Support for DH parameters

8 years ago · 5d4da09550
parent 340c4a445d
commit 5d4da09550
2 changed files with 49 additions and 14 deletions
--- a/25
+++ b/25
@ -1,7 +1,7 @@
 PWD = $(shell pwd)
 export CPATH = $(PWD)/openssl/include
 export LIBRARY_PATH = $(PWD)/openssl
-OPENSSL_VERSION = 1.0.1m
+OPENSSL_VERSION = 1.0.2d
 OPENSSL_DIR = openssl-$(OPENSSL_VERSION)
 RUBY_MAJOR_VERSION = 2.2
 RUBY_VERSION = $(RUBY_MAJOR_VERSION).2
@ -16,16 +16,22 @@ all: libs ext

 clean:
 	rm -rf $(RUBY_DIR) $(OPENSSL_DIR)
+clean-libs:
+	find $(OPENSSL_DIR) \( -name "*.o" -o -name "*.so" \) -delete
+	rm -f lib/libcrypto.so lib/libssl.so
+clean-ext:
+	find $(RUBY_OPENSSL_EXT_DIR) \( -name "*.o" -o -name "*.so" \) -delete
+	rm -f lib/openssl.so

 mr-proper: clean
-	rm -rf lib/libcrypto.so* lib/libssl.so* lib/openssl.so
+	rm -rf lib/libcrypto.so lib/libssl.so lib/openssl.so

 $(OPENSSL_DIR)/:
 	wget https://www.openssl.org/source/$(OPENSSL_DIR).tar.gz
 	tar xf $(OPENSSL_DIR).tar.gz
 	rm -rf $(OPENSSL_DIR).tar.gz

-$(OPENSSL_DIR)/Makefile: $(OPENSSL_DIR)/
+$(OPENSSL_DIR)/Makefile: | $(OPENSSL_DIR)/
 	cd $(OPENSSL_DIR); ./config shared

 $(OPENSSL_DIR)/libssl.so.1.0.0 $(OPENSSL_DIR)/libcrypto.so.1.0.0: $(OPENSSL_DIR)/Makefile
@ -34,19 +40,16 @@ $(OPENSSL_DIR)/libssl.so.1.0.0 $(OPENSSL_DIR)/libcrypto.so.1.0.0: $(OPENSSL_DIR)
 lib/%.so.1.0.0: $(OPENSSL_DIR)/%.so.1.0.0
 	cp $< $@

-lib/%.so: lib/%.so.1.0.0
-	ln -s $(notdir $<) $@
+libs: lib/libssl.so.1.0.0 lib/libcrypto.so.1.0.0

-libs: lib/libssl.so lib/libcrypto.so
-
-$(RUBY_DIR):
+$(RUBY_DIR)/:
 	wget http://cache.ruby-lang.org/pub/ruby/$(RUBY_MAJOR_VERSION)/$(RUBY_DIR).tar.gz
 	tar xf $(RUBY_DIR).tar.gz
 	rm -f $(RUBY_DIR).tar.gz

-$(RUBY_OPENSSL_EXT_DIR)/Makefile: libs $(RUBY_DIR)
+$(RUBY_OPENSSL_EXT_DIR)/Makefile: libs | $(RUBY_DIR)/
 	cd $(RUBY_OPENSSL_EXT_DIR); ruby extconf.rb
-	patch $@ patch
+	patch -p0 -d $(RUBY_OPENSSL_EXT_DIR) < patch

 $(RUBY_OPENSSL_EXT_DIR)/openssl.so: libs $(RUBY_OPENSSL_EXT_DIR)/Makefile
 	$(MAKE) -C $(RUBY_OPENSSL_EXT_DIR)
@ -54,4 +57,4 @@ $(RUBY_OPENSSL_EXT_DIR)/openssl.so: libs $(RUBY_OPENSSL_EXT_DIR)/Makefile
 lib/openssl.so: $(RUBY_OPENSSL_EXT_DIR)/openssl.so
 	cp $< $@

-ext: lib/openssl.so
+ext: lib/openssl.so
--- a/38
+++ b/38
@ -1,6 +1,6 @@
--- Makefile	2014-12-13 01:20:15.025576957 +0100
-+++ Makefile	2014-12-13 01:26:44.801203932 +0100
-@@ -60,6 +60,7 @@
+--- Makefile	2014-12-12 22:58:34.000000000 +0100
+++ Makefile	2015-08-03 23:40:32.177619138 +0200
+@@ -61,6 +61,7 @@
 sbindir = $(exec_prefix)/sbin
 bindir = $(exec_prefix)/bin
 archdir = $(rubyarchdir)
@ -8,3 +8,35 @@
 
 
 CC = gcc
+--- ossl_ssl.c	2014-12-12 22:58:34.000000000 +0100
+++ ossl_ssl.c	2015-08-03 23:40:32.177619138 +0200
+@@ -1878,6 +1878,19 @@
+ # endif
+ #endif /* !defined(OPENSSL_NO_SOCK) */
+
+#if OPENSSL_VERSION_NUMBER >= 0x10002000L
+static VALUE
+ossl_ssl_tmp_key(VALUE self)
+{
+       SSL *ssl;
+       EVP_PKEY *key;
+       ossl_ssl_data_get_struct(self, ssl);
+       if (!SSL_get_server_tmp_key(ssl, &key))
+               return Qnil;
+       return ossl_pkey_new(key);
+}
+#endif
+
+ void
+ Init_ossl_ssl(void)
+ {
+@@ -2238,6 +2241,9 @@
+     rb_define_method(cSSLSocket, "session=",    ossl_ssl_set_session, 1);
+     rb_define_method(cSSLSocket, "verify_result", ossl_ssl_get_verify_result, 0);
+     rb_define_method(cSSLSocket, "client_ca", ossl_ssl_get_client_ca_list, 0);
+#if OPENSSL_VERSION_NUMBER >= 0x10002000L
+    rb_define_method(cSSLSocket, "tmp_key", ossl_ssl_tmp_key, 0);
+#endif
+ # ifdef HAVE_OPENSSL_NPN_NEGOTIATED
+     rb_define_method(cSSLSocket, "npn_protocol", ossl_ssl_npn_protocol, 0);
+ # endif