diff options
| author | joe <joe@61a7d7f5-40b7-0310-9c16-bb0ea8cb1845> | 2011-11-25 00:11:34 +0000 |
|---|---|---|
| committer | joe <joe@61a7d7f5-40b7-0310-9c16-bb0ea8cb1845> | 2011-11-25 00:11:34 +0000 |
| commit | 3f3a37da6c4d39252c5a90799a928ba6a628cd4e (patch) | |
| tree | 040977cbb120e3db0ac5ae3e078591b5e9e7cea1 | |
| parent | 64c8c180159b756941d350ac3c7f33be568c195b (diff) | |
| download | neon-3f3a37da6c4d39252c5a90799a928ba6a628cd4e.tar.gz | |
Fix build and test suite for OpenSSL without SSLv2 support.
* src/ne_openssl.c (ne_ssl_context_get_flag): New function.
(ne_ssl_context_create): Fix compile without SSLv2.
* src/ne_session.c (ne_set_session_flag): Retrieve SSLv2
flag value after setting it.
* src/ne_ssl.h, src/neon.vers: Add ne_ssl_context_get_flag.
* test/ssl.c (simple_sslv2): Retrieve flag setting and skip
test if it was not enabled.
git-svn-id: http://svn.webdav.org/repos/projects/neon/trunk@1865 61a7d7f5-40b7-0310-9c16-bb0ea8cb1845
| -rw-r--r-- | src/ne_openssl.c | 18 | ||||
| -rw-r--r-- | src/ne_session.c | 1 | ||||
| -rw-r--r-- | src/ne_ssl.h | 3 | ||||
| -rw-r--r-- | src/neon.vers | 1 | ||||
| -rw-r--r-- | test/ssl.c | 8 |
5 files changed, 31 insertions, 0 deletions
diff --git a/src/ne_openssl.c b/src/ne_openssl.c index 1abef3e..05254b1 100644 --- a/src/ne_openssl.c +++ b/src/ne_openssl.c @@ -569,8 +569,10 @@ ne_ssl_context *ne_ssl_context_create(int mode) ctx->ctx = SSL_CTX_new(SSLv23_server_method()); SSL_CTX_set_session_cache_mode(ctx->ctx, SSL_SESS_CACHE_CLIENT); } else { +#ifndef OPENSSL_NO_SSL2 ctx->ctx = SSL_CTX_new(SSLv2_server_method()); SSL_CTX_set_session_cache_mode(ctx->ctx, SSL_SESS_CACHE_CLIENT); +#endif } return ctx; } @@ -594,6 +596,22 @@ void ne_ssl_context_set_flag(ne_ssl_context *ctx, int flag, int value) SSL_CTX_set_options(ctx->ctx, opts); } +int ne_ssl_context_get_flag(ne_ssl_context *ctx, int flag) +{ + switch (flag) { + case NE_SSL_CTX_SSLv2: +#ifdef OPENSSL_NO_SSL2 + return 0; +#else + return ! (SSL_CTX_get_options(ctx->ctx); & SSL_OP_NO_SSLv2); +#endif + default: + break; + } + + return 0; +} + int ne_ssl_context_keypair(ne_ssl_context *ctx, const char *cert, const char *key) { diff --git a/src/ne_session.c b/src/ne_session.c index d9a8ed3..8e20eec 100644 --- a/src/ne_session.c +++ b/src/ne_session.c @@ -361,6 +361,7 @@ void ne_set_session_flag(ne_session *sess, ne_session_flag flag, int value) #ifdef NE_HAVE_SSL if (flag == NE_SESSFLAG_SSLv2 && sess->ssl_context) { ne_ssl_context_set_flag(sess->ssl_context, NE_SSL_CTX_SSLv2, value); + sess->flags[flag] = ne_ssl_context_get_flag(sess->ssl_context, NE_SSL_CTX_SSLv2); } #endif } diff --git a/src/ne_ssl.h b/src/ne_ssl.h index cc1f401..685b2c9 100644 --- a/src/ne_ssl.h +++ b/src/ne_ssl.h @@ -190,6 +190,9 @@ int ne_ssl_context_set_verify(ne_ssl_context *ctx, int required, /* Set a flag for the SSL context. */ void ne_ssl_context_set_flag(ne_ssl_context *ctx, int flag, int value); +/* Return flag value. */ +int ne_ssl_context_get_flag(ne_ssl_context *ctx, int flag); + /* Destroy an SSL context. */ void ne_ssl_context_destroy(ne_ssl_context *ctx); diff --git a/src/neon.vers b/src/neon.vers index 3064a9a..f813ae1 100644 --- a/src/neon.vers +++ b/src/neon.vers @@ -17,4 +17,5 @@ NEON_0_29 { NEON_0_30 { ne_ssl_clicert_import; ne_addr_canonical; + ne_ssl_context_get_flag; }; @@ -427,8 +427,16 @@ static int simple_sslv2(void) { ne_session *sess = ne_session_create("https", "localhost", 7777); struct ssl_server_args args = {SERVER_CERT, 0}; + args.use_ssl2 = 1; ne_set_session_flag(sess, NE_SESSFLAG_SSLv2, 1); + + if (ne_get_session_flag(sess, NE_SESSFLAG_SSLv2) != 1) { + t_context("no SSLv2 support in SSL library"); + ne_session_destroy(sess); + return SKIP; + } + CALL(any_ssl_request(sess, ssl_server, &args, CA_CERT, NULL, NULL)); ne_session_destroy(sess); return OK; |