New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

crypto: use SSL_get_SSL_CTX. #8995

Closed
wants to merge 1 commit into
base: master
from

Conversation

Projects
None yet
7 participants
@agl
Contributor

agl commented Oct 9, 2016

Checklist
  • make -j8 test (UNIX), or vcbuild test nosign (Windows) passes
  • tests and/or benchmarks are included
  • documentation is changed or added
  • commit message follows commit guidelines
Affected core subsystem(s)

crypto

Description of change

SSL_get_SSL_CTX returns the SSL_CTX for an SSL. Previously the code
accessed ssl->ctx directly, but that's no longer possible with OpenSSL
1.1.0.

SSL_get_SSL_CTX exists all the way back to (at least) OpenSSL 0.9.8 and
so this change should be fully compatible.

crypto: use SSL_get_SSL_CTX.
SSL_get_SSL_CTX returns the SSL_CTX for an SSL. Previously the code
accessed |ssl->ctx| directly, but that's no longer possible with OpenSSL
1.1.0.

SSL_get_SSL_CTX exists all the way back to (at least) OpenSSL 0.9.8 and
so this change should be fully compatible.

@mscdex mscdex added crypto tls and removed crypto labels Oct 9, 2016

@mscdex

This comment has been minimized.

Contributor

mscdex commented Oct 9, 2016

@bnoordhuis

LGTM. CI seems to be unreachable at the moment.

@indutny

LGTM

@shigeki

This comment has been minimized.

Contributor

shigeki commented Oct 12, 2016

@shigeki

CI icons show they are still in progress on Linux platforms but I confirmed all tests were finished and green. FreeBSD failures were due to npm install errors so they are nothing to do with this. LTGM

shigeki added a commit that referenced this pull request Oct 12, 2016

crypto: use SSL_get_SSL_CTX.
SSL_get_SSL_CTX returns the SSL_CTX for an SSL. Previously the code
accessed |ssl->ctx| directly, but that's no longer possible with OpenSSL
1.1.0.

SSL_get_SSL_CTX exists all the way back to (at least) OpenSSL 0.9.8 and
so this change should be fully compatible.

PR-URL: #8995
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Fedor Indutny <fedor@indutny.com>
Reviewed-By: Shigeki Ohtsu <ohtsu@ohtsu.org>
@shigeki

This comment has been minimized.

Contributor

shigeki commented Oct 12, 2016

Landed in 499d058.
@agl Thanks. Please let us know to what version do you want this to be backported.

@shigeki shigeki closed this Oct 12, 2016

jasnell added a commit that referenced this pull request Oct 12, 2016

crypto: use SSL_get_SSL_CTX.
SSL_get_SSL_CTX returns the SSL_CTX for an SSL. Previously the code
accessed |ssl->ctx| directly, but that's no longer possible with OpenSSL
1.1.0.

SSL_get_SSL_CTX exists all the way back to (at least) OpenSSL 0.9.8 and
so this change should be fully compatible.

PR-URL: #8995
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Fedor Indutny <fedor@indutny.com>
Reviewed-By: Shigeki Ohtsu <ohtsu@ohtsu.org>
@MylesBorins

This comment has been minimized.

Member

MylesBorins commented Nov 11, 2016

@shigeki / @jasnell should this be backported? It lands cleanly on v6 but not on v4. My gut is to say just land it cleanly on v6 but avoid v4... just in case of future security changes we can limit the delta in the implementations.

Thoughts?

@indutny

This comment has been minimized.

Member

indutny commented Nov 11, 2016

@thealphanerd this isn't necessary for v4, I'd go with v6, though.

MylesBorins added a commit that referenced this pull request Nov 11, 2016

crypto: use SSL_get_SSL_CTX.
SSL_get_SSL_CTX returns the SSL_CTX for an SSL. Previously the code
accessed |ssl->ctx| directly, but that's no longer possible with OpenSSL
1.1.0.

SSL_get_SSL_CTX exists all the way back to (at least) OpenSSL 0.9.8 and
so this change should be fully compatible.

PR-URL: #8995
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Fedor Indutny <fedor@indutny.com>
Reviewed-By: Shigeki Ohtsu <ohtsu@ohtsu.org>

@MylesBorins MylesBorins referenced this pull request Nov 22, 2016

Merged

v6.9.2 proposal #9735

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment