From: Martin Johansson Date: Wed, 5 Dec 2012 21:01:22 +0000 (+0100) Subject: Add support for PolarSSL 1.2.x X-Git-Url: http://git.code-monkey.de/?p=umurmur.git;a=commitdiff_plain;h=fc3918dc9bc7153ba7ec938aad57a6060ce33e5c Add support for PolarSSL 1.2.x --- diff --git a/src/ssl.c b/src/ssl.c index 2204a3c..e7a53a2 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -46,20 +46,23 @@ #include #include +#ifdef POLARSSL_API_V1_2 +int ciphers[] = +{ + TLS_DHE_RSA_WITH_AES_256_CBC_SHA, + TLS_RSA_WITH_AES_256_CBC_SHA, + TLS_RSA_WITH_AES_128_CBC_SHA, + 0 +}; +#else int ciphers[] = { SSL_EDH_RSA_AES_256_SHA, - SSL_EDH_RSA_CAMELLIA_256_SHA, - SSL_EDH_RSA_DES_168_SHA, SSL_RSA_AES_256_SHA, - SSL_RSA_CAMELLIA_256_SHA, SSL_RSA_AES_128_SHA, - SSL_RSA_CAMELLIA_128_SHA, - SSL_RSA_DES_168_SHA, - SSL_RSA_RC4_128_SHA, - SSL_RSA_RC4_128_MD5, 0 }; +#endif static x509_cert certificate; static rsa_context key; bool_t builtInTestCertificate; @@ -170,8 +173,13 @@ void SSLi_deinit(void) /* Create SHA1 of last certificate in the peer's chain. */ bool_t SSLi_getSHA1Hash(SSL_handle_t *ssl, uint8_t *hash) { - x509_cert *cert = ssl->peer_cert; - if (!ssl->peer_cert) { + x509_cert *cert; +#ifdef POLARSSL_API_V1_2 + cert = ssl_get_peer_cert(ssl); +#else + cert = ssl->peer_cert; +#endif + if (!cert) { return false; } sha1(cert->raw.p, cert->raw.len, hash); @@ -207,7 +215,12 @@ SSL_handle_t *SSLi_newconnection(int *fd, bool_t *SSLready) #else ssl_set_ciphers(ssl, ciphers); #endif + +#ifdef POLARSSL_API_V1_2 + ssl_set_session(ssl, ssn); +#else ssl_set_session(ssl, 0, 0, ssn); +#endif ssl_set_ca_chain(ssl, &certificate, NULL, NULL); ssl_set_own_cert(ssl, &certificate, &key); diff --git a/src/ssl.h b/src/ssl.h index aa719af..d155f7f 100644 --- a/src/ssl.h +++ b/src/ssl.h @@ -68,6 +68,9 @@ } \ } while (0) #endif + #if (POLARSSL_VERSION_MINOR >= 2) + #define POLARSSL_API_V1_2 + #endif #endif #endif