kzemek · August 14, 2015 16:06
diff --git a/asio_boringssl.patch b/asio_boringssl.patch
 diff --git a/asio/include/asio/ssl/detail/impl/engine.ipp b/asio/include/asio/ssl/detail/impl/engine.ipp
 index 139d739..42c5f0f 100644
 --- a/asio/include/asio/ssl/detail/impl/engine.ipp
 +++ b/asio/include/asio/ssl/detail/impl/engine.ipp
 @@ -202,9 +202,15 @@ const asio::error_code& engine::map_error_code(
   // If there's data yet to be read, it's an error.
   if (BIO_wpending(ext_bio_))
   {
 +#if defined(OPENSSL_IS_BORINGSSL)
 +    ec = asio::error_code(
 +        ERR_PACK(ERR_LIB_SSL, SSL_R_UNEXPECTED_RECORD),
 +        asio::error::get_ssl_category());
 +#else // defined(OPENSSL_IS_BORINGSSL)
     ec = asio::error_code(
         ERR_PACK(ERR_LIB_SSL, 0, SSL_R_SHORT_READ),
         asio::error::get_ssl_category());
 +#endif // defined(OPENSSL_IS_BORINGSSL)
     return ec;
   }
 
 @@ -216,9 +222,15 @@ const asio::error_code& engine::map_error_code(
   // Otherwise, the peer should have negotiated a proper shutdown.
   if ((::SSL_get_shutdown(ssl_) & SSL_RECEIVED_SHUTDOWN) == 0)
   {
 +#if defined(OPENSSL_IS_BORINGSSL)
 +    ec = asio::error_code(
 +        ERR_PACK(ERR_LIB_SSL, SSL_R_UNEXPECTED_RECORD),
 +        asio::error::get_ssl_category());
 +#else // defined(OPENSSL_IS_BORINGSSL)
     ec = asio::error_code(
         ERR_PACK(ERR_LIB_SSL, 0, SSL_R_SHORT_READ),
         asio::error::get_ssl_category());
 +#endif // defined(OPENSSL_IS_BORINGSSL)
   }
 
   return ec;
 diff --git a/asio/include/asio/ssl/detail/impl/openssl_init.ipp b/asio/include/asio/ssl/detail/impl/openssl_init.ipp
 index da66fc1..5d6ff8f 100644
 --- a/asio/include/asio/ssl/detail/impl/openssl_init.ipp
 +++ b/asio/include/asio/ssl/detail/impl/openssl_init.ipp
 @@ -36,7 +36,7 @@ public:
   do_init()
   {
     ::SSL_library_init();
 -    ::SSL_load_error_strings();        
 +    ::SSL_load_error_strings();
     ::OpenSSL_add_all_algorithms();
 
     mutexes_.resize(::CRYPTO_num_locks());
 @@ -70,7 +70,9 @@ public:
 #endif // (OPENSSL_VERSION_NUMBER >= 0x10000000L)
     ::EVP_cleanup();
     ::CRYPTO_cleanup_all_ex_data();
 +#if !defined(OPENSSL_IS_BORINGSSL)
     ::CONF_modules_unload(1);
 +#endif
 #if !defined(OPENSSL_NO_ENGINE)
     ::ENGINE_cleanup();
 #endif // !defined(OPENSSL_NO_ENGINE)
 @@ -99,7 +101,7 @@ private:
 #endif // defined(ASIO_WINDOWS) || defined(__CYGWIN__)
   }
 
 -  static void openssl_locking_func(int mode, int n, 
 +  static void openssl_locking_func(int mode, int n,
     const char* /*file*/, int /*line*/)
   {
     if (mode & CRYPTO_LOCK)
 diff --git a/asio/include/asio/ssl/impl/context.ipp b/asio/include/asio/ssl/impl/context.ipp
 index 4a66a0a..76b333b 100644
 --- a/asio/include/asio/ssl/impl/context.ipp
 +++ b/asio/include/asio/ssl/impl/context.ipp
 @@ -143,14 +143,14 @@ context::context(context::method m)
   case context::tlsv12_server:
     handle_ = ::SSL_CTX_new(::TLSv1_2_server_method());
     break;
 -#else // defined(SSL_TXT_TLSV1_2) 
 +#else // defined(SSL_TXT_TLSV1_2)
   case context::tlsv12:
   case context::tlsv12_client:
   case context::tlsv12_server:
     asio::detail::throw_error(
         asio::error::invalid_argument, "context");
     break;
 -#endif // defined(SSL_TXT_TLSV1_2) 
 +#endif // defined(SSL_TXT_TLSV1_2)
   default:
     handle_ = ::SSL_CTX_new(0);
     break;
 @@ -556,11 +556,15 @@ asio::error_code context::use_certificate_chain(
       return ec;
     }
 
 +#if (OPENSSL_VERSION_NUMBER >= 0x10002000L)
 +    ::SSL_CTX_clear_chain_certs(handle_);
 +#else
     if (handle_->extra_certs)
     {
       ::sk_X509_pop_free(handle_->extra_certs, X509_free);
       handle_->extra_certs = 0;
     }
 +#endif // (OPENSSL_VERSION_NUMBER >= 0x10002000L)
 
     while (X509* cacert = ::PEM_read_bio_X509(bio.p, 0,
           handle_->default_passwd_callback,
 @@ -574,7 +578,7 @@ asio::error_code context::use_certificate_chain(
         return ec;
       }
     }
 -  
 +
     result = ::ERR_peek_last_error();
     if ((ERR_GET_LIB(result) == ERR_LIB_PEM)
         && (ERR_GET_REASON(result) == PEM_R_NO_START_LINE))
	diff --git a/asio/include/asio/ssl/detail/impl/engine.ipp b/asio/include/asio/ssl/detail/impl/engine.ipp
	index 139d739..42c5f0f 100644
	--- a/asio/include/asio/ssl/detail/impl/engine.ipp
	+++ b/asio/include/asio/ssl/detail/impl/engine.ipp
	@@ -202,9 +202,15 @@ const asio::error_code& engine::map_error_code(
	// If there's data yet to be read, it's an error.
	if (BIO_wpending(ext_bio_))
	{
	+#if defined(OPENSSL_IS_BORINGSSL)
	+ ec = asio::error_code(
	+ ERR_PACK(ERR_LIB_SSL, SSL_R_UNEXPECTED_RECORD),
	+ asio::error::get_ssl_category());
	+#else // defined(OPENSSL_IS_BORINGSSL)
	ec = asio::error_code(
	ERR_PACK(ERR_LIB_SSL, 0, SSL_R_SHORT_READ),
	asio::error::get_ssl_category());
	+#endif // defined(OPENSSL_IS_BORINGSSL)
	return ec;
	}

	@@ -216,9 +222,15 @@ const asio::error_code& engine::map_error_code(
	// Otherwise, the peer should have negotiated a proper shutdown.
	if ((::SSL_get_shutdown(ssl_) & SSL_RECEIVED_SHUTDOWN) == 0)
	{
	+#if defined(OPENSSL_IS_BORINGSSL)
	+ ec = asio::error_code(
	+ ERR_PACK(ERR_LIB_SSL, SSL_R_UNEXPECTED_RECORD),
	+ asio::error::get_ssl_category());
	+#else // defined(OPENSSL_IS_BORINGSSL)
	ec = asio::error_code(
	ERR_PACK(ERR_LIB_SSL, 0, SSL_R_SHORT_READ),
	asio::error::get_ssl_category());
	+#endif // defined(OPENSSL_IS_BORINGSSL)
	}

	return ec;
	diff --git a/asio/include/asio/ssl/detail/impl/openssl_init.ipp b/asio/include/asio/ssl/detail/impl/openssl_init.ipp
	index da66fc1..5d6ff8f 100644
	--- a/asio/include/asio/ssl/detail/impl/openssl_init.ipp
	+++ b/asio/include/asio/ssl/detail/impl/openssl_init.ipp
	@@ -36,7 +36,7 @@ public:
	do_init()
	{
	::SSL_library_init();
	- ::SSL_load_error_strings();
	+ ::SSL_load_error_strings();
	::OpenSSL_add_all_algorithms();

	mutexes_.resize(::CRYPTO_num_locks());
	@@ -70,7 +70,9 @@ public:
	#endif // (OPENSSL_VERSION_NUMBER >= 0x10000000L)
	::EVP_cleanup();
	::CRYPTO_cleanup_all_ex_data();
	+#if !defined(OPENSSL_IS_BORINGSSL)
	::CONF_modules_unload(1);
	+#endif
	#if !defined(OPENSSL_NO_ENGINE)
	::ENGINE_cleanup();
	#endif // !defined(OPENSSL_NO_ENGINE)
	@@ -99,7 +101,7 @@ private:
	#endif // defined(ASIO_WINDOWS) \|\| defined(__CYGWIN__)
	}

	- static void openssl_locking_func(int mode, int n,
	+ static void openssl_locking_func(int mode, int n,
	const char* /file/, int /line/)
	{
	if (mode & CRYPTO_LOCK)
	diff --git a/asio/include/asio/ssl/impl/context.ipp b/asio/include/asio/ssl/impl/context.ipp
	index 4a66a0a..76b333b 100644
	--- a/asio/include/asio/ssl/impl/context.ipp
	+++ b/asio/include/asio/ssl/impl/context.ipp
	@@ -143,14 +143,14 @@ context::context(context::method m)
	case context::tlsv12_server:
	handle_ = ::SSL_CTX_new(::TLSv1_2_server_method());
	break;
	-#else // defined(SSL_TXT_TLSV1_2)
	+#else // defined(SSL_TXT_TLSV1_2)
	case context::tlsv12:
	case context::tlsv12_client:
	case context::tlsv12_server:
	asio::detail::throw_error(
	asio::error::invalid_argument, "context");
	break;
	-#endif // defined(SSL_TXT_TLSV1_2)
	+#endif // defined(SSL_TXT_TLSV1_2)
	default:
	handle_ = ::SSL_CTX_new(0);
	break;
	@@ -556,11 +556,15 @@ asio::error_code context::use_certificate_chain(
	return ec;
	}

	+#if (OPENSSL_VERSION_NUMBER >= 0x10002000L)
	+ ::SSL_CTX_clear_chain_certs(handle_);
	+#else
	if (handle_->extra_certs)
	{
	::sk_X509_pop_free(handle_->extra_certs, X509_free);
	handle_->extra_certs = 0;
	}
	+#endif // (OPENSSL_VERSION_NUMBER >= 0x10002000L)

	while (X509* cacert = ::PEM_read_bio_X509(bio.p, 0,
	handle_->default_passwd_callback,
	@@ -574,7 +578,7 @@ asio::error_code context::use_certificate_chain(
	return ec;
	}
	}
	-
	+
	result = ::ERR_peek_last_error();
	if ((ERR_GET_LIB(result) == ERR_LIB_PEM)
	&& (ERR_GET_REASON(result) == PEM_R_NO_START_LINE))