add configure checks for ssl functions:

-SSL_set_state: macro in OpenSSL, might be a function in a patched sslc -SSL_set_cert_store: patch submitted to OpenSSL, might be applied to OpenSSL or sslc git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94223 13f79535-47bb-0310-9956-ffa450edef68
2025-08-08 15:02:10 +03:00 · 2002-03-27 17:02:56 +00:00
parent 469412fd86
commit aeb7f9eb0b
4 changed files with 11 additions and 4 deletions
--- a/modules/ssl/config.m4
+++ b/modules/ssl/config.m4
@@ -78,6 +78,8 @@ ssl_util_table.lo dnl
 dnl #  hook module into the Autoconf mechanism (--enable-ssl option)
 APACHE_MODULE(ssl, [SSL/TLS support (mod_ssl)], $ssl_objs, , no, [
    APACHE_CHECK_SSL_TOOLKIT
+    AC_CHECK_FUNCS(SSL_set_state)
+    AC_CHECK_FUNCS(SSL_set_cert_store)
 ])

 dnl #  end of module specific part
--- a/modules/ssl/ssl_engine_config.c
+++ b/modules/ssl/ssl_engine_config.c
@@ -665,6 +665,12 @@ const char *ssl_cmd_SSLCertificateChainFile(cmd_parms *cmd, void *ctx,
 #define NO_PER_DIR_SSL_CA \
    "Your ssl library does not have support for per-directory CA"

+#ifdef HAVE_SSL_SET_CERT_STORE
+#   define MODSSL_HAVE_SSL_SET_CERT_STORE 1
+#else
+#   define MODSSL_HAVE_SSL_SET_CERT_STORE 0
+#endif
+
 #define MODSSL_SET_CA(f) \
    if (cmd->path) \
        if (MODSSL_HAVE_SSL_SET_CERT_STORE) \
--- a/modules/ssl/ssl_engine_kernel.c
+++ b/modules/ssl/ssl_engine_kernel.c
@@ -578,7 +578,7 @@ int ssl_hook_Access(request_rec *r)
     * used SSL_CTX_set_cert_store which is not thread safe.
     */

-#if MODSSL_HAVE_SSL_SET_CERT_STORE
+#ifdef HAVE_SSL_SET_CERT_STORE
    /*
     * check if per-dir and per-server config field are not the same.
     * if f is defined in per-dir and not defined in per-server
@@ -629,7 +629,7 @@ int ssl_hook_Access(request_rec *r)
                "Changed client verification locations "
                "will force renegotiation");
    }
-#endif /* MODSSL_HAVE_SSL_SET_CERT_STORE */
+#endif /* HAVE_SSL_SET_CERT_STORE */

    /* 
     * SSL renegotiations in conjunction with HTTP
--- a/modules/ssl/ssl_toolkit_compat.h
+++ b/modules/ssl/ssl_toolkit_compat.h
@@ -78,9 +78,8 @@
 #define modssl_PEM_read_bio_PrivateKey(b, k, cb, arg) \
   PEM_read_bio_PrivateKey(b, k, cb)

-/* XXX: add configure check */
 #ifndef HAVE_SSL_SET_STATE
-#define SSL_set_state(ssl, state)
+#define SSL_set_state(ssl, state) /* XXX: should throw an error */
 #endif

 #define modssl_set_cipher_list(ssl, l) \