Skip to content

F
folly
Commit 5b35fe63 authored by Rosen Penev's avatar Rosen Penev Committed by Facebook Github Bot
Browse files
Options

Fix compilation without deprecated OpenSSL APIs 

Summary: Pull Request resolved: https://github.com/facebook/folly/pull/1127

Reviewed By: reanimus

Differential Revision: D15329439

Pulled By: yfeldblum

fbshipit-source-id: 6c639ef367be6adede2e6a1c487a8d89a146779d
parent 78ee6b85
Hide whitespace changes
Inline Side-by-side
Showing with 29 additions and 9 deletions
folly/io/async/ssl/OpenSSLUtils.cpp
View file @ 5b35fe63
...@@ -155,8 +155,10 @@ static std::unordered_map<uint16_t, std::string> getOpenSSLCipherNames() { ...@@ -155,8 +155,10 @@ static std::unordered_map<uint16_t, std::string> getOpenSSLCipherNames() {
SSL_CTX* ctx = nullptr; SSL_CTX* ctx = nullptr;
SSL* ssl = nullptr; SSL* ssl = nullptr;
const SSL_METHOD* meth = SSLv23_server_method(); const SSL_METHOD* meth = TLS_server_method();
#if OPENSSL_VERSION_NUMBER < 0x10100000L
OpenSSL_add_ssl_algorithms(); OpenSSL_add_ssl_algorithms();
#endif
if ((ctx = SSL_CTX_new(meth)) == nullptr) { if ((ctx = SSL_CTX_new(meth)) == nullptr) {
return ret; return ret;
......
folly/portability/OpenSSL.h
View file @ 5b35fe63
...@@ -27,6 +27,7 @@ ...@@ -27,6 +27,7 @@
#include <openssl/asn1.h> #include <openssl/asn1.h>
#include <openssl/bio.h> #include <openssl/bio.h>
#include <openssl/bn.h>
#include <openssl/crypto.h> #include <openssl/crypto.h>
#include <openssl/dh.h> #include <openssl/dh.h>
#include <openssl/err.h> #include <openssl/err.h>
...@@ -89,6 +90,17 @@ ...@@ -89,6 +90,17 @@
#define FOLLY_OPENSSL_HAS_TLS13 0 #define FOLLY_OPENSSL_HAS_TLS13 0
#endif #endif
#if !FOLLY_OPENSSL_IS_110
#define OPENSSL_VERSION SSLEAY_VERSION
#define OpenSSL_version SSLeay_version
#define OpenSSL_version_num SSLeay
#endif
#if !FOLLY_OPENSSL_IS_110
#define X509_get0_notAfter X509_get_notAfter
#define X509_get0_notBefore X509_get_notBefore
#endif
// This attempts to "unify" the OpenSSL libcrypto/libssl APIs between // This attempts to "unify" the OpenSSL libcrypto/libssl APIs between
// OpenSSL 1.0.2, 1.1.0 (and some earlier versions) and BoringSSL. The general // OpenSSL 1.0.2, 1.1.0 (and some earlier versions) and BoringSSL. The general
// idea is to provide namespaced wrapper methods for versions which do not // idea is to provide namespaced wrapper methods for versions which do not
......
folly/ssl/OpenSSLCertUtils.cpp
View file @ 5b35fe63
...@@ -156,11 +156,11 @@ folly::Optional<std::string> OpenSSLCertUtils::toString(X509& x509) { ...@@ -156,11 +156,11 @@ folly::Optional<std::string> OpenSSLCertUtils::toString(X509& x509) {
} }
std::string OpenSSLCertUtils::getNotAfterTime(X509& x509) { std::string OpenSSLCertUtils::getNotAfterTime(X509& x509) {
return getDateTimeStr(X509_get_notAfter(&x509)); return getDateTimeStr(X509_get0_notAfter(&x509));
} }
std::string OpenSSLCertUtils::getNotBeforeTime(X509& x509) { std::string OpenSSLCertUtils::getNotBeforeTime(X509& x509) {
return getDateTimeStr(X509_get_notBefore(&x509)); return getDateTimeStr(X509_get0_notBefore(&x509));
} }
std::string OpenSSLCertUtils::getDateTimeStr(const ASN1_TIME* time) { std::string OpenSSLCertUtils::getDateTimeStr(const ASN1_TIME* time) {
......
folly/ssl/OpenSSLVersionFinder.h
View file @ 5b35fe63
...@@ -25,7 +25,7 @@ namespace folly { ...@@ -25,7 +25,7 @@ namespace folly {
namespace ssl { namespace ssl {
inline std::string getOpenSSLLongVersion() { inline std::string getOpenSSLLongVersion() {
#ifdef OPENSSL_VERSION_TEXT #ifdef OPENSSL_VERSION_TEXT
return SSLeay_version(SSLEAY_VERSION); return OpenSSL_version(OPENSSL_VERSION);
#elif defined(OPENSSL_VERSION_NUMBER) #elif defined(OPENSSL_VERSION_NUMBER)
return folly::format("0x{:x}", OPENSSL_VERSION_NUMBER).str(); return folly::format("0x{:x}", OPENSSL_VERSION_NUMBER).str();
#else #else
...@@ -35,7 +35,7 @@ inline std::string getOpenSSLLongVersion() { ...@@ -35,7 +35,7 @@ inline std::string getOpenSSLLongVersion() {
inline uint64_t getOpenSSLNumericVersion() { inline uint64_t getOpenSSLNumericVersion() {
#ifdef OPENSSL_VERSION_NUMBER #ifdef OPENSSL_VERSION_NUMBER
return SSLeay(); return OpenSSL_version_num();
#else #else
return 0; return 0;
#endif #endif
......
folly/ssl/detail/OpenSSLThreading.cpp
View file @ 5b35fe63
...@@ -115,6 +115,7 @@ struct SSLLock { ...@@ -115,6 +115,7 @@ struct SSLLock {
// SSLContext runs in such environments. // SSLContext runs in such environments.
// Instead of declaring a static member we "new" the static // Instead of declaring a static member we "new" the static
// member so that it won't be destructed on exit(). // member so that it won't be destructed on exit().
#if !FOLLY_SSL_DETAIL_OPENSSL_IS_110
static std::unique_ptr<SSLLock[]>& locks() { static std::unique_ptr<SSLLock[]>& locks() {
static auto locksInst = new std::unique_ptr<SSLLock[]>(); static auto locksInst = new std::unique_ptr<SSLLock[]>();
return *locksInst; return *locksInst;
...@@ -128,8 +129,8 @@ static void callbackLocking(int mode, int n, const char*, int) { ...@@ -128,8 +129,8 @@ static void callbackLocking(int mode, int n, const char*, int) {
} }
} }
static unsigned long callbackThreadID() { static void callbackThreadID(CRYPTO_THREADID* id) {
return static_cast<unsigned long>(folly::getCurrentThreadID()); return CRYPTO_THREADID_set_numeric(id, folly::getCurrentThreadID());
} }
static CRYPTO_dynlock_value* dyn_create(const char*, int) { static CRYPTO_dynlock_value* dyn_create(const char*, int) {
...@@ -150,28 +151,33 @@ dyn_lock(int mode, struct CRYPTO_dynlock_value* lock, const char*, int) { ...@@ -150,28 +151,33 @@ dyn_lock(int mode, struct CRYPTO_dynlock_value* lock, const char*, int) {
static void dyn_destroy(struct CRYPTO_dynlock_value* lock, const char*, int) { static void dyn_destroy(struct CRYPTO_dynlock_value* lock, const char*, int) {
delete lock; delete lock;
} }
#endif
void installThreadingLocks() { void installThreadingLocks() {
#if !FOLLY_SSL_DETAIL_OPENSSL_IS_110
// static locking // static locking
locks() = std::make_unique<SSLLock[]>(size_t(CRYPTO_num_locks())); locks() = std::make_unique<SSLLock[]>(size_t(CRYPTO_num_locks()));
for (auto it : lockTypes()) { for (auto it : lockTypes()) {
locks()[size_t(it.first)].lockType = it.second; locks()[size_t(it.first)].lockType = it.second;
} }
CRYPTO_set_id_callback(callbackThreadID); CRYPTO_THREADID_set_callback(callbackThreadID);
CRYPTO_set_locking_callback(callbackLocking); CRYPTO_set_locking_callback(callbackLocking);
// dynamic locking // dynamic locking
CRYPTO_set_dynlock_create_callback(dyn_create); CRYPTO_set_dynlock_create_callback(dyn_create);
CRYPTO_set_dynlock_lock_callback(dyn_lock); CRYPTO_set_dynlock_lock_callback(dyn_lock);
CRYPTO_set_dynlock_destroy_callback(dyn_destroy); CRYPTO_set_dynlock_destroy_callback(dyn_destroy);
#endif
} }
void cleanupThreadingLocks() { void cleanupThreadingLocks() {
CRYPTO_set_id_callback(nullptr); #if !FOLLY_SSL_DETAIL_OPENSSL_IS_110
CRYPTO_THREADID_set_callback(nullptr);
CRYPTO_set_locking_callback(nullptr); CRYPTO_set_locking_callback(nullptr);
CRYPTO_set_dynlock_create_callback(nullptr); CRYPTO_set_dynlock_create_callback(nullptr);
CRYPTO_set_dynlock_lock_callback(nullptr); CRYPTO_set_dynlock_lock_callback(nullptr);
CRYPTO_set_dynlock_destroy_callback(nullptr); CRYPTO_set_dynlock_destroy_callback(nullptr);
locks().reset(); locks().reset();
#endif
} }
} // namespace detail } // namespace detail
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment