Browse Source

Support for DH parameters

master
Nicolas Vinot 3 years ago
parent
commit
5d4da09550
2 changed files with 49 additions and 14 deletions
  1. 14
    11
      Makefile
  2. 35
    3
      patch

+ 14
- 11
Makefile View File

@@ -1,7 +1,7 @@
1 1
 PWD = $(shell pwd)
2 2
 export CPATH = $(PWD)/openssl/include
3 3
 export LIBRARY_PATH = $(PWD)/openssl
4
-OPENSSL_VERSION = 1.0.1m
4
+OPENSSL_VERSION = 1.0.2d
5 5
 OPENSSL_DIR = openssl-$(OPENSSL_VERSION)
6 6
 RUBY_MAJOR_VERSION = 2.2
7 7
 RUBY_VERSION = $(RUBY_MAJOR_VERSION).2
@@ -16,16 +16,22 @@ all: libs ext
16 16
 
17 17
 clean:
18 18
 	rm -rf $(RUBY_DIR) $(OPENSSL_DIR)
19
+clean-libs:
20
+	find $(OPENSSL_DIR) \( -name "*.o" -o -name "*.so" \) -delete
21
+	rm -f lib/libcrypto.so lib/libssl.so
22
+clean-ext:
23
+	find $(RUBY_OPENSSL_EXT_DIR) \( -name "*.o" -o -name "*.so" \) -delete
24
+	rm -f lib/openssl.so
19 25
 
20 26
 mr-proper: clean
21
-	rm -rf lib/libcrypto.so* lib/libssl.so* lib/openssl.so
27
+	rm -rf lib/libcrypto.so lib/libssl.so lib/openssl.so
22 28
 
23 29
 $(OPENSSL_DIR)/:
24 30
 	wget https://www.openssl.org/source/$(OPENSSL_DIR).tar.gz
25 31
 	tar xf $(OPENSSL_DIR).tar.gz
26 32
 	rm -rf $(OPENSSL_DIR).tar.gz
27 33
 
28
-$(OPENSSL_DIR)/Makefile: $(OPENSSL_DIR)/
34
+$(OPENSSL_DIR)/Makefile: | $(OPENSSL_DIR)/
29 35
 	cd $(OPENSSL_DIR); ./config shared
30 36
 
31 37
 $(OPENSSL_DIR)/libssl.so.1.0.0 $(OPENSSL_DIR)/libcrypto.so.1.0.0: $(OPENSSL_DIR)/Makefile
@@ -34,19 +40,16 @@ $(OPENSSL_DIR)/libssl.so.1.0.0 $(OPENSSL_DIR)/libcrypto.so.1.0.0: $(OPENSSL_DIR)
34 40
 lib/%.so.1.0.0: $(OPENSSL_DIR)/%.so.1.0.0
35 41
 	cp $< $@
36 42
 
37
-lib/%.so: lib/%.so.1.0.0
38
-	ln -s $(notdir $<) $@
43
+libs: lib/libssl.so.1.0.0 lib/libcrypto.so.1.0.0
39 44
 
40
-libs: lib/libssl.so lib/libcrypto.so
41
-
42
-$(RUBY_DIR):
45
+$(RUBY_DIR)/:
43 46
 	wget http://cache.ruby-lang.org/pub/ruby/$(RUBY_MAJOR_VERSION)/$(RUBY_DIR).tar.gz
44 47
 	tar xf $(RUBY_DIR).tar.gz
45 48
 	rm -f $(RUBY_DIR).tar.gz
46 49
 
47
-$(RUBY_OPENSSL_EXT_DIR)/Makefile: libs $(RUBY_DIR)
50
+$(RUBY_OPENSSL_EXT_DIR)/Makefile: libs | $(RUBY_DIR)/
48 51
 	cd $(RUBY_OPENSSL_EXT_DIR); ruby extconf.rb
49
-	patch $@ patch
52
+	patch -p0 -d $(RUBY_OPENSSL_EXT_DIR) < patch
50 53
 
51 54
 $(RUBY_OPENSSL_EXT_DIR)/openssl.so: libs $(RUBY_OPENSSL_EXT_DIR)/Makefile
52 55
 	$(MAKE) -C $(RUBY_OPENSSL_EXT_DIR)
@@ -54,4 +57,4 @@ $(RUBY_OPENSSL_EXT_DIR)/openssl.so: libs $(RUBY_OPENSSL_EXT_DIR)/Makefile
54 57
 lib/openssl.so: $(RUBY_OPENSSL_EXT_DIR)/openssl.so
55 58
 	cp $< $@
56 59
 
57
-ext: lib/openssl.so
60
+ext: lib/openssl.so

+ 35
- 3
patch View File

@@ -1,6 +1,6 @@
1
---- Makefile	2014-12-13 01:20:15.025576957 +0100
2
-+++ Makefile	2014-12-13 01:26:44.801203932 +0100
3
-@@ -60,6 +60,7 @@
1
+--- Makefile	2014-12-12 22:58:34.000000000 +0100
2
++++ Makefile	2015-08-03 23:40:32.177619138 +0200
3
+@@ -61,6 +61,7 @@
4 4
  sbindir = $(exec_prefix)/sbin
5 5
  bindir = $(exec_prefix)/bin
6 6
  archdir = $(rubyarchdir)
@@ -8,3 +8,35 @@
8 8
  
9 9
  
10 10
  CC = gcc
11
+--- ossl_ssl.c	2014-12-12 22:58:34.000000000 +0100
12
++++ ossl_ssl.c	2015-08-03 23:40:32.177619138 +0200
13
+@@ -1878,6 +1878,19 @@
14
+ # endif
15
+ #endif /* !defined(OPENSSL_NO_SOCK) */
16
+
17
++#if OPENSSL_VERSION_NUMBER >= 0x10002000L
18
++static VALUE
19
++ossl_ssl_tmp_key(VALUE self)
20
++{
21
++       SSL *ssl;
22
++       EVP_PKEY *key;
23
++       ossl_ssl_data_get_struct(self, ssl);
24
++       if (!SSL_get_server_tmp_key(ssl, &key))
25
++               return Qnil;
26
++       return ossl_pkey_new(key);
27
++}
28
++#endif
29
++
30
+ void
31
+ Init_ossl_ssl(void)
32
+ {
33
+@@ -2238,6 +2241,9 @@
34
+     rb_define_method(cSSLSocket, "session=",    ossl_ssl_set_session, 1);
35
+     rb_define_method(cSSLSocket, "verify_result", ossl_ssl_get_verify_result, 0);
36
+     rb_define_method(cSSLSocket, "client_ca", ossl_ssl_get_client_ca_list, 0);
37
++#if OPENSSL_VERSION_NUMBER >= 0x10002000L
38
++    rb_define_method(cSSLSocket, "tmp_key", ossl_ssl_tmp_key, 0);
39
++#endif
40
+ # ifdef HAVE_OPENSSL_NPN_NEGOTIATED
41
+     rb_define_method(cSSLSocket, "npn_protocol", ossl_ssl_npn_protocol, 0);
42
+ # endif

Loading…
Cancel
Save