From 8d1e99b635151ee1a5cc77cadfd39caa9c96b17b Mon Sep 17 00:00:00 2001 From: Jean-Baptiste Nahan Date: Fri, 9 Mar 2018 15:55:21 +0100 Subject: [PATCH 1/7] add open ssl install --- .travis.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.travis.yml b/.travis.yml index cf2abf325..4f7457696 100644 --- a/.travis.yml +++ b/.travis.yml @@ -56,6 +56,9 @@ before_install: sudo apt-add-repository "deb http://apt.llvm.org/trusty/ llvm-toolchain-trusty-3.9 main" sudo apt-get -q update; sudo apt-get install -y clang-3.9 clang-format-3.9 libpopt-dev; + LC_ALL=C.UTF-8 sudo add-apt-repository -y -s ppa:ondrej/php + sudo apt-get -q update; + sudo apt-get install -y libssl-dev libssl1.1 fi # ugly hack; if running a coverity scan abort all except the 1st build # see note re gcc compiler above needing to be 1st From 8ac4d4ce013ce66678a7df2ac1eb3f5149cf3d4f Mon Sep 17 00:00:00 2001 From: Jean-Baptiste NAHAN Date: Mon, 12 Mar 2018 15:12:49 +0100 Subject: [PATCH 2/7] fix openssl 1.1 deprecation --- librabbitmq/amqp_openssl.c | 8 +++++--- librabbitmq/amqp_openssl_hostname_validation.c | 10 +++++++++- 2 files changed, 14 insertions(+), 4 deletions(-) diff --git a/librabbitmq/amqp_openssl.c b/librabbitmq/amqp_openssl.c index 7cc01f88b..245575639 100644 --- a/librabbitmq/amqp_openssl.c +++ b/librabbitmq/amqp_openssl.c @@ -575,8 +575,9 @@ static int setup_openssl(void) { } CRYPTO_set_id_callback(ssl_threadid_callback); CRYPTO_set_locking_callback(ssl_locking_callback); - - OPENSSL_config(NULL); +#if OPENSSL_VERSION_NUMBER < 0x10100000L + OPENSSL_config(NULL); +#endif SSL_library_init(); SSL_load_error_strings(); @@ -652,8 +653,9 @@ int amqp_uninitialize_ssl_library(void) { amqp_openssl_bio_destroy(); openssl_bio_initialized = 0; - +#if OPENSSL_VERSION_NUMBER < 0x10100000L ERR_remove_state(0); +#endif FIPS_mode_set(0); CRYPTO_set_locking_callback(NULL); diff --git a/librabbitmq/amqp_openssl_hostname_validation.c b/librabbitmq/amqp_openssl_hostname_validation.c index ea61186b0..3bac7c9e0 100644 --- a/librabbitmq/amqp_openssl_hostname_validation.c +++ b/librabbitmq/amqp_openssl_hostname_validation.c @@ -70,8 +70,11 @@ static amqp_hostname_validation_result amqp_matches_common_name( if (common_name_asn1 == NULL) { return AMQP_HVR_ERROR; } +#if OPENSSL_VERSION_NUMBER < 0x10100000L common_name_str = (char *)ASN1_STRING_data(common_name_asn1); - +#else + common_name_str = (char *)ASN1_STRING_get0_data(common_name_asn1); +#endif // Make sure there isn't an embedded NUL character in the CN if ((size_t)ASN1_STRING_length(common_name_asn1) != strlen(common_name_str)) { return AMQP_HVR_MALFORMED_CERTIFICATE; @@ -117,7 +120,12 @@ static amqp_hostname_validation_result amqp_matches_subject_alternative_name( if (current_name->type == GEN_DNS) { // Current name is a DNS name, let's check it + +#if OPENSSL_VERSION_NUMBER < 0x10100000L char *dns_name = (char *)ASN1_STRING_data(current_name->d.dNSName); +#else + char *dns_name = (char *)ASN1_STRING_get0_data(current_name->d.dNSName); +#endif // Make sure there isn't an embedded NUL character in the DNS name if ((size_t)ASN1_STRING_length(current_name->d.dNSName) != From 7d046ade44a39c7a577b11bceee2b5a90f0a1e62 Mon Sep 17 00:00:00 2001 From: Jean-Baptiste NAHAN Date: Mon, 12 Mar 2018 15:26:20 +0100 Subject: [PATCH 3/7] fix last error for build --- librabbitmq/amqp_openssl_bio.c | 2 +- librabbitmq/amqp_openssl_hostname_validation.c | 1 + 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/librabbitmq/amqp_openssl_bio.c b/librabbitmq/amqp_openssl_bio.c index 91a46bb51..6c11dbe9f 100644 --- a/librabbitmq/amqp_openssl_bio.c +++ b/librabbitmq/amqp_openssl_bio.c @@ -147,7 +147,7 @@ int amqp_openssl_bio_init(void) { return AMQP_STATUS_NO_MEMORY; } - BIO_METHOD *meth = BIO_s_socket(); + BIO_METHOD *meth = (BIO_METHOD *) BIO_s_socket(); BIO_meth_set_create(amqp_bio_method, BIO_meth_get_create(meth)); BIO_meth_set_destroy(amqp_bio_method, BIO_meth_get_destroy(meth)); BIO_meth_set_ctrl(amqp_bio_method, BIO_meth_get_ctrl(meth)); diff --git a/librabbitmq/amqp_openssl_hostname_validation.c b/librabbitmq/amqp_openssl_hostname_validation.c index 3bac7c9e0..f2461bd57 100644 --- a/librabbitmq/amqp_openssl_hostname_validation.c +++ b/librabbitmq/amqp_openssl_hostname_validation.c @@ -27,6 +27,7 @@ * https://wiki.openssl.org/index.php/Hostname_validation */ +#include #include #include From e67c00f90fe72e2fc087be9b4bbfda1589c2621d Mon Sep 17 00:00:00 2001 From: Jean-Baptiste NAHAN Date: Mon, 12 Mar 2018 15:35:55 +0100 Subject: [PATCH 4/7] fix typo --- librabbitmq/amqp_openssl.c | 2 +- librabbitmq/amqp_openssl_bio.c | 2 +- librabbitmq/amqp_openssl_hostname_validation.c | 4 ++-- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/librabbitmq/amqp_openssl.c b/librabbitmq/amqp_openssl.c index 245575639..ca4d1d5fe 100644 --- a/librabbitmq/amqp_openssl.c +++ b/librabbitmq/amqp_openssl.c @@ -576,7 +576,7 @@ static int setup_openssl(void) { CRYPTO_set_id_callback(ssl_threadid_callback); CRYPTO_set_locking_callback(ssl_locking_callback); #if OPENSSL_VERSION_NUMBER < 0x10100000L - OPENSSL_config(NULL); + OPENSSL_config(NULL); #endif SSL_library_init(); SSL_load_error_strings(); diff --git a/librabbitmq/amqp_openssl_bio.c b/librabbitmq/amqp_openssl_bio.c index 6c11dbe9f..023f2d1b5 100644 --- a/librabbitmq/amqp_openssl_bio.c +++ b/librabbitmq/amqp_openssl_bio.c @@ -147,7 +147,7 @@ int amqp_openssl_bio_init(void) { return AMQP_STATUS_NO_MEMORY; } - BIO_METHOD *meth = (BIO_METHOD *) BIO_s_socket(); + BIO_METHOD *meth = (BIO_METHOD *)BIO_s_socket(); BIO_meth_set_create(amqp_bio_method, BIO_meth_get_create(meth)); BIO_meth_set_destroy(amqp_bio_method, BIO_meth_get_destroy(meth)); BIO_meth_set_ctrl(amqp_bio_method, BIO_meth_get_ctrl(meth)); diff --git a/librabbitmq/amqp_openssl_hostname_validation.c b/librabbitmq/amqp_openssl_hostname_validation.c index f2461bd57..4aff7bcd8 100644 --- a/librabbitmq/amqp_openssl_hostname_validation.c +++ b/librabbitmq/amqp_openssl_hostname_validation.c @@ -27,9 +27,9 @@ * https://wiki.openssl.org/index.php/Hostname_validation */ -#include #include #include +#include #include "amqp_hostcheck.h" #include "amqp_openssl_hostname_validation.h" @@ -120,8 +120,8 @@ static amqp_hostname_validation_result amqp_matches_subject_alternative_name( const GENERAL_NAME *current_name = sk_GENERAL_NAME_value(san_names, i); if (current_name->type == GEN_DNS) { - // Current name is a DNS name, let's check it +// Current name is a DNS name, let's check it #if OPENSSL_VERSION_NUMBER < 0x10100000L char *dns_name = (char *)ASN1_STRING_data(current_name->d.dNSName); #else From 483c63711b1f79679b11f6951e0031865afb7e51 Mon Sep 17 00:00:00 2001 From: Jean-Baptiste NAHAN Date: Mon, 12 Mar 2018 16:10:28 +0100 Subject: [PATCH 5/7] add appveyor config --- appveyor.yml | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/appveyor.yml b/appveyor.yml index 7be4e8f86..59cfd971d 100644 --- a/appveyor.yml +++ b/appveyor.yml @@ -13,6 +13,18 @@ environment: cache: - c:\deps -> appveyor.yml + +# borrowed from https://github.com/FreeTDS/freetds +install: + # xidel (xpath command line tool) + - appveyor DownloadFile "http://nbtelecom.dl.sourceforge.net/project/videlibri/Xidel/Xidel 0.9/xidel-0.9.win32.zip" + - 7z x xidel-0.9.win32.zip xidel.exe + # detect version of Windows OpenSSL binaries published by the Shining Light Productions crew + - xidel https://slproweb.com/products/Win32OpenSSL.html --extract "(//td/a[starts-with(@href, '/download') and starts-with(text(), 'Win32 OpenSSL') and ends-with(text(), 'Light')])[1]/translate(substring-before(substring-after(text(), 'Win32 OpenSSL v'), ' Light'), '.', '_')" > openssl_ver.txt + - set /P OPENSSL_VER=< openssl_ver.txt + # OpenSSL + - appveyor DownloadFile https://slproweb.com/download/Win%BITS%OpenSSL-%OPENSSL_VER%.exe + - "Win%BITS%OpenSSL-%OPENSSL_VER%.exe /SP- /SILENT /SUPPRESSMSGBOXES /NORESTART" before_build: - cmake -DBUILD_SHARED_LIBS=ON -DBUILD_STATIC_LIBS=ON -DBUILD_TESTS=ON -DENABLE_SSL_SUPPORT=True -G"%GENERATOR%" . From 01d55798a04fe8b70afd39e97c207c2be0974f14 Mon Sep 17 00:00:00 2001 From: Jean-Baptiste NAHAN Date: Mon, 12 Mar 2018 16:14:31 +0100 Subject: [PATCH 6/7] add appveyor config --- appveyor.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/appveyor.yml b/appveyor.yml index 59cfd971d..e38966215 100644 --- a/appveyor.yml +++ b/appveyor.yml @@ -26,6 +26,7 @@ install: - appveyor DownloadFile https://slproweb.com/download/Win%BITS%OpenSSL-%OPENSSL_VER%.exe - "Win%BITS%OpenSSL-%OPENSSL_VER%.exe /SP- /SILENT /SUPPRESSMSGBOXES /NORESTART" + before_build: - cmake -DBUILD_SHARED_LIBS=ON -DBUILD_STATIC_LIBS=ON -DBUILD_TESTS=ON -DENABLE_SSL_SUPPORT=True -G"%GENERATOR%" . From 42d0f238c27e3f36732285d3e9424e239a165a8f Mon Sep 17 00:00:00 2001 From: Jean-Baptiste NAHAN Date: Mon, 12 Mar 2018 16:23:55 +0100 Subject: [PATCH 7/7] change download openssl version --- appveyor.yml | 7 +------ 1 file changed, 1 insertion(+), 6 deletions(-) diff --git a/appveyor.yml b/appveyor.yml index e38966215..3de28d5ee 100644 --- a/appveyor.yml +++ b/appveyor.yml @@ -5,6 +5,7 @@ version: '{build}' clone_depth: 50 environment: + OPENSSL_VER: 1_1_0g matrix: - GENERATOR: Visual Studio 12 Win64 BITS: 64 @@ -16,12 +17,6 @@ cache: # borrowed from https://github.com/FreeTDS/freetds install: - # xidel (xpath command line tool) - - appveyor DownloadFile "http://nbtelecom.dl.sourceforge.net/project/videlibri/Xidel/Xidel 0.9/xidel-0.9.win32.zip" - - 7z x xidel-0.9.win32.zip xidel.exe - # detect version of Windows OpenSSL binaries published by the Shining Light Productions crew - - xidel https://slproweb.com/products/Win32OpenSSL.html --extract "(//td/a[starts-with(@href, '/download') and starts-with(text(), 'Win32 OpenSSL') and ends-with(text(), 'Light')])[1]/translate(substring-before(substring-after(text(), 'Win32 OpenSSL v'), ' Light'), '.', '_')" > openssl_ver.txt - - set /P OPENSSL_VER=< openssl_ver.txt # OpenSSL - appveyor DownloadFile https://slproweb.com/download/Win%BITS%OpenSSL-%OPENSSL_VER%.exe - "Win%BITS%OpenSSL-%OPENSSL_VER%.exe /SP- /SILENT /SUPPRESSMSGBOXES /NORESTART"