serf-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Stefan Sperling (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (SERF-188) Stop using deprecated APIs when compiled with OpenSSL 1.1
Date Sun, 29 Oct 2017 10:31:00 GMT

    [ https://issues.apache.org/jira/browse/SERF-188?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16223938#comment-16223938
] 

Stefan Sperling commented on SERF-188:
--------------------------------------

There are some warnings, though:

buckets/ssl_buckets.c: In function 'validate_server_certificate':                        
                                     
buckets/ssl_buckets.c:879: warning: implicit declaration of function 'X509_STORE_CTX_get0_chain'
                              
buckets/ssl_buckets.c:879: warning: assignment makes pointer from integer without a cast 
                                     
buckets/ssl_buckets.c: In function 'init_ssl_libraries':                                 
                                     
buckets/ssl_buckets.c:1442: warning: statement with no effect   

> Stop using deprecated APIs when compiled with OpenSSL 1.1
> ---------------------------------------------------------
>
>                 Key: SERF-188
>                 URL: https://issues.apache.org/jira/browse/SERF-188
>             Project: serf
>          Issue Type: Improvement
>    Affects Versions: serf-trunk
>         Environment: OpenSSL 1.1.0f
>            Reporter: Quentin Minster
>            Priority: Minor
>              Labels: warnings
>         Attachments: serf-r1813663-openssl11-no-deprecated.patch
>
>
> Some OpenSSL APIs used by serf were removed from header files in OpenSSL 1.1. Serf still
builds (at least on my system), but throws a few warnings about calls to:
> * {{X509_get_notBefore()}}: replaced by {{X509_get0_notBefore()}}
> * {{X509_get_notAfter()}}: replaced by {{X509_get0_notAfter()}}
> * {{X509_STORE_CTX_get_chain()}}: replaced by {{X509_STORE_CTX_get0_chain()}}
> * {{SSLeay()}}: replaced by {{OpenSSL_version_num()}}
> * {{SSL_library_init()}}: replaced by {{OPENSSL_init_ssl()}}, but calling it is not required
since initialisation is automatic now
> * {{ERR_load_crypto_strings()}}: replaced by a flag passed to {{OPENSSL_init_crypto()}},
if called
> * {{SSL_load_error_strings()}}: replaced by a flag passed to {{OPENSSL_init_ssl()}},
if called
> * {{Openssl_add_all_algorithms()}}: not replaced
> The attached patch modifies {{buckets/ssl_buckets.c}} to use the new OpenSSL 1.1 APIs,
while still detecting and maintaining compatibility with the previous API.
> This patch has been tested on my OpenSSL 1.1 system, by doing a SVN check-out of a test
repository over HTTPS.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

Mime
View raw message