Skip to content

Try loading OpenSSL using alternative names for 1.1 and 3.x. #1

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
JPeterMugaas wants to merge 47 commits into
base: master
Choose a base branch
from
Open

Try loading OpenSSL using alternative names for 1.1 and 3.x. #1

Changes from 1 commit
Commits
Show all changes
47 commits
Select commit Hold shift + click to select a range
cd7dc07
Try loading OpenSSL using alternative names for 1.1 and 3.x.
JPeterMugaas Aug 5, 2024
c189c38
Remove redundant load attempt.
JPeterMugaas Aug 5, 2024
914c8e4
Fix warning about value not being used.
JPeterMugaas Aug 5, 2024
a03fa46
Found alt. to SSL_load_error_strings in OpenSSL 1.1.1 headers. Mark …
JPeterMugaas Aug 6, 2024
1ceaa39
Added OpenSSL 1.1 alternatives for OpenSSL_add_all_ciphers and OpenSS…
JPeterMugaas Aug 6, 2024
f3a2412
Commented out some code that just doesn't look right.
JPeterMugaas Aug 6, 2024
abb9b62
OpenSSL 1.1 alternative to SSLeay_add_ssl_algorithms.
JPeterMugaas Aug 6, 2024
05834dc
Forgot something. OOPS!!!
JPeterMugaas Aug 6, 2024
62f20bb
Alternatives to X509_NAME_hash and SSL_get_peer_certificate.
JPeterMugaas Aug 6, 2024
72a4842
CRYPTO_LOCK API is gone in this version.
JPeterMugaas Aug 6, 2024
c72ee44
Finally got OpenSSL 3.2 to load.
JPeterMugaas Aug 6, 2024
35e8e9a
The wrong .DLL was being for OpenSSL 1.1.1
JPeterMugaas Aug 6, 2024
a9f7435
Fix EVP_CIPHER_CTX_type.
JPeterMugaas Aug 6, 2024
9c5bc46
Add extra safety. Thanks to https://github.com/IndySockets/IndyTLS-O…
JPeterMugaas Aug 7, 2024
bb0f080
Start on TLS 1.3.
JPeterMugaas Aug 7, 2024
d464583
More work on trying to get TLS 1.3 in this.
JPeterMugaas Aug 7, 2024
3923a04
TLS 1.3 now works with "OpenSSL 1.1.1w 11 Sep 2023".
JPeterMugaas Aug 7, 2024
d71ed84
The if's were reversed to allow the user to specify a minimum.
JPeterMugaas Aug 7, 2024
74bb2d0
Fixed error in if reversal.
JPeterMugaas Aug 7, 2024
08ec18e
SSL_CTRL_SET_MIN_PROTO_VERSION and SSL_CTRL_SET_MAX_PROTO_VERSION are…
JPeterMugaas Aug 7, 2024
8db8dab
Fix more type breakage from Open SSL 1.1.0. Introduce some new funct…
JPeterMugaas Aug 8, 2024
6c2909c
SSL_CTX_set_info_callback now works with OpenSSL 1.0.2, 1.1.0, and th…
JPeterMugaas Aug 8, 2024
c11c3e2
SSL_CTX_set_info_callback now works with OpenSSL 1.0.2, 1.1.0, and th…
JPeterMugaas Aug 8, 2024
c838e2e
We can't assume TLS 1.3 is available since we support 1.0.2.
JPeterMugaas Aug 8, 2024
04527f6
Add {Do not localize} for quoted strings that aren't meant to be loca…
JPeterMugaas Aug 8, 2024
286cfa4
Enable @_threadid_func on Windows.
JPeterMugaas Aug 8, 2024
0d5662c
Fix put_error and try to match the locking API calls. This is from: …
JPeterMugaas Aug 8, 2024
c87ed17
SSL_CTX_get_cert_store and SSL_get_ex_data_X509_STORE_CTX_idx.
JPeterMugaas Aug 8, 2024
df4d349
X509_verify_cert_error_string
JPeterMugaas Aug 8, 2024
61f7798
Update function OpenSSLGetDigestCtx and OpenSSLFinalHashInst to match…
JPeterMugaas Aug 8, 2024
d4e973f
Update VerifyCallback( to use X509_STORE_CTX_get_ex_data if available.
JPeterMugaas Aug 8, 2024
b35775f
X509_STORE update.
JPeterMugaas Aug 8, 2024
f3ba6df
Changes suggested in review.
JPeterMugaas Aug 8, 2024
a5e7e9e
less_than not less_then.
JPeterMugaas Aug 8, 2024
a9e83de
Important change. You are NOT meant to access the fields in SSL_CTX.…
JPeterMugaas Aug 9, 2024
e44d6b1
Restore Password Callback and IndySSL_CTX_load_verify_locations.
JPeterMugaas Aug 9, 2024
06633ed
Add TLS_client_method and TLS_server_method.
JPeterMugaas Aug 9, 2024
50042ba
Use TLS_client_method and TLS_server_method. Verified that TLS_cclie…
JPeterMugaas Aug 9, 2024
56006f0
Fix access violation in IndySSL_CTX_use_certificate_file_PKCS1 and sk…
JPeterMugaas Aug 11, 2024
6be768e
OnStatusInfoEx now works in TIdServerIOHandlerSSLOpenSSL.
JPeterMugaas Aug 12, 2024
195b43b
Remove record structures for opaque types in OpenSSL 1.1.0 and use AP…
JPeterMugaas Aug 13, 2024
2df1f5a
Add SSL_set_min_proto_version and SSL_set_max_proto_version macros.
JPeterMugaas Aug 13, 2024
9b51aa8
Several things:
JPeterMugaas Aug 14, 2024
09e2ba0
Remove the usage of some depreciated functions. See: https://docs.op…
JPeterMugaas Aug 14, 2024
903a27b
Remove IsOpenSSL_1x since this only supports OpenSSL 1.1.0 and greate…
JPeterMugaas Aug 14, 2024
aa87484
Try to merge stuff from main branch.
JPeterMugaas Aug 15, 2024
227ae95
Fix some access violations.
JPeterMugaas Aug 15, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
42 changes: 32 additions & 10 deletions IdSSLOpenSSLHeaders.pas
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -19559,7 +19559,25 @@ class procedure EIdOpenSSLAPISSLError.RaiseExceptionCode(const AErrCode, ARetCod
//mingw32, the SSL .dll might be named 'libssl32.dll' instead of
//ssleay32.dll like you would expect.
SSL_DLL_name_alt = 'libssl32.dll'; {Do not localize}
{$IFDEF WIN64}
SSL_DLL_1_1_name = 'libssl-1_1-x64.dll'; {Do not localize}
SSL_DLL_3_name = 'libssl-3-x64.dll'; {Do not localize}
{$ELSE}
SSL_DLL_1_1_name = 'libssl-1_1.dll'; {Do not localize}
SSL_DLL_3_name = 'libssl-3.dll'; {Do not localize}
{$ENDIF}
SSLCLIB_DLL_name = 'libeay32.dll'; {Do not localize}
{$IFDEF WIN64}
SSLCLIB_DLL_1_1_name = 'libcrypto-1_1-x64.dll'; {Do not localize}
SSLCLIB_DLL_3_name = 'libcrypto-3-x64.dll'; {Do not localize}
{$ELSE}
SSLCLIB_DLL_1_1_name = 'libcrypto-1_1.dll'; {Do not localize}
SSLCLIB_DLL_3_name = 'libcrypto-3.dll'; {Do not localize}
{$ENDIF}
SSLCLIBS_LAST = 2;
SSLCLIBS : array [0..SSLCLIBS_LAST] of string = (SSLCLIB_DLL_3_name, SSL_DLL_1_1_name, SSLCLIB_DLL_name);
SSLLIBS_LAST = 3;
SSLLIBS : array [0..SSLLIBS_LAST] of string = (SSL_DLL_3_name, SSL_DLL_1_1_name, SSL_DLL_name, SSL_DLL_name_alt);
{$ENDIF}
{$ENDIF}

Expand Down Expand Up @@ -22697,6 +22715,7 @@ function LoadSSLCryptoLibrary: TIdLibHandle;
{$IFDEF WINDOWS}
var
Err: DWORD;
i : Integer;
{$ELSE}
{$IFDEF USE_BASEUNIX_OR_VCL_POSIX_OR_KYLIXCOMPAT} // TODO: use {$IF DEFINED(UNIX)} instead?
var
Expand All @@ -22709,6 +22728,13 @@ function LoadSSLCryptoLibrary: TIdLibHandle;
{$IFDEF WINDOWS}
//On Windows, you should use SafeLoadLibrary because
//the LoadLibrary API call messes with the FPU control word.
for i := 0 to SSLCLIBS_LAST do begin
Result := SafeLoadLibrary(GIdOpenSSLPath + SSLCLIBS[i]);
if Result <> IdNilHandle then begin
Exit;
end;
end;

Result := SafeLoadLibrary(GIdOpenSSLPath + SSLCLIB_DLL_name);
Comment thread
JPeterMugaas marked this conversation as resolved.
Outdated
if Result <> IdNilHandle then begin
Exit;
Expand Down Expand Up @@ -22760,6 +22786,7 @@ function LoadSSLLibrary: TIdLibHandle;
{$IFDEF WINDOWS}
var
Err: DWORD;
i : Integer;
{$ELSE}
{$IFDEF USE_BASEUNIX_OR_VCL_POSIX_OR_KYLIXCOMPAT} // TODO: use {$IF DEFINED(UNIX)} instead?
var
Expand All @@ -22772,16 +22799,11 @@ function LoadSSLLibrary: TIdLibHandle;
{$IFDEF WINDOWS}
//On Windows, you should use SafeLoadLibrary because
//the LoadLibrary API call messes with the FPU control word.
Result := SafeLoadLibrary(GIdOpenSSLPath + SSL_DLL_name);
if Result <> IdNilHandle then begin
Exit;
end;
// TODO: exit here if the error is anything other than the file not being found...
//This is a workaround for mingw32-compiled SSL .DLL which
//might be named 'libssl32.dll'.
Result := SafeLoadLibrary(GIdOpenSSLPath + SSL_DLL_name_alt);
if Result <> IdNilHandle then begin
Exit;
for i := 0 to SSLLIBS_LAST do begin
Result := SafeLoadLibrary(GIdOpenSSLPath + SSLLIBS[i]);
if Result <> IdNilHandle then begin
Exit;
end;
end;
{$ELSE}
{$IFDEF USE_BASEUNIX_OR_VCL_POSIX_OR_KYLIXCOMPAT} // TODO: use {$IF DEFINED(UNIX)} instead?
Expand Down