mirror of
https://github.com/processone/ejabberd.git
synced 2024-10-07 14:58:56 +02:00
When using OTP R14, use public_key library instead of old ssl (EJAB-953)
This commit is contained in:
parent
0c95cf7e61
commit
12e00c57f9
@ -30,7 +30,7 @@ else
|
||||
INIT_USER=$(INSTALLUSER)
|
||||
endif
|
||||
|
||||
EFLAGS += @ERLANG_SSL39@ -pa .
|
||||
EFLAGS += @ERLANG_SSLVER@ -pa .
|
||||
|
||||
# make debug=true to compile Erlang module with debug informations.
|
||||
ifdef debug
|
||||
|
17
src/aclocal.m4
vendored
17
src/aclocal.m4
vendored
@ -121,7 +121,6 @@ AC_DEFUN(AM_WITH_ERLANG,
|
||||
-author('alexey@sevcom.net').
|
||||
|
||||
-export([[start/0]]).
|
||||
-include_lib("ssl/include/ssl_pkix.hrl").
|
||||
|
||||
start() ->
|
||||
EIDirS = code:lib_dir("erl_interface") ++ "\n",
|
||||
@ -130,11 +129,13 @@ start() ->
|
||||
file:write_file("conftest.out", list_to_binary(EIDirS ++ EILibS ++ ssldef() ++ RootDirS)),
|
||||
halt().
|
||||
|
||||
-[ifdef]('id-pkix').
|
||||
ssldef() -> "-DSSL39\n".
|
||||
-else.
|
||||
ssldef() -> "\n".
|
||||
-endif.
|
||||
ssldef() ->
|
||||
OTP = (catch erlang:system_info(otp_release)),
|
||||
if
|
||||
OTP >= "R14" -> "-DSSL40\n";
|
||||
OTP >= "R12" -> "-DSSL39\n";
|
||||
true -> ""
|
||||
end.
|
||||
|
||||
%% return physical architecture based on OS/Processor
|
||||
archname() ->
|
||||
@ -184,7 +185,7 @@ _EOF
|
||||
# Second line
|
||||
ERLANG_EI_LIB=`cat conftest.out | head -n 2 | tail -n 1`
|
||||
# Third line
|
||||
ERLANG_SSL39=`cat conftest.out | head -n 3 | tail -n 1`
|
||||
ERLANG_SSLVER=`cat conftest.out | head -n 3 | tail -n 1`
|
||||
# End line
|
||||
ERLANG_DIR=`cat conftest.out | tail -n 1`
|
||||
|
||||
@ -193,7 +194,7 @@ _EOF
|
||||
|
||||
AC_SUBST(ERLANG_CFLAGS)
|
||||
AC_SUBST(ERLANG_LIBS)
|
||||
AC_SUBST(ERLANG_SSL39)
|
||||
AC_SUBST(ERLANG_SSLVER)
|
||||
AC_SUBST(ERLC)
|
||||
AC_SUBST(ERL)
|
||||
])
|
||||
|
@ -48,6 +48,11 @@
|
||||
|
||||
-include("ejabberd.hrl").
|
||||
-include("jlib.hrl").
|
||||
-ifdef(SSL40).
|
||||
-include_lib("public_key/include/public_key.hrl").
|
||||
-define(PKIXEXPLICIT, 'OTP-PUB-KEY').
|
||||
-define(PKIXIMPLICIT, 'OTP-PUB-KEY').
|
||||
-else.
|
||||
-ifdef(SSL39).
|
||||
-include_lib("ssl/include/ssl_pkix.hrl").
|
||||
-define(PKIXEXPLICIT, 'OTP-PKIX').
|
||||
@ -58,6 +63,7 @@
|
||||
-define(PKIXEXPLICIT, 'PKIX1Explicit88').
|
||||
-define(PKIXIMPLICIT, 'PKIX1Implicit88').
|
||||
-endif.
|
||||
-endif.
|
||||
-include("XmppAddr.hrl").
|
||||
|
||||
-define(DICT, dict).
|
||||
|
@ -21,6 +21,7 @@ ifeq ($(shell uname),SunOs)
|
||||
DYNAMIC_LIB_CFLAGS = -KPIC -G -z text
|
||||
endif
|
||||
|
||||
EFLAGS += @ERLANG_SSLVER@
|
||||
EFLAGS += -I ..
|
||||
EFLAGS += -pz ..
|
||||
|
||||
|
@ -61,6 +61,13 @@
|
||||
-define(GET_VERIFY_RESULT, 8).
|
||||
-define(VERIFY_NONE, 16#10000).
|
||||
|
||||
-ifdef(SSL40).
|
||||
-define(CERT_DECODE, {public_key, pkix_decode_cert, plain}).
|
||||
-else.
|
||||
-define(CERT_DECODE, {ssl_pkix, decode_cert, [pkix]}).
|
||||
-endif.
|
||||
|
||||
|
||||
-record(tlssock, {tcpsock, tlsport}).
|
||||
|
||||
start() ->
|
||||
@ -232,7 +239,8 @@ close(#tlssock{tcpsock = TCPSocket, tlsport = Port}) ->
|
||||
get_peer_certificate(#tlssock{tlsport = Port}) ->
|
||||
case port_control(Port, ?GET_PEER_CERTIFICATE, []) of
|
||||
<<0, BCert/binary>> ->
|
||||
case catch ssl_pkix:decode_cert(BCert, [pkix]) of
|
||||
{CertMod, CertFun, CertSecondArg} = ?CERT_DECODE,
|
||||
case catch apply(CertMod, CertFun, [BCert, CertSecondArg]) of
|
||||
{ok, Cert} ->
|
||||
{ok, Cert};
|
||||
_ ->
|
||||
|
@ -9,7 +9,7 @@ LIBS = @LIBS@
|
||||
ERLANG_CFLAGS = @ERLANG_CFLAGS@
|
||||
ERLANG_LIBS = @ERLANG_LIBS@
|
||||
|
||||
EFLAGS += @ERLANG_SSL39@
|
||||
EFLAGS += @ERLANG_SSLVER@
|
||||
EFLAGS += -I ..
|
||||
EFLAGS += -pz ..
|
||||
|
||||
|
@ -66,11 +66,15 @@
|
||||
headers
|
||||
}).
|
||||
|
||||
-ifdef(SSL40).
|
||||
-define(STRING2LOWER, string).
|
||||
-else.
|
||||
-ifdef(SSL39).
|
||||
-define(STRING2LOWER, string).
|
||||
-else.
|
||||
-define(STRING2LOWER, httpd_util).
|
||||
-endif.
|
||||
-endif.
|
||||
|
||||
-record(state, {host, docroot, accesslog, accesslogfd, directory_indices,
|
||||
custom_headers, default_content_type, content_types = []}).
|
||||
|
Loading…
Reference in New Issue
Block a user