Update to V8 6.0 and fixes for OpenSSL 1.1.0.

git-svn-id: https://www.unprompted.com/svn/projects/tildefriends/trunk@3408 ed5197a5-7fde-0310-b194-c3ffbd925b24

src/Task.cpp

@@ -97,7 +97,7 @@ Task::Task() {
 	_loop = uv_loop_new();
 	++_count;
 	v8::Isolate::CreateParams options;
-	options.array_buffer_allocator = &_allocator;
+	options.array_buffer_allocator = v8::ArrayBuffer::Allocator::NewDefaultAllocator();
 	_isolate = v8::Isolate::New(options);
 	_isolate->SetData(0, this);
 	_isolate->SetCaptureStackTraceForUncaughtExceptions(true, 16);

src/Task.h

@@ -39,23 +39,6 @@ enum MessageType {
 	kGetExports,
 };
 
-class NewArrayBufferAllocator : public v8::ArrayBuffer::Allocator {
-public:
-	void* Allocate(size_t length) {
-		char* bytes = new char[length];
-		std::memset(bytes, 0, length);
-		return bytes;
-	}
-
-	void* AllocateUninitialized(size_t length) {
-		return new char[length];
-	}
-
-	void Free(void* data, size_t length) {
-		delete[] reinterpret_cast<char*>(data);
-	}
-};
-
 class Task {
 public:
 	Task();
@@ -103,7 +86,6 @@ private:
 	bool _trusted = false;
 	bool _killed = false;
 	std::string _scriptName;
-	NewArrayBufferAllocator _allocator;
 	v8::Isolate* _isolate = 0;
 
 	std::map<promiseid_t, v8::Persistent<v8::Promise::Resolver, v8::CopyablePersistentTraits<v8::Promise::Resolver> > > _promises;

src/Tls.cpp

@@ -49,8 +49,11 @@ public:
 
 private:
 	bool verifyPeerCertificate();
+
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
 	bool verifyHostname(X509* certificate, const char* hostname);
 	bool wildcardMatch(const char* pattern, const char* name);
+#endif
 
 	TlsContext_openssl* _context = 0;
 	BIO* _bioIn = 0;
@@ -152,6 +155,9 @@ void TlsSession_openssl::startAccept() {
 void TlsSession_openssl::startConnect() {
 	_direction = kConnect;
 	_ssl = SSL_new(_context->getContext());
+	X509_VERIFY_PARAM* param = SSL_get0_param(_ssl);
+	X509_VERIFY_PARAM_set_hostflags(param, X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS);
+	X509_VERIFY_PARAM_set1_host(param, _hostname.c_str(), 0);
 	SSL_set_bio(_ssl, _bioIn, _bioOut);
 
 	SSL_connect(_ssl);
@@ -233,15 +239,20 @@ bool TlsSession_openssl::verifyPeerCertificate() {
 	if (certificate) {
 
 		if (SSL_get_verify_result(_ssl) == X509_V_OK) {
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
 			if (verifyHostname(certificate, _hostname.c_str())) {
 				verified = true;
 			}
+#else
+			verified = true;
+#endif
 		}
 		X509_free(certificate);
 	}
 	return verified;
 }
 
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
 bool TlsSession_openssl::wildcardMatch(const char* pattern, const char* name) {
 	while (*pattern && *name) {
 		if (*pattern == '*') {
@@ -268,7 +279,7 @@ bool TlsSession_openssl::verifyHostname(X509* certificate, const char* hostname)
 		int count = sk_GENERAL_NAME_num(names);
 		for (int i = 0; i < count; ++i) {
 			const GENERAL_NAME* check = sk_GENERAL_NAME_value(names, i);
-			const char* name = reinterpret_cast<const char*>(ASN1_STRING_data(check->d.ia5));
+			const char* name = ASN1_STRING_get0_data(check->d.ia5);
 			size_t length = ASN1_STRING_length(check->d.ia5);
 			if (wildcardMatch(std::string(name, length).c_str(), hostname)) {
 				verified = true;
@@ -284,7 +295,7 @@ bool TlsSession_openssl::verifyHostname(X509* certificate, const char* hostname)
 			if (entry) {
 				ASN1_STRING* asn1 = X509_NAME_ENTRY_get_data(entry);
 				if (asn1) {
-					const char* commonName = reinterpret_cast<const char*>(ASN1_STRING_data(asn1));
+					const char* commonName = ASN1_STRING_get0_data(asn1);
 					if (static_cast<size_t>(ASN1_STRING_length(asn1)) == std::strlen(commonName)) {
 						verified = wildcardMatch(commonName, hostname);
 					}
@@ -295,6 +306,7 @@ bool TlsSession_openssl::verifyHostname(X509* certificate, const char* hostname)
 
 	return verified;
 }
+#endif
 
 bool TlsSession_openssl::getError(char* buffer, size_t bytes) {
 	unsigned long error = ERR_get_error();