New Wind

PHP 4.4.9 + OpenSSL 0.9.8 系の環境を OpenSSL 1.0.1j にアップデートした際に躓いた点を整理します。

configure は通りますが make で以下の様にストップします。

/usr/appli/php-4.4.9/ext/openssl/openssl.c: In function 'zif_openssl_pkey_new':
/usr/appli/php-4.4.9/ext/openssl/openssl.c:1911: error: 'struct php_x509_request' has no member named 'priv_key'
/usr/appli/php-4.4.9/ext/openssl/openssl.c:1913: error: 'struct php_x509_request' has no member named 'priv_key'
/usr/appli/php-4.4.9/ext/openssl/openssl.c: In function 'zif_openssl_pkey_export_to_file':
/usr/appli/php-4.4.9/ext/openssl/openssl.c:1955: error: 'struct php_x509_request' has no member named 'priv_key_encrypt'
/usr/appli/php-4.4.9/ext/openssl/openssl.c: In function 'zif_openssl_pkey_export':
/usr/appli/php-4.4.9/ext/openssl/openssl.c:2006: error: 'struct php_x509_request' has no member named 'priv_key_encrypt'
*** Error code 1

Stop in /usr/appli/php-4.4.9

Apache 1.3 系も OpenSSL 1.0 以降は OPTIM=-DSTACK=_STACK を付加してコンパイルしないと処理出来ませんが、同様の処理が公開されていました。

ext/openssl/openssl.c を差し替える方法でしたが、以下の内容を patch コマンドで PHP 4.4.9 のソースファイルを展開したディレクトリ直下で実行することで修正が反映し、make も正常に終了します。

--- ext/openssl/openssl.c.orig    2007-12-31 16:22:50.000000000 +0900
+++ ext/openssl/openssl.c         2013-01-10 19:10:47.000000000 +0900
@@ -47,6 +47,13 @@

 #define DEBUG_SMIME        0

+#if OPENSSL_VERSION_NUMBER >= 0x10000000L
+#define OPENSSL_D2I_X509_CAST   d2i_of_void *
+#else
+#define OPENSSL_D2I_X509_CAST   char *(*)()
+#define LHASH_OF(x)             LHASH
+#endif
+
 static unsigned char arg2_force_ref[] =
                        { 2, BYREF_NONE, BYREF_FORCE };
 static unsigned char arg2and3_force_ref[] =
@@ -179,8 +186,8 @@
 static char default_ssl_conf_filename[MAXPATHLEN];

 struct php_x509_request {
-        LHASH * global_config;        /* Global SSL config */
-        LHASH * req_config;           /* SSL config for this request */
+        LHASH_OF(CONF_VALUE) * global_config; /* Global SSL config */
+        LHASH_OF(CONF_VALUE) * req_config;    /* SSL config for this request */
         const EVP_MD * md_alg;
         const EVP_MD * digest;
         char        * section_name,
@@ -340,7 +347,7 @@
                 const char * section_label,
                 const char * config_filename,
                 const char * section,
-                LHASH * config TSRMLS_DC)
+                LHASH_OF(CONF_VALUE) * config TSRMLS_DC)
 {
         X509V3_CTX ctx;

@@ -720,7 +727,7 @@
                 if (in == NULL)
                         return NULL;

-                cert = (X509 *) PEM_ASN1_read_bio((char *(*)())d2i_X509,
+                cert = (X509 *) PEM_ASN1_read_bio((OPENSSL_D2I_X509_CAST)d2i_X509,
                                 PEM_STRING_X509, in,
                                 NULL, NULL, NULL);
                 BIO_free(in);
@@ -1859,7 +1866,7 @@
                 case EVP_PKEY_RSA2:
                         assert(pkey->pkey.rsa != NULL);

-                        if (NULL == pkey->pkey.rsa->p || NULL == pkey->pkey.rsa->q)
+                        if (NULL == pkey->pkey.rsa || NULL == pkey->pkey.rsa->p || NULL == pkey->pkey.rsa->q)
                                 return 0;
                         break;
 #endif
@@ -1871,7 +1878,7 @@
                 case EVP_PKEY_DSA4:
                         assert(pkey->pkey.dsa != NULL);

-                        if (NULL == pkey->pkey.dsa->p || NULL == pkey->pkey.dsa->q || NULL == pkey->pkey.dsa->priv_key)
+                        if (NULL == pkey->pkey.dsa || NULL == pkey->pkey.dsa->p || NULL == pkey->pkey.dsa->q || NULL == pkey->pkey.dsa->priv_key)
                                 return 0;
                         break;
 #endif
@@ -1879,7 +1886,7 @@
                 case EVP_PKEY_DH:
                         assert(pkey->pkey.dh != NULL);

-                        if (NULL == pkey->pkey.dh->p || NULL == pkey->pkey.dh->priv_key)
+                        if (NULL == pkey->pkey.dh || NULL == pkey->pkey.dh->p || NULL == pkey->pkey.dh->priv_key)
                                 return 0;
                         break;
 #endif