl_add_version_components(apr_pool_t *p,
                                        server_rec *s)
 {
-    char *vals[sizeof(version_components)/sizeof(char *)];
+    char *modver = ssl_var_lookup(p, s, NULL, NULL, "SSL_VERSION_INTERFACE");
-    int i;
+    char *libver = ssl_var_lookup(p, s, NULL, NULL, "SSL_VERSION_LIBRARY");
+    char *incver = ssl_var_lookup(p, s, NULL, NULL, 
+                                  "SSL_VERSION_LIBRARY_INTERFACE");
 
-    for (i=0; version_components[i]; i++) {
+    ap_add_version_component(p, modver);
-        vals[i] = ssl_add_version_component(p, s,
+    ap_add_version_component(p, libver);
-                                            version_components[i]);
-    }
 
     ap_log_error(APLOG_MARK, APLOG_INFO, 0, s,
-                 "Server: %s, Interface: %s, Library: %s",
+                 "%s compiled against Server: %s, Library: %s",
-                 AP_SERVER_BASEVERSION,
+                 modver, AP_SERVER_BASEVERSION, incver);
-                 vals[1],  /* SSL_VERSION_INTERFACE */
-                 vals[2]); /* SSL_VERSION_LIBRARY */
 }
 
 

modules/ssl/ssl_engine_vars.c

@@ -635,32 +635,42 @@ static void ssl_var_lookup_ssl_cipher_bits(SSL *ssl, int *usekeysize, int *algke
 
 static char *ssl_var_lookup_ssl_version(apr_pool_t *p, char *var)
 {
+    static char interface[] = "mod_ssl/" MOD_SSL_VERSION;
+    static char library_interface[] = SSL_LIBRARY_TEXT;
+    static char *library = NULL;
     char *result;
+  
+    if (!library) {
         char *cp, *cp2;
-
+        library = apr_pstrdup(p, SSL_LIBRARY_DYNTEXT);
-    result = NULL;
+        if ((cp = strchr(library, ' ')) != NULL) {
-
+            *cp = '/';
-    if (strEQ(var, "PRODUCT")) {
+            if ((cp2 = strchr(cp, ' ')) != NULL)
-#if defined(SSL_PRODUCT_NAME) && defined(SSL_PRODUCT_VERSION)
+                *cp2 = NUL;
-        result = apr_psprintf(p, "%s/%s", SSL_PRODUCT_NAME, SSL_PRODUCT_VERSION);
-#else
-        result = NULL;
-#endif
         }
-    else if (strEQ(var, "INTERFACE")) {
+        if ((cp = strchr(library_interface, ' ')) != NULL) {
-        result = apr_psprintf(p, "mod_ssl/%s", MOD_SSL_VERSION);
-    }
-    else if (strEQ(var, "LIBRARY")) {
-        result = apr_pstrdup(p, SSLeay_version(SSLEAY_VERSION));
-        if ((cp = strchr(result, ' ')) != NULL) {
             *cp = '/';
             if ((cp2 = strchr(cp, ' ')) != NULL)
                 *cp2 = NUL;
         }
     }
+
+    if (strEQ(var, "INTERFACE")) {
+        result = apr_pstrdup(p, interface);
+    }
+    else if (strEQ(var, "LIBRARY_INTERFACE")) {
+        result = apr_pstrdup(p, library_interface);
+    }
+    else if (strEQ(var, "LIBRARY")) {
+        result = apr_pstrdup(p, library);
+    }
+    else {
+        result = NULL;
+    }
     return result;
 }
   
+
 apr_array_header_t *ssl_ext_list(apr_pool_t *p, conn_rec *c, int peer,
                                  const char *extension)
 {

modules/ssl/ssl_util_ssl.h

@@ -37,14 +37,27 @@
 /**
  * Determine SSL library version number
  */
+#define SSL_NIBBLE(x,n) ((x >> (n * 4)) & 0xF)
+
 #ifdef OPENSSL_VERSION_NUMBER
 #define SSL_LIBRARY_VERSION OPENSSL_VERSION_NUMBER
 #define SSL_LIBRARY_NAME    "OpenSSL"
 #define SSL_LIBRARY_TEXT    OPENSSL_VERSION_TEXT
+#define SSL_LIBRARY_DYNTEXT SSLeay_version(SSLEAY_VERSION)
+#elif defined(SSLC_VERSION_NUMBER)
+#define SSL_LIBRARY_VERSION SSLC_VERSION_NUMBER
+#define SSL_LIBRARY_NAME    "SSL-C"
+#define SSL_LIBRARY_TEXT    { 'S', 'S', 'L', '-', 'C', ' ', \
+                              '0' + SSL_NIBBLE(SSLC_VERSION_NUMBER,3), '.', \
+                              '0' + SSL_NIBBLE(SSLC_VERSION_NUMBER,2), '.', \
+                              '0' + SSL_NIBBLE(SSLC_VERSION_NUMBER,1), '.', \
+                              '0' + SSL_NIBBLE(SSLC_VERSION_NUMBER,0), 0 }
+#define SSL_LIBRARY_DYNTEXT SSLC_library_info(SSLC_INFO_VERSION)
 #elif !defined(SSL_LIBRARY_VERSION)
 #define SSL_LIBRARY_VERSION 0x0000
 #define SSL_LIBRARY_NAME    "OtherSSL"
 #define SSL_LIBRARY_TEXT    "OtherSSL 0.0.0 00 XXX 0000"
+#define SSL_LIBRARY_DYNTEXT "OtherSSL 0.0.0 00 XXX 0000"
 #endif
 
 /**