From b8802de2c09b31fce7717a500cd5ffe8bada1b27 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Sl=C3=A1vek=20Banko?= Date: Sun, 1 Jan 2017 19:35:39 +0100 Subject: Added support for OpenSSL 1.1 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Some KOpenSSLProxy methods have been renamed to be consistent with OpenSSL 1.1 API names and to prevent hidden API changes. To ensure API / ABI compatibility, the original methods are still included but have been marked as deprecated. + SSLv23_client_method => TLS_client_method + X509_STORE_CTX_set_chain => X509_STORE_CTX_set0_untrusted + sk_dup => OPENSSL_sk_dup + sk_free => OPENSSL_sk_free + sk_new => OPENSSL_sk_new + sk_num => OPENSSL_sk_num + sk_pop => OPENSSL_sk_pop + sk_push => OPENSSL_sk_push + sk_value => OPENSSL_sk_value Additional methods have been added to KOpenSSLProxy to support the new OpenSSL 1.1 API functions that provide access to the (now) opaque SSL structures. Compatibility with OpenSSL < 1.1 is handled internally in KOpenSSLProxy. + BIO_get_data + DSA_get0_key + DSA_get0_pqg + EVP_PKEY_base_id + EVP_PKEY_get0_DSA + EVP_PKEY_get0_RSA + RSA_get0_key + X509_CRL_get0_lastUpdate + X509_CRL_get0_nextUpdate + X509_OBJECT_get0_X509 + X509_OBJECT_get_type + X509_STORE_CTX_get_current_cert + X509_STORE_CTX_get_error + X509_STORE_CTX_get_error_depth + X509_STORE_CTX_set_error + X509_STORE_get0_objects + X509_STORE_set_verify_cb + X509_get0_signature + X509_getm_notAfter + X509_getm_notBefore + X509_subject_name_cmp + _SSL_session_reused + _SSL_set_options Method "KSSL::setSession" has been renamed to "KSSL::takeSession" and its functionality has changed: the session is now transferred from the argument object to the invoked object. Since it is only used internally in TDE and the functionality is different, the method with the previous name has not been preserved. Signed-off-by: Slávek Banko Signed-off-by: Michele Calgaro (cherry picked from commit e1861cb6811f7bac405ece204407ca46c000a453) --- tdeio/kssl/kssl.h | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) (limited to 'tdeio/kssl/kssl.h') diff --git a/tdeio/kssl/kssl.h b/tdeio/kssl/kssl.h index e10b10eaf..37ee5017b 100644 --- a/tdeio/kssl/kssl.h +++ b/tdeio/kssl/kssl.h @@ -82,16 +82,15 @@ public: bool TLSInit(); /** - * Set an SSL session to use. This deep copies the session so it - * doesn't have to remain valid. You need to call it after calling - * initialize or reInitialize. The ID is cleared in close(). + * Set an SSL session to use. This takes the session from the original + * KSSL object, so it is in fact a session move operation. * * @param session A valid session to reuse. If 0L, it will clear the * session ID in memory. * * @return true on success */ - bool setSession(const KSSLSession *session); + bool takeSession(KSSLSession *session); /** * Close the SSL session. -- cgit v1.2.1