2 * Copyright 2017 Facebook, Inc.
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
16 #include <folly/portability/OpenSSL.h>
22 #if FOLLY_OPENSSL_IS_110
23 ////////////////////////////////////////////////////////////////////////////////
24 // APIs needed in 1.1.0 only
25 ////////////////////////////////////////////////////////////////////////////////
28 ////////////////////////////////////////////////////////////////////////////////
29 // APIs needed in BoringSSL and OpenSSL != 1.1.0 (1.0.2, 1.0.1, 1.0.0...)
30 ////////////////////////////////////////////////////////////////////////////////
31 void BIO_meth_free(BIO_METHOD* biom) {
32 OPENSSL_free((void*)biom);
35 int BIO_meth_set_read(BIO_METHOD* biom, int (*read)(BIO*, char*, int)) {
40 int BIO_meth_set_write(BIO_METHOD* biom, int (*write)(BIO*, const char*, int)) {
45 void EVP_MD_CTX_free(EVP_MD_CTX* ctx) {
46 EVP_MD_CTX_destroy(ctx);
49 const char* SSL_SESSION_get0_hostname(const SSL_SESSION* s) {
50 return s->tlsext_hostname;
53 EVP_MD_CTX* EVP_MD_CTX_new(void) {
54 EVP_MD_CTX* ctx = (EVP_MD_CTX*)OPENSSL_malloc(sizeof(EVP_MD_CTX));
56 throw std::runtime_error("Cannot allocate EVP_MD_CTX");
62 HMAC_CTX* HMAC_CTX_new(void) {
63 HMAC_CTX* ctx = (HMAC_CTX*)OPENSSL_malloc(sizeof(HMAC_CTX));
65 throw std::runtime_error("Cannot allocate HMAC_CTX");
71 void HMAC_CTX_free(HMAC_CTX* ctx) {
77 #ifdef OPENSSL_IS_BORINGSSL
78 ////////////////////////////////////////////////////////////////////////////////
79 // APIs needed in BoringSSL only
80 ////////////////////////////////////////////////////////////////////////////////
81 int SSL_CTX_set1_sigalgs_list(SSL_CTX*, const char*) {
82 return 1; // 0 implies error
85 int TLS1_get_client_version(SSL* s) {
86 // Note that this isn't the client version, and the API to
87 // get this has been hidden. It may be found by parsing the
88 // ClientHello (there is a callback via the SSL_HANDSHAKE struct)
92 #elif FOLLY_OPENSSL_IS_102 || FOLLY_OPENSSL_IS_101 || FOLLY_OPENSSL_IS_100
93 ////////////////////////////////////////////////////////////////////////////////
94 // APIs needed in 1.0.2 and 1.0.1/1.0.0 (both deprecated)
95 ////////////////////////////////////////////////////////////////////////////////
96 int SSL_CTX_up_ref(SSL_CTX* ctx) {
97 return CRYPTO_add(&ctx->references, 1, CRYPTO_LOCK_SSL_CTX);
100 int SSL_SESSION_up_ref(SSL_SESSION* session) {
101 return CRYPTO_add(&session->references, 1, CRYPTO_LOCK_SSL_SESSION);
104 int X509_up_ref(X509* x) {
105 return CRYPTO_add(&x->references, 1, CRYPTO_LOCK_X509);
108 #if FOLLY_OPENSSL_IS_101 || FOLLY_OPENSSL_IS_100
109 ////////////////////////////////////////////////////////////////////////////////
110 // APIs needed in 1.0.1/1.0.0 (both deprecated)
111 ////////////////////////////////////////////////////////////////////////////////
112 int X509_get_signature_nid(X509* cert) {
113 return OBJ_obj2nid(cert->sig_alg->algorithm);
118 #if FOLLY_OPENSSL_IS_100
119 ////////////////////////////////////////////////////////////////////////////////
120 // APIs needed only in 1.0.0 only (deprecated)
121 ////////////////////////////////////////////////////////////////////////////////
122 uint32_t SSL_CIPHER_get_id(const SSL_CIPHER* c) {
126 int TLS1_get_client_version(const SSL* s) {
127 return (s->client_version >> 8) == TLS1_VERSION_MAJOR ? s->client_version : 0;
132 #endif // !(OPENSSL_IS_BORINGSSL ||
133 // FOLLY_OPENSSL_IS_101 ||
134 // FOLLY_OPENSSL_IS_102 ||
135 // FOLLY_OPENSSL_IS_100)
137 #endif // !FOLLY_OPENSSL_IS_110