| ︙ | | |
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
|
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
|
+
-
+
+
|
** for future versions of OpenSSL, and explicit initialization may be redundant.
** NOTE TO HACKERS TWEAKING THEIR OPENSSL CONFIGURATION:
** The following OpenSSL configuration options must not be used for this feature
** to be available: `no-autoalginit', `no-winstore'. The Fossil makefiles do not
** currently set these options when building OpenSSL for Windows. */
#if defined(_WIN32)
#if OPENSSL_VERSION_NUMBER >= 0x030200000
if( SSLeay()!=0x30500000 /* Don't use for 3.5.0 due to a bug */
if( SSL_CTX_load_verify_store(sslCtx, "org.openssl.winstore:")==0 ){
&& SSL_CTX_load_verify_store(sslCtx, "org.openssl.winstore:")==0
){
fossil_print("NOTICE: Failed to load the Windows root certificates.\n");
}
#endif /* OPENSSL_VERSION_NUMBER >= 0x030200000 */
#endif /* _WIN32 */
/* Load client SSL identity, preferring the filename specified on the
** command line */
|
| ︙ | | |
997
998
999
1000
1001
1002
1003
1004
1005
1006
1007
1008
1009
1010
1011
1012
|
999
1000
1001
1002
1003
1004
1005
1006
1007
1008
1009
1010
1011
1012
1013
1014
|
-
-
+
+
|
fossil_print("OpenSSL-version: (none)\n");
if( verbose ){
fossil_print("\n"
" The OpenSSL library is not used by this build of Fossil\n\n"
);
}
#else
fossil_print("OpenSSL-version: %s (0x%09x)\n",
SSLeay_version(SSLEAY_VERSION), OPENSSL_VERSION_NUMBER);
fossil_print("OpenSSL-version: %s (0x%09llx)\n",
SSLeay_version(SSLEAY_VERSION), (unsigned long long)SSLeay());
if( verbose ){
fossil_print("\n"
" The version of the OpenSSL library being used\n"
" by this instance of Fossil. Version 3.0.0 or\n"
" later is recommended.\n\n"
);
}
|
| ︙ | | |
1059
1060
1061
1062
1063
1064
1065
1066
1067
1068
1069
1070
1071
1072
1073
1074
1075
1076
1077
1078
1079
1080
1081
1082
|
1061
1062
1063
1064
1065
1066
1067
1068
1069
1070
1071
1072
1073
1074
1075
1076
1077
1078
1079
1080
1081
1082
|
-
-
-
+
+
-
-
-
-
-
+
+
+
+
|
" the identity of servers for \"https:\" URLs. These values\n"
" come into play when Fossil is used as a TLS client. These\n"
" values are built into your OpenSSL library.\n\n"
);
}
#if defined(_WIN32)
#if OPENSSL_VERSION_NUMBER >= 0x030200000
fossil_print(" OpenSSL-winstore: Yes\n");
#else /* OPENSSL_VERSION_NUMBER >= 0x030200000 */
fossil_print(" OpenSSL-winstore: No\n");
#endif /* OPENSSL_VERSION_NUMBER >= 0x030200000 */
" OpenSSL 3.2.0, or newer, use the root certificates managed by\n"
" the Windows operating system. The installed root certificates\n"
" are listed by the command:\n\n"
" OpenSSL 3.2.0, or newer, but not version 3.5.0 due to a bug,\n"
" the root certificates are managed by the Windows operating\n"
" system. The installed root certificates are listed by the\n"
" command:\n\n"
" certutil -store \"ROOT\"\n\n"
);
}
#endif /* _WIN32 */
if( zUsed==0 ) zUsed = "";
fossil_print(" Trust store used: %s\n", zUsed);
|
| ︙ | | |
1230
1231
1232
1233
1234
1235
1236
1237
1238
1239
1240
1241
|
1230
1231
1232
1233
1234
1235
1236
1237
1238
1239
1240
1241
|
-
+
|
** Return the OpenSSL version number being used. Space to hold
** this name is obtained from fossil_malloc() and should be
** freed by the caller.
*/
char *fossil_openssl_version(void){
#if defined(FOSSIL_ENABLE_SSL)
return mprintf("%s (0x%09x)\n",
SSLeay_version(SSLEAY_VERSION), OPENSSL_VERSION_NUMBER);
SSLeay_version(SSLEAY_VERSION), (sqlite3_uint64)SSLeay());
#else
return mprintf("none");
#endif
}
|