BoringSSL compatibility fixes for cpp-httplib

This fixes errors observed while building util/http_transport_test_server/http_transport_test_server.cc, shown below. The fixes include: - Library version check: tolerate BoringSSL as an alternative to OpenSSL 3. - Don’t call `OPENSSL_thread_stop`, which is not in BoringSSL. - Use `SSL_get_peer_certificate` (deprecated in OpenSSL 3), the old name for `SSL_get1_peer_certificate`, because the new name is not in BoringSSL. - Call `SSL_set_tlsext_host_name` directly instead of making a quirky `SSL_ctrl` call that BoringSSL does not support. The feared -Wold-style-cast warning that occurs when buidling with OpenSSL is not triggered in BoringSSL. Compilation errors from https://chromium-review.googlesource.com/c/5766975?checksPatchset=1&tab=checks → https://ci.chromium.org/ui/p/chromium/builders/try/linux-rel/1909715/ → “10. compilator steps (with patch)” → “31. compile (with patch)” → stdout (https://logs.chromium.org/logs/chromium/buildbucket/cr-buildbucket/8740323272553670737/+/u/compile__with_patch_/stdout): ``` In file included from util/net/http_transport_test_server.cc:42: third_party/cpp-httplib/cpp-httplib/httplib.h:275:2: error: Sorry, OpenSSL versions prior to 3.0.0 are not supported 275 | #error Sorry, OpenSSL versions prior to 3.0.0 are not supported | ^ In file included from util/net/http_transport_test_server.cc:42: third_party/cpp-httplib/cpp-httplib/httplib.h:733:7: error: use of undeclared identifier 'OPENSSL_thread_stop' 733 | OPENSSL_thread_stop (); | ^ third_party/cpp-httplib/cpp-httplib/httplib.h:9062:30: error: use of undeclared identifier 'SSL_get1_peer_certificate'; did you mean 'SSL_get_peer_certificate'? 9062 | auto server_cert = SSL_get1_peer_certificate(ssl2); | ^~~~~~~~~~~~~~~~~~~~~~~~~ | SSL_get_peer_certificate …/boringssl/src/include/openssl/ssl.h:1784:22: note: 'SSL_get_peer_certificate' declared here 1784 | OPENSSL_EXPORT X509 *SSL_get_peer_certificate(const SSL *ssl); | ^ In file included from util/net/http_transport_test_server.cc:42: third_party/cpp-httplib/cpp-httplib/httplib.h:9083:24: error: use of undeclared identifier 'doesnt_exist' 9083 | SSL_ctrl(ssl2, SSL_CTRL_SET_TLSEXT_HOSTNAME, TLSEXT_NAMETYPE_host_name, | ^ …/boringssl/src/include/openssl/ssl.h:5699:38: note: expanded from macro 'SSL_CTRL_SET_TLSEXT_HOSTNAME' 5699 | #define SSL_CTRL_SET_TLSEXT_HOSTNAME doesnt_exist | ^ 4 errors generated. ``` Change-Id: I5798f17323672d70f75335cea61094457b54466e Reviewed-on: https://chromium-review.googlesource.com/c/crashpad/crashpad/+/5769752 Reviewed-by: Joshua Peraza <jperaza@chromium.org>
2024-12-26 06:31:50 +08:00 · 2024-08-07 13:32:28 -04:00 · 2024-08-07 13:32:28 -04:00 · 1a62a01825
commit 1a62a01825
parent b8658f3806
1 changed files with 8 additions and 3 deletions
--- a/third_party/cpp-httplib/cpp-httplib/httplib.h
+++ b/third_party/cpp-httplib/cpp-httplib/httplib.h
@ -271,7 +271,9 @@ using socket_t = int;
 #include <iostream>
 #include <sstream>

-#if OPENSSL_VERSION_NUMBER < 0x30000000L
+#if defined(OPENSSL_IS_BORINGSSL)
+#define SSL_get1_peer_certificate SSL_get_peer_certificate
+#elif OPENSSL_VERSION_NUMBER < 0x30000000L
 #error Sorry, OpenSSL versions prior to 3.0.0 are not supported
 #endif

@ -729,7 +731,7 @@ private:
        fn();
      }

-#ifdef CPPHTTPLIB_OPENSSL_SUPPORT
+#if defined(CPPHTTPLIB_OPENSSL_SUPPORT) && !defined(OPENSSL_IS_BORINGSSL)
      OPENSSL_thread_stop ();
 #endif
    }
@ -9077,11 +9079,14 @@ inline bool SSLClient::initialize_ssl(Socket &socket, Error &error) {
        return true;
      },
      [&](SSL *ssl2) {
+#if defined(OPENSSL_IS_BORINGSSL)
+        SSL_set_tlsext_host_name(ssl2, host_.c_str());
+#else
        // NOTE: Direct call instead of using the OpenSSL macro to suppress
        // -Wold-style-cast warning
-        // SSL_set_tlsext_host_name(ssl2, host_.c_str());
        SSL_ctrl(ssl2, SSL_CTRL_SET_TLSEXT_HOSTNAME, TLSEXT_NAMETYPE_host_name,
                 static_cast<void *>(const_cast<char *>(host_.c_str())));
+#endif
        return true;
      });