1
Description: When building for Erlang/OTP R14, use public_key library
2
This fixes configuration/compilation problems due ejabberd using
3
private functions from Erlang/OTP ssl library which became
4
deprecated in Erlang/OTP R14A.
6
The patch was slightly modified to incorporate certain changes
7
directly to the configure script instead of aclocal.m4.
8
From: Badlop <badlop@process-one.net>
9
Origin: upstream, https://support.process-one.net/secure/attachment/16887/953-21-r14.diff
10
Bug: https://support.process-one.net/browse/EJAB-953
15
INIT_USER=$(INSTALLUSER)
18
-EFLAGS += @ERLANG_SSL39@ -pa .
19
+EFLAGS += @ERLANG_SSLVER@ -pa .
21
# make debug=true to compile Erlang module with debug informations.
23
--- a/src/ejabberd_s2s_in.erl
24
+++ b/src/ejabberd_s2s_in.erl
27
-include("ejabberd.hrl").
30
+-include_lib("public_key/include/public_key.hrl").
31
+-define(PKIXEXPLICIT, 'OTP-PUB-KEY').
32
+-define(PKIXIMPLICIT, 'OTP-PUB-KEY').
35
-include_lib("ssl/include/ssl_pkix.hrl").
36
-define(PKIXEXPLICIT, 'OTP-PKIX').
38
-define(PKIXEXPLICIT, 'PKIX1Explicit88').
39
-define(PKIXIMPLICIT, 'PKIX1Implicit88').
42
-include("XmppAddr.hrl").
45
--- a/src/tls/Makefile.in
46
+++ b/src/tls/Makefile.in
48
DYNAMIC_LIB_CFLAGS = -KPIC -G -z text
51
+EFLAGS += @ERLANG_SSLVER@
58
-define(GET_VERIFY_RESULT, 8).
59
-define(VERIFY_NONE, 16#10000).
62
+-define(CERT_DECODE, {public_key, pkix_decode_cert, plain}).
64
+-define(CERT_DECODE, {ssl_pkix, decode_cert, [pkix]}).
68
-record(tlssock, {tcpsock, tlsport}).
72
get_peer_certificate(#tlssock{tlsport = Port}) ->
73
case port_control(Port, ?GET_PEER_CERTIFICATE, []) of
74
<<0, BCert/binary>> ->
75
- case catch ssl_pkix:decode_cert(BCert, [pkix]) of
76
+ {CertMod, CertFun, CertSecondArg} = ?CERT_DECODE,
77
+ case catch apply(CertMod, CertFun, [BCert, CertSecondArg]) of
81
--- a/src/web/Makefile.in
82
+++ b/src/web/Makefile.in
84
ERLANG_CFLAGS = @ERLANG_CFLAGS@
85
ERLANG_LIBS = @ERLANG_LIBS@
87
-EFLAGS += @ERLANG_SSL39@
88
+EFLAGS += @ERLANG_SSLVER@
92
--- a/src/web/mod_http_fileserver.erl
93
+++ b/src/web/mod_http_fileserver.erl
99
+-define(STRING2LOWER, string).
102
-define(STRING2LOWER, string).
104
-define(STRING2LOWER, httpd_util).
108
-record(state, {host, docroot, accesslog, accesslogfd, directory_indices,
109
custom_headers, default_content_type, content_types = []}).
121
@@ -3180,7 +3180,6 @@
122
-author('alexey@sevcom.net').
125
--include_lib("ssl/include/ssl_pkix.hrl").
128
EIDirS = code:lib_dir("erl_interface") ++ "\n",
129
@@ -3189,11 +3188,13 @@
130
file:write_file("conftest.out", list_to_binary(EIDirS ++ EILibS ++ ssldef() ++ RootDirS)),
134
-ssldef() -> "-DSSL39\n".
139
+ OTP = (catch erlang:system_info(otp_release)),
141
+ OTP >= "R14" -> "-DSSL40\n";
142
+ OTP >= "R12" -> "-DSSL39\n";
146
%% return physical architecture based on OS/Processor
148
@@ -3243,7 +3244,7 @@
150
ERLANG_EI_LIB=`cat conftest.out | head -n 2 | tail -n 1`
152
- ERLANG_SSL39=`cat conftest.out | head -n 3 | tail -n 1`
153
+ ERLANG_SSLVER=`cat conftest.out | head -n 3 | tail -n 1`
155
ERLANG_DIR=`cat conftest.out | tail -n 1`