25
1
mirror of https://github.com/processone/ejabberd.git synced 2024-10-07 14:58:56 +02:00

When using OTP R14, use public_key library instead of old ssl (EJAB-953)

This commit is contained in:
Badlop 2010-07-09 20:02:29 +02:00
parent 0c95cf7e61
commit 12e00c57f9
7 changed files with 31 additions and 11 deletions

View File

@ -30,7 +30,7 @@ else
INIT_USER=$(INSTALLUSER)
endif
EFLAGS += @ERLANG_SSL39@ -pa .
EFLAGS += @ERLANG_SSLVER@ -pa .
# make debug=true to compile Erlang module with debug informations.
ifdef debug

17
src/aclocal.m4 vendored
View File

@ -121,7 +121,6 @@ AC_DEFUN(AM_WITH_ERLANG,
-author('alexey@sevcom.net').
-export([[start/0]]).
-include_lib("ssl/include/ssl_pkix.hrl").
start() ->
EIDirS = code:lib_dir("erl_interface") ++ "\n",
@ -130,11 +129,13 @@ start() ->
file:write_file("conftest.out", list_to_binary(EIDirS ++ EILibS ++ ssldef() ++ RootDirS)),
halt().
-[ifdef]('id-pkix').
ssldef() -> "-DSSL39\n".
-else.
ssldef() -> "\n".
-endif.
ssldef() ->
OTP = (catch erlang:system_info(otp_release)),
if
OTP >= "R14" -> "-DSSL40\n";
OTP >= "R12" -> "-DSSL39\n";
true -> ""
end.
%% return physical architecture based on OS/Processor
archname() ->
@ -184,7 +185,7 @@ _EOF
# Second line
ERLANG_EI_LIB=`cat conftest.out | head -n 2 | tail -n 1`
# Third line
ERLANG_SSL39=`cat conftest.out | head -n 3 | tail -n 1`
ERLANG_SSLVER=`cat conftest.out | head -n 3 | tail -n 1`
# End line
ERLANG_DIR=`cat conftest.out | tail -n 1`
@ -193,7 +194,7 @@ _EOF
AC_SUBST(ERLANG_CFLAGS)
AC_SUBST(ERLANG_LIBS)
AC_SUBST(ERLANG_SSL39)
AC_SUBST(ERLANG_SSLVER)
AC_SUBST(ERLC)
AC_SUBST(ERL)
])

View File

@ -48,6 +48,11 @@
-include("ejabberd.hrl").
-include("jlib.hrl").
-ifdef(SSL40).
-include_lib("public_key/include/public_key.hrl").
-define(PKIXEXPLICIT, 'OTP-PUB-KEY').
-define(PKIXIMPLICIT, 'OTP-PUB-KEY').
-else.
-ifdef(SSL39).
-include_lib("ssl/include/ssl_pkix.hrl").
-define(PKIXEXPLICIT, 'OTP-PKIX').
@ -58,6 +63,7 @@
-define(PKIXEXPLICIT, 'PKIX1Explicit88').
-define(PKIXIMPLICIT, 'PKIX1Implicit88').
-endif.
-endif.
-include("XmppAddr.hrl").
-define(DICT, dict).

View File

@ -21,6 +21,7 @@ ifeq ($(shell uname),SunOs)
DYNAMIC_LIB_CFLAGS = -KPIC -G -z text
endif
EFLAGS += @ERLANG_SSLVER@
EFLAGS += -I ..
EFLAGS += -pz ..

View File

@ -61,6 +61,13 @@
-define(GET_VERIFY_RESULT, 8).
-define(VERIFY_NONE, 16#10000).
-ifdef(SSL40).
-define(CERT_DECODE, {public_key, pkix_decode_cert, plain}).
-else.
-define(CERT_DECODE, {ssl_pkix, decode_cert, [pkix]}).
-endif.
-record(tlssock, {tcpsock, tlsport}).
start() ->
@ -232,7 +239,8 @@ close(#tlssock{tcpsock = TCPSocket, tlsport = Port}) ->
get_peer_certificate(#tlssock{tlsport = Port}) ->
case port_control(Port, ?GET_PEER_CERTIFICATE, []) of
<<0, BCert/binary>> ->
case catch ssl_pkix:decode_cert(BCert, [pkix]) of
{CertMod, CertFun, CertSecondArg} = ?CERT_DECODE,
case catch apply(CertMod, CertFun, [BCert, CertSecondArg]) of
{ok, Cert} ->
{ok, Cert};
_ ->

View File

@ -9,7 +9,7 @@ LIBS = @LIBS@
ERLANG_CFLAGS = @ERLANG_CFLAGS@
ERLANG_LIBS = @ERLANG_LIBS@
EFLAGS += @ERLANG_SSL39@
EFLAGS += @ERLANG_SSLVER@
EFLAGS += -I ..
EFLAGS += -pz ..

View File

@ -66,11 +66,15 @@
headers
}).
-ifdef(SSL40).
-define(STRING2LOWER, string).
-else.
-ifdef(SSL39).
-define(STRING2LOWER, string).
-else.
-define(STRING2LOWER, httpd_util).
-endif.
-endif.
-record(state, {host, docroot, accesslog, accesslogfd, directory_indices,
custom_headers, default_content_type, content_types = []}).