diff --git a/src/ssl/support.cc b/src/ssl/support.cc index 3ad135d..73912ce 100644 --- a/src/ssl/support.cc +++ b/src/ssl/support.cc @@ -557,7 +557,11 @@ Ssl::VerifyCallbackParameters::At(Security::Connection &sconn) } // "dup" function for SSL_get_ex_new_index("cert_err_check") -#if SQUID_USE_CONST_CRYPTO_EX_DATA_DUP +#if OPENSSL_VERSION_MAJOR >= 3 +static int +ssl_dupAclChecklist(CRYPTO_EX_DATA *, const CRYPTO_EX_DATA *, void **, + int, long, void *) +#elif SQUID_USE_CONST_CRYPTO_EX_DATA_DUP static int ssl_dupAclChecklist(CRYPTO_EX_DATA *, const CRYPTO_EX_DATA *, void *, int, long, void *) diff --git a/src/security/PeerOptions.cc b/src/security/PeerOptions.cc index cf1d4ba..4346ba5 100644 --- a/src/security/PeerOptions.cc +++ b/src/security/PeerOptions.cc @@ -297,130 +297,130 @@ static struct ssl_option { } ssl_options[] = { -#if SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG +#ifdef SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG { "NETSCAPE_REUSE_CIPHER_CHANGE_BUG", SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG }, #endif -#if SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG +#ifdef SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG { "SSLREF2_REUSE_CERT_TYPE_BUG", SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG }, #endif -#if SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER +#ifdef SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER { "MICROSOFT_BIG_SSLV3_BUFFER", SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER }, #endif -#if SSL_OP_SSLEAY_080_CLIENT_DH_BUG +#ifdef SSL_OP_SSLEAY_080_CLIENT_DH_BUG { "SSLEAY_080_CLIENT_DH_BUG", SSL_OP_SSLEAY_080_CLIENT_DH_BUG }, #endif -#if SSL_OP_TLS_D5_BUG +#ifdef SSL_OP_TLS_D5_BUG { "TLS_D5_BUG", SSL_OP_TLS_D5_BUG }, #endif -#if SSL_OP_TLS_BLOCK_PADDING_BUG +#ifdef SSL_OP_TLS_BLOCK_PADDING_BUG { "TLS_BLOCK_PADDING_BUG", SSL_OP_TLS_BLOCK_PADDING_BUG }, #endif -#if SSL_OP_TLS_ROLLBACK_BUG +#ifdef SSL_OP_TLS_ROLLBACK_BUG { "TLS_ROLLBACK_BUG", SSL_OP_TLS_ROLLBACK_BUG }, #endif -#if SSL_OP_ALL +#ifdef SSL_OP_ALL { "ALL", (long)SSL_OP_ALL }, #endif -#if SSL_OP_SINGLE_DH_USE +#ifdef SSL_OP_SINGLE_DH_USE { "SINGLE_DH_USE", SSL_OP_SINGLE_DH_USE }, #endif -#if SSL_OP_EPHEMERAL_RSA +#ifdef SSL_OP_EPHEMERAL_RSA { "EPHEMERAL_RSA", SSL_OP_EPHEMERAL_RSA }, #endif -#if SSL_OP_PKCS1_CHECK_1 +#ifdef SSL_OP_PKCS1_CHECK_1 { "PKCS1_CHECK_1", SSL_OP_PKCS1_CHECK_1 }, #endif -#if SSL_OP_PKCS1_CHECK_2 +#ifdef SSL_OP_PKCS1_CHECK_2 { "PKCS1_CHECK_2", SSL_OP_PKCS1_CHECK_2 }, #endif -#if SSL_OP_NETSCAPE_CA_DN_BUG +#ifdef SSL_OP_NETSCAPE_CA_DN_BUG { "NETSCAPE_CA_DN_BUG", SSL_OP_NETSCAPE_CA_DN_BUG }, #endif -#if SSL_OP_NON_EXPORT_FIRST +#ifdef SSL_OP_NON_EXPORT_FIRST { "NON_EXPORT_FIRST", SSL_OP_NON_EXPORT_FIRST }, #endif -#if SSL_OP_CIPHER_SERVER_PREFERENCE +#ifdef SSL_OP_CIPHER_SERVER_PREFERENCE { "CIPHER_SERVER_PREFERENCE", SSL_OP_CIPHER_SERVER_PREFERENCE }, #endif -#if SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG +#ifdef SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG { "NETSCAPE_DEMO_CIPHER_CHANGE_BUG", SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG }, #endif -#if SSL_OP_NO_SSLv3 +#ifdef SSL_OP_NO_SSLv3 { "NO_SSLv3", SSL_OP_NO_SSLv3 }, #endif -#if SSL_OP_NO_TLSv1 +#ifdef SSL_OP_NO_TLSv1 { "NO_TLSv1", SSL_OP_NO_TLSv1 }, #else { "NO_TLSv1", 0 }, #endif -#if SSL_OP_NO_TLSv1_1 +#ifdef SSL_OP_NO_TLSv1_1 { "NO_TLSv1_1", SSL_OP_NO_TLSv1_1 }, #else { "NO_TLSv1_1", 0 }, #endif -#if SSL_OP_NO_TLSv1_2 +#ifdef SSL_OP_NO_TLSv1_2 { "NO_TLSv1_2", SSL_OP_NO_TLSv1_2 }, #else { "NO_TLSv1_2", 0 }, #endif -#if SSL_OP_NO_TLSv1_3 +#ifdef SSL_OP_NO_TLSv1_3 { "NO_TLSv1_3", SSL_OP_NO_TLSv1_3 }, #else { "NO_TLSv1_3", 0 }, #endif -#if SSL_OP_NO_COMPRESSION +#ifdef SSL_OP_NO_COMPRESSION { "No_Compression", SSL_OP_NO_COMPRESSION }, #endif -#if SSL_OP_NO_TICKET +#ifdef SSL_OP_NO_TICKET { "NO_TICKET", SSL_OP_NO_TICKET }, #endif -#if SSL_OP_SINGLE_ECDH_USE +#ifdef SSL_OP_SINGLE_ECDH_USE { "SINGLE_ECDH_USE", SSL_OP_SINGLE_ECDH_USE }, @@ -512,7 +512,7 @@ Security::PeerOptions::parseOptions() } -#if SSL_OP_NO_SSLv2 +#ifdef SSL_OP_NO_SSLv2 // compliance with RFC 6176: Prohibiting Secure Sockets Layer (SSL) Version 2.0 op = op | SSL_OP_NO_SSLv2; #endif