cURL / Mailing Lists / curl-library / Single Mail

curl-library

ldap.c and BoringSSL

From: Gisle Vanem <gvanem_at_yahoo.no>
Date: Wed, 28 Jan 2015 12:57:59 +0000

The combination BoringSSL and '-DUSE_WIN32_LDAP'
doesn't work since 'X509_NAME' etc. are defined in
<wincrypt.h> as:
   #define X509_NAME (LPCSTR) 7
   ...

Which causes the compilation of "x509.h" (from "urldata.h")
to fail (cpp output):

typedef struct X509_name_st
  {
  struct stack_st_X509_NAME_ENTRY *entries;
  int modified;
  BUF_MEM *bytes;
  unsigned char *canon_enc;
  int canon_enclen;
  } (LPCSTR) 7;

On MingW, <wincrypt.h> is included via <schannel.h> via
<winldap.h>!! (I've not checked the situation with MSVC).

Hence I've patched ldap.c as:

--- a/ldap.c 2015-01-27 18:37:49 +0000
+++ b/ldap.c 2015-01-27 19:12:54 +0000
@@ -54,6 +54,15 @@
  # endif /* HAVE_LDAP_SSL && HAVE_LDAP_SSL_H */
  #endif

+/* These are macro in both <wincrypt.h> (in above <winldap.h>) and
+ * in BoringSSL's <openssl/x509.h>.
+ */
+#ifdef HAVE_BORINGSSL
+# undef X509_NAME
+# undef X509_CERT_PAIR
+# undef X509_EXTENSIONS
+#endif
+
  #include "urldata.h"
  #include <curl/curl.h>
  #include "sendf.h"

--------

But I fail to make BoringSSL work. Any https url gives this:

== Info: Connected to www.google.com (64.233.162.147) port 443 (#0)
== Info: Marked for [keep alive]: HTTP default
== Info: successfully set certificate verify locations:
== Info: CAfile: g:\MingW32\src\inet\curl\cacert.pem
   CApath: none
== Info: SSLv2, Unknown (22):
=> Send SSL data, 5 bytes (0x5)
0000: ....S
== Info: Unknown SSL protocol error in connection to www.google.com:443
== Info: Marked for [closure]: Failed HTTPS connection

------

I've noticed these "Unknown (22)" are present in OpenSSL too.

-- 
--gv
-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette:  http://curl.haxx.se/mail/etiquette.html
Received on 2015-01-28