Create a gist now

Instantly share code, notes, and snippets.

What would you like to do?
diff --git a/asio/include/asio/ssl/detail/impl/engine.ipp b/asio/include/asio/ssl/detail/impl/engine.ipp
index 139d739..42c5f0f 100644
--- a/asio/include/asio/ssl/detail/impl/engine.ipp
+++ b/asio/include/asio/ssl/detail/impl/engine.ipp
@@ -202,9 +202,15 @@ const asio::error_code& engine::map_error_code(
// If there's data yet to be read, it's an error.
if (BIO_wpending(ext_bio_))
{
+#if defined(OPENSSL_IS_BORINGSSL)
+ ec = asio::error_code(
+ ERR_PACK(ERR_LIB_SSL, SSL_R_UNEXPECTED_RECORD),
+ asio::error::get_ssl_category());
+#else // defined(OPENSSL_IS_BORINGSSL)
ec = asio::error_code(
ERR_PACK(ERR_LIB_SSL, 0, SSL_R_SHORT_READ),
asio::error::get_ssl_category());
+#endif // defined(OPENSSL_IS_BORINGSSL)
return ec;
}
@@ -216,9 +222,15 @@ const asio::error_code& engine::map_error_code(
// Otherwise, the peer should have negotiated a proper shutdown.
if ((::SSL_get_shutdown(ssl_) & SSL_RECEIVED_SHUTDOWN) == 0)
{
+#if defined(OPENSSL_IS_BORINGSSL)
+ ec = asio::error_code(
+ ERR_PACK(ERR_LIB_SSL, SSL_R_UNEXPECTED_RECORD),
+ asio::error::get_ssl_category());
+#else // defined(OPENSSL_IS_BORINGSSL)
ec = asio::error_code(
ERR_PACK(ERR_LIB_SSL, 0, SSL_R_SHORT_READ),
asio::error::get_ssl_category());
+#endif // defined(OPENSSL_IS_BORINGSSL)
}
return ec;
diff --git a/asio/include/asio/ssl/detail/impl/openssl_init.ipp b/asio/include/asio/ssl/detail/impl/openssl_init.ipp
index da66fc1..5d6ff8f 100644
--- a/asio/include/asio/ssl/detail/impl/openssl_init.ipp
+++ b/asio/include/asio/ssl/detail/impl/openssl_init.ipp
@@ -36,7 +36,7 @@ public:
do_init()
{
::SSL_library_init();
- ::SSL_load_error_strings();
+ ::SSL_load_error_strings();
::OpenSSL_add_all_algorithms();
mutexes_.resize(::CRYPTO_num_locks());
@@ -70,7 +70,9 @@ public:
#endif // (OPENSSL_VERSION_NUMBER >= 0x10000000L)
::EVP_cleanup();
::CRYPTO_cleanup_all_ex_data();
+#if !defined(OPENSSL_IS_BORINGSSL)
::CONF_modules_unload(1);
+#endif
#if !defined(OPENSSL_NO_ENGINE)
::ENGINE_cleanup();
#endif // !defined(OPENSSL_NO_ENGINE)
@@ -99,7 +101,7 @@ private:
#endif // defined(ASIO_WINDOWS) || defined(__CYGWIN__)
}
- static void openssl_locking_func(int mode, int n,
+ static void openssl_locking_func(int mode, int n,
const char* /*file*/, int /*line*/)
{
if (mode & CRYPTO_LOCK)
diff --git a/asio/include/asio/ssl/impl/context.ipp b/asio/include/asio/ssl/impl/context.ipp
index 4a66a0a..76b333b 100644
--- a/asio/include/asio/ssl/impl/context.ipp
+++ b/asio/include/asio/ssl/impl/context.ipp
@@ -143,14 +143,14 @@ context::context(context::method m)
case context::tlsv12_server:
handle_ = ::SSL_CTX_new(::TLSv1_2_server_method());
break;
-#else // defined(SSL_TXT_TLSV1_2)
+#else // defined(SSL_TXT_TLSV1_2)
case context::tlsv12:
case context::tlsv12_client:
case context::tlsv12_server:
asio::detail::throw_error(
asio::error::invalid_argument, "context");
break;
-#endif // defined(SSL_TXT_TLSV1_2)
+#endif // defined(SSL_TXT_TLSV1_2)
default:
handle_ = ::SSL_CTX_new(0);
break;
@@ -556,11 +556,15 @@ asio::error_code context::use_certificate_chain(
return ec;
}
+#if (OPENSSL_VERSION_NUMBER >= 0x10002000L)
+ ::SSL_CTX_clear_chain_certs(handle_);
+#else
if (handle_->extra_certs)
{
::sk_X509_pop_free(handle_->extra_certs, X509_free);
handle_->extra_certs = 0;
}
+#endif // (OPENSSL_VERSION_NUMBER >= 0x10002000L)
while (X509* cacert = ::PEM_read_bio_X509(bio.p, 0,
handle_->default_passwd_callback,
@@ -574,7 +578,7 @@ asio::error_code context::use_certificate_chain(
return ec;
}
}
-
+
result = ::ERR_peek_last_error();
if ((ERR_GET_LIB(result) == ERR_LIB_PEM)
&& (ERR_GET_REASON(result) == PEM_R_NO_START_LINE))
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment