From 2d76c9112c7a9c3e078b3e047b9004cd8d6da60f Mon Sep 17 00:00:00 2001 From: John Harrison Date: Fri, 12 Jan 2024 16:31:03 -0800 Subject: [PATCH 1/2] BoringSSL patch, not ready for merge --- CMakeLists.txt | 2 +- librabbitmq/amqp_openssl_bio.c | 16 +++++++--------- 2 files changed, 8 insertions(+), 10 deletions(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index 99b62216..0fe68292 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -115,7 +115,7 @@ option(ENABLE_SSL_SUPPORT "Enable SSL support" ON) if (ENABLE_SSL_SUPPORT) set(RMQ_OPENSSL_MIN_VERSION 1.1.1) - find_package(OpenSSL "${RMQ_OPENSSL_MIN_VERSION}" REQUIRED) + find_package(OpenSSL REQUIRED) cmake_push_check_state() set(THREADS_PREFER_PTHREAD_FLAG ON) diff --git a/librabbitmq/amqp_openssl_bio.c b/librabbitmq/amqp_openssl_bio.c index 5955c75c..deafef97 100644 --- a/librabbitmq/amqp_openssl_bio.c +++ b/librabbitmq/amqp_openssl_bio.c @@ -109,15 +109,13 @@ int amqp_openssl_bio_init(void) { return AMQP_STATUS_NO_MEMORY; } - BIO_meth_set_create(amqp_bio_method, BIO_meth_get_create(BIO_s_socket())); - BIO_meth_set_destroy(amqp_bio_method, BIO_meth_get_destroy(BIO_s_socket())); - BIO_meth_set_ctrl(amqp_bio_method, BIO_meth_get_ctrl(BIO_s_socket())); - BIO_meth_set_callback_ctrl(amqp_bio_method, - BIO_meth_get_callback_ctrl(BIO_s_socket())); - BIO_meth_set_read(amqp_bio_method, BIO_meth_get_read(BIO_s_socket())); - BIO_meth_set_write(amqp_bio_method, BIO_meth_get_write(BIO_s_socket())); - BIO_meth_set_gets(amqp_bio_method, BIO_meth_get_gets(BIO_s_socket())); - BIO_meth_set_puts(amqp_bio_method, BIO_meth_get_puts(BIO_s_socket())); + BIO_meth_set_create(amqp_bio_method, BIO_s_socket()->create); + BIO_meth_set_destroy(amqp_bio_method, BIO_s_socket()->destroy); + BIO_meth_set_ctrl(amqp_bio_method, BIO_s_socket()->ctrl); + BIO_meth_set_read(amqp_bio_method, BIO_s_socket()->bread); + BIO_meth_set_write(amqp_bio_method, BIO_s_socket()->bwrite); + BIO_meth_set_gets(amqp_bio_method, BIO_s_socket()->bgets); + BIO_meth_set_puts(amqp_bio_method, BIO_s_socket()->bputs); BIO_meth_set_write(amqp_bio_method, amqp_openssl_bio_write); BIO_meth_set_read(amqp_bio_method, amqp_openssl_bio_read); From b80f15f6cd9de1242586983ff066fe7d9b4ac6f3 Mon Sep 17 00:00:00 2001 From: John Harrison Date: Wed, 13 Mar 2024 10:25:14 -0700 Subject: [PATCH 2/2] Improved support for either OpenSSL or BoringSSL --- CMakeLists.txt | 6 ++++++ cmake/rabbitmq-c-config.cmake.in | 7 ++++++- librabbitmq/amqp_openssl_bio.c | 13 ++++++++++++- 3 files changed, 24 insertions(+), 2 deletions(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index af3ea41b..66c23e26 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -114,8 +114,14 @@ endif() option(ENABLE_SSL_SUPPORT "Enable SSL support" ON) if (ENABLE_SSL_SUPPORT) + # Manually check OpenSSL version because BoringSSL doesn't support version checking via find_package set(RMQ_OPENSSL_MIN_VERSION 1.1.1) find_package(OpenSSL REQUIRED) + if(OPENSSL_VERSION) # Will be empty for BoringSSL + if(OPENSSL_VERSION VERSION_LESS RMQ_OPENSSL_MIN_VERSION) + MESSAGE(FATAL_ERROR "Found OpenSSL version ${OPENSSL_VERSION} but ${RMQ_OPENSSL_MIN_VERSION} or later is required") + endif() + endif() cmake_push_check_state() set(THREADS_PREFER_PTHREAD_FLAG ON) diff --git a/cmake/rabbitmq-c-config.cmake.in b/cmake/rabbitmq-c-config.cmake.in index 2b37a677..6f774eff 100644 --- a/cmake/rabbitmq-c-config.cmake.in +++ b/cmake/rabbitmq-c-config.cmake.in @@ -5,7 +5,12 @@ set(RMQ_USES_OPENSSL @ENABLE_SSL_SUPPORT@) include(CMakeFindDependencyMacro) if (RMQ_USES_OPENSSL) - find_dependency(OpenSSL @RMQ_OPENSSL_MIN_VERSION@ REQUIRED) + find_dependency(OpenSSL REQUIRED) + if(OPENSSL_VERSION) + if(OPENSSL_VERSION VERSION_LESS RMQ_OPENSSL_MIN_VERSION) + MESSAGE(FATAL_ERROR "Found OpenSSL version @OPENSSL_VERSION@ but @RMQ_OPENSSL_MIN_VERSION@ or later is required") + endif() + endif() endif () include(${CMAKE_CURRENT_LIST_DIR}/@targets_export_name@.cmake) diff --git a/librabbitmq/amqp_openssl_bio.c b/librabbitmq/amqp_openssl_bio.c index deafef97..28461974 100644 --- a/librabbitmq/amqp_openssl_bio.c +++ b/librabbitmq/amqp_openssl_bio.c @@ -108,7 +108,7 @@ int amqp_openssl_bio_init(void) { if (!(amqp_bio_method = BIO_meth_new(BIO_TYPE_SOCKET, "amqp_bio_method"))) { return AMQP_STATUS_NO_MEMORY; } - +#ifdef OPENSSL_IS_BORINGSSL BIO_meth_set_create(amqp_bio_method, BIO_s_socket()->create); BIO_meth_set_destroy(amqp_bio_method, BIO_s_socket()->destroy); BIO_meth_set_ctrl(amqp_bio_method, BIO_s_socket()->ctrl); @@ -116,6 +116,17 @@ int amqp_openssl_bio_init(void) { BIO_meth_set_write(amqp_bio_method, BIO_s_socket()->bwrite); BIO_meth_set_gets(amqp_bio_method, BIO_s_socket()->bgets); BIO_meth_set_puts(amqp_bio_method, BIO_s_socket()->bputs); +#else + BIO_meth_set_create(amqp_bio_method, BIO_meth_get_create(BIO_s_socket())); + BIO_meth_set_destroy(amqp_bio_method, BIO_meth_get_destroy(BIO_s_socket())); + BIO_meth_set_ctrl(amqp_bio_method, BIO_meth_get_ctrl(BIO_s_socket())); + BIO_meth_set_callback_ctrl(amqp_bio_method, + BIO_meth_get_callback_ctrl(BIO_s_socket())); + BIO_meth_set_read(amqp_bio_method, BIO_meth_get_read(BIO_s_socket())); + BIO_meth_set_write(amqp_bio_method, BIO_meth_get_write(BIO_s_socket())); + BIO_meth_set_gets(amqp_bio_method, BIO_meth_get_gets(BIO_s_socket())); + BIO_meth_set_puts(amqp_bio_method, BIO_meth_get_puts(BIO_s_socket())); +#endif BIO_meth_set_write(amqp_bio_method, amqp_openssl_bio_write); BIO_meth_set_read(amqp_bio_method, amqp_openssl_bio_read);