ruby--ruby/ext/openssl/openssl_missing.h

/*
 * 'OpenSSL for Ruby' project
 * Copyright (C) 2001-2002  Michal Rokos <m.rokos@sh.cvut.cz>
 * All rights reserved.
 */
/*
 * This program is licensed under the same licence as Ruby.
 * (See the file 'LICENCE'.)
 */
#if !defined(_OSSL_OPENSSL_MISSING_H_)
#define _OSSL_OPENSSL_MISSING_H_

/* added in 1.0.0 */
#if !defined(HAVE_EVP_CIPHER_CTX_COPY)
int EVP_CIPHER_CTX_copy(EVP_CIPHER_CTX *out, const EVP_CIPHER_CTX *in);
#endif

#if !defined(HAVE_HMAC_CTX_COPY)
void HMAC_CTX_copy(HMAC_CTX *out, HMAC_CTX *in);
#endif

/* added in 1.0.2 */
#if !defined(OPENSSL_NO_EC)
#if !defined(HAVE_EC_CURVE_NIST2NID)
int EC_curve_nist2nid(const char *);
#endif
#endif

#if !defined(HAVE_X509_REVOKED_DUP)
# define X509_REVOKED_dup(rev) (X509_REVOKED *)ASN1_dup((i2d_of_void *)i2d_X509_REVOKED, \
	(d2i_of_void *)d2i_X509_REVOKED, (char *)(rev))
#endif

/* added in 1.1.0 */
#if !defined(HAVE_X509_STORE_GET_EX_DATA)
#  define X509_STORE_get_ex_data(x, idx) \
	CRYPTO_get_ex_data(&(x)->ex_data, (idx))
#endif

#if !defined(HAVE_X509_STORE_SET_EX_DATA)
#  define X509_STORE_set_ex_data(x, idx, data) \
	CRYPTO_set_ex_data(&(x)->ex_data, (idx), (data))
#  define X509_STORE_get_ex_new_index(l, p, newf, dupf, freef) \
	CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_X509_STORE, (l), (p), \
				(newf), (dupf), (freef))
#endif

#if !defined(HAVE_X509_UP_REF)
#  define X509_up_ref(x) \
	CRYPTO_add(&(x)->references, 1, CRYPTO_LOCK_X509)
#endif

#if !defined(HAVE_X509_CRL_UP_REF)
#  define X509_CRL_up_ref(x) \
	CRYPTO_add(&(x)->references, 1, CRYPTO_LOCK_X509_CRL);
#endif

#if !defined(HAVE_X509_STORE_UP_REF)
#  define X509_STORE_up_ref(x) \
	CRYPTO_add(&(x)->references, 1, CRYPTO_LOCK_X509_STORE);
#endif

#if !defined(HAVE_SSL_SESSION_UP_REF)
#  define SSL_SESSION_up_ref(x) \
	CRYPTO_add(&(x)->references, 1, CRYPTO_LOCK_SSL_SESSION);
#endif

#if !defined(HAVE_EVP_PKEY_UP_REF)
#  define EVP_PKEY_up_ref(x) \
	CRYPTO_add(&(x)->references, 1, CRYPTO_LOCK_EVP_PKEY);
#endif

#endif /* _OSSL_OPENSSL_MISSING_H_ */
* ext/openssl: imported. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@4128 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2003-07-23 12:12:24 -04:00			`/*`
			`* 'OpenSSL for Ruby' project`
			`* Copyright (C) 2001-2002 Michal Rokos <m.rokos@sh.cvut.cz>`
			`* All rights reserved.`
			`*/`
			`/*`
* ext/openssl/: use license instead of licence. [fix GH-876][ci skip] Patch by @davydovanton lib/net/https.rb: ditto. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@50351 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2015-04-19 23:55:09 -04:00			`* This program is licensed under the same licence as Ruby.`
* ext/openssl: imported. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@4128 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2003-07-23 12:12:24 -04:00			`* (See the file 'LICENCE'.)`
			`*/`
			`#if !defined(_OSSL_OPENSSL_MISSING_H_)`
			`#define _OSSL_OPENSSL_MISSING_H_`

openssl: drop OpenSSL 0.9.6/0.9.7 support * ext/openssl, test/openssl: Drop OpenSSL < 0.9.8 support. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55162 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2016-05-25 04:50:03 -04:00			`/* added in 1.0.0 */`
			`#if !defined(HAVE_EVP_CIPHER_CTX_COPY)`
			`int EVP_CIPHER_CTX_copy(EVP_CIPHER_CTX out, const EVP_CIPHER_CTX in);`
* ext/openssl/openssl_missing.c (HMAC_CTX_copy): adopted to prototype change in openssl bundled with newer OpenBSD. a patch from Takahiro Kambe <taca at back-street.net> in [ruby-dev:34691]. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@16422 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2008-05-15 05:44:38 -04:00			`#endif`

			`#if !defined(HAVE_HMAC_CTX_COPY)`
			`void HMAC_CTX_copy(HMAC_CTX out, HMAC_CTX in);`
			`#endif`

openssl: drop OpenSSL 0.9.6/0.9.7 support * ext/openssl, test/openssl: Drop OpenSSL < 0.9.8 support. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55162 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2016-05-25 04:50:03 -04:00			`/* added in 1.0.2 */`
openssl: add SSLContext#ecdh_curves= * ext/openssl/ossl_ssl.c (ossl_sslctx_s_alloc): Enable the automatic curve selection for ECDH by calling SSL_CTX_set_ecdh_auto(). With this a TLS server automatically selects a curve which both the client and the server support to use in ECDH. This changes the default behavior but users can still disable ECDH by excluding 'ECDH' cipher suites from the cipher list (with SSLContext#ciphers=). This commit also deprecate #tmp_ecdh_callback=. It was added in Ruby 2.3.0. It wraps SSL_CTX_set_tmp_ecdh_callback() which will be removed in OpenSSL 1.1.0. Its callback receives two values 'is_export' and 'keylength' but both are completely useless for determining a curve to use in ECDH. The automatic curve selection was introduced to replace this. (ossl_sslctx_setup): Deprecate SSLContext#tmp_ecdh_callback=. Emit a warning if this is in use. (ossl_sslctx_set_ecdh_curves): Add SSLContext#ecdh_curves=. Wrap SSL_CTX_set1_curves_list(). If it is not available, this falls back to SSL_CTX_set_tmp_ecdh(). (Init_ossl_ssl): Define SSLContext#ecdh_curves=. * ext/openssl/extconf.rb: Check the existence of EC_curve_nist2nid(), SSL_CTX_set1_curves_list(), SSL_CTX_set_ecdh_auto() and SSL_CTX_set_tmp_ecdh_callback(). * ext/openssl/openssl_missing.[ch]: Implement EC_curve_nist2nid() if missing. * test/openssl/test_pair.rb (test_ecdh_callback): Use EnvUtil.suppress_warning to suppress deprecated warning. (test_ecdh_curves): Test that SSLContext#ecdh_curves= works. * test/openssl/utils.rb (start_server): Use SSLContext#ecdh_curves=. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55214 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2016-05-30 05:30:38 -04:00			`#if !defined(OPENSSL_NO_EC)`
			`#if !defined(HAVE_EC_CURVE_NIST2NID)`
			`int EC_curve_nist2nid(const char *);`
			`#endif`
			`#endif`

openssl: drop OpenSSL 0.9.6/0.9.7 support * ext/openssl, test/openssl: Drop OpenSSL < 0.9.8 support. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55162 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2016-05-25 04:50:03 -04:00			`#if !defined(HAVE_X509_REVOKED_DUP)`
			`# define X509_REVOKED_dup(rev) (X509_REVOKED )ASN1_dup((i2d_of_void )i2d_X509_REVOKED, \`
			`(d2i_of_void )d2i_X509_REVOKED, (char )(rev))`
* ext/openssl/extconf.rb: check for OPENSSL_cleanse. * ext/openssl/openssl_missing.h: ditto. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@8335 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2005-04-15 15:16:18 -04:00			`#endif`

openssl: drop OpenSSL 0.9.6/0.9.7 support * ext/openssl, test/openssl: Drop OpenSSL < 0.9.8 support. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55162 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2016-05-25 04:50:03 -04:00			`/* added in 1.1.0 */`
* Fixed wrong check of missing functions. Patch by Adrian Quark. ref #3400 The patch contains following comment: This patch should avoid unnecessary incompatibility with future versions of Openssl. Changes suggested by bmaher_at_amazon.com. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@29190 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2010-09-05 22:08:30 -04:00			`#if !defined(HAVE_X509_STORE_GET_EX_DATA)`
openssl: register ex_data index for X509_STORE{_CTX,} respectively * ext/openssl/ossl.c (Init_openssl): register an ex_data index for X509_STORE and X509_STORE_CTX respectively. Since they don't share the ex_data index registry, we can't use the same index. (ossl_verify_cb): use the the correct index. * ext/openssl/ossl_ssl.c (ossl_ssl_verify_callback): ditto. * ext/openssl/ossl_x509store.c (ossl_x509store_set_vfy_cb): ditto. (ossl_x509stctx_verify): ditto. * ext/openssl/ossl.h (void ossl_clear_error): add extern declarations of ossl_store_{ctx_,}ex_verify_cb_idx. * ext/openssl/openssl_missing.c: remove X509_STORE_set_ex_data and X509_STORE_get_ex_data. * ext/openssl/openssl_missing.h: implement X509_STORE_get_ex_data, X509_STORE_set_ex_data and X509_STORE_get_ex_new_index as macros. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55074 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2016-05-19 00:53:05 -04:00			`# define X509_STORE_get_ex_data(x, idx) \`
			`CRYPTO_get_ex_data(&(x)->ex_data, (idx))`
* Fixed wrong check of missing functions. Patch by Adrian Quark. ref #3400 The patch contains following comment: This patch should avoid unnecessary incompatibility with future versions of Openssl. Changes suggested by bmaher_at_amazon.com. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@29190 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2010-09-05 22:08:30 -04:00			`#endif`

			`#if !defined(HAVE_X509_STORE_SET_EX_DATA)`
openssl: register ex_data index for X509_STORE{_CTX,} respectively * ext/openssl/ossl.c (Init_openssl): register an ex_data index for X509_STORE and X509_STORE_CTX respectively. Since they don't share the ex_data index registry, we can't use the same index. (ossl_verify_cb): use the the correct index. * ext/openssl/ossl_ssl.c (ossl_ssl_verify_callback): ditto. * ext/openssl/ossl_x509store.c (ossl_x509store_set_vfy_cb): ditto. (ossl_x509stctx_verify): ditto. * ext/openssl/ossl.h (void ossl_clear_error): add extern declarations of ossl_store_{ctx_,}ex_verify_cb_idx. * ext/openssl/openssl_missing.c: remove X509_STORE_set_ex_data and X509_STORE_get_ex_data. * ext/openssl/openssl_missing.h: implement X509_STORE_get_ex_data, X509_STORE_set_ex_data and X509_STORE_get_ex_new_index as macros. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55074 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2016-05-19 00:53:05 -04:00			`# define X509_STORE_set_ex_data(x, idx, data) \`
			`CRYPTO_set_ex_data(&(x)->ex_data, (idx), (data))`
			`# define X509_STORE_get_ex_new_index(l, p, newf, dupf, freef) \`
			`CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_X509_STORE, (l), (p), \`
			`(newf), (dupf), (freef))`
* ext/openssl/openssl_missing.c (HMAC_CTX_copy): adopted to prototype change in openssl bundled with newer OpenBSD. a patch from Takahiro Kambe <taca at back-street.net> in [ruby-dev:34691]. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@16422 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2008-05-15 05:44:38 -04:00			`#endif`

openssl: support OpenSSL 1.1.0's new multi-threading API * ext/openssl/extconf.rb: Check absence of CRYPTO_lock() to see if the OpenSSL has the new threading API. In OpenSSL <= 1.0.2, an application had to set locking callbacks to use OpenSSL in a multi-threaded environment. OpenSSL 1.1.0 now finds pthreads or Windows threads so we don't need to do something special. [ruby-core:75225] [Feature #12324] Also check existence of _up_ref(). Some structures in OpenSSL have a reference counter. We used to increment it with CRYPTO_add() which is a part of the old API. ext/openssl/openssl_missing.h: Implement _up_ref() if missing. ext/openssl/ossl.c: Don't set locking callbacks if unneeded. * ext/openssl/ossl_pkey.c, ext/openssl/ossl_ssl.c, ext/openssl/ossl_x509cert.c, ext/openssl/ossl_x509crl.c, ext/openssl/ossl_x509store.c: Use *_up_ref() instead of CRYPTO_add(). git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55283 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2016-06-05 08:46:05 -04:00			`#if !defined(HAVE_X509_UP_REF)`
			`# define X509_up_ref(x) \`
			`CRYPTO_add(&(x)->references, 1, CRYPTO_LOCK_X509)`
			`#endif`

			`#if !defined(HAVE_X509_CRL_UP_REF)`
			`# define X509_CRL_up_ref(x) \`
			`CRYPTO_add(&(x)->references, 1, CRYPTO_LOCK_X509_CRL);`
			`#endif`

			`#if !defined(HAVE_X509_STORE_UP_REF)`
			`# define X509_STORE_up_ref(x) \`
			`CRYPTO_add(&(x)->references, 1, CRYPTO_LOCK_X509_STORE);`
			`#endif`

			`#if !defined(HAVE_SSL_SESSION_UP_REF)`
			`# define SSL_SESSION_up_ref(x) \`
			`CRYPTO_add(&(x)->references, 1, CRYPTO_LOCK_SSL_SESSION);`
			`#endif`

			`#if !defined(HAVE_EVP_PKEY_UP_REF)`
			`# define EVP_PKEY_up_ref(x) \`
			`CRYPTO_add(&(x)->references, 1, CRYPTO_LOCK_EVP_PKEY);`
			`#endif`

* ext/openssl: imported. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@4128 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2003-07-23 12:12:24 -04:00			`#endif /* _OSSL_OPENSSL_MISSING_H_ */`