Fix OpenSSL 1.1 deprecations
This commit is contained in:
parent
27fd9b3fd6
commit
ce91bebc39
|
@ -64,6 +64,12 @@ if libssl_dep.found()
|
||||||
config_h.set('HAVE_DH_SET0_KEY',
|
config_h.set('HAVE_DH_SET0_KEY',
|
||||||
cc.has_function('DH_set0_key', dependencies: libssl_dep)
|
cc.has_function('DH_set0_key', dependencies: libssl_dep)
|
||||||
)
|
)
|
||||||
|
config_h.set('HAVE_ERR_REMOVE_THREAD_STATE',
|
||||||
|
cc.has_function('ERR_remove_thread_state', dependencies: libssl_dep)
|
||||||
|
)
|
||||||
|
config_h.set('HAVE_ASN1_STRING_GET0_DATA',
|
||||||
|
cc.has_function('ASN1_STRING_get0_data', dependencies: libssl_dep)
|
||||||
|
)
|
||||||
endif
|
endif
|
||||||
|
|
||||||
configure_file(output: 'config.h', configuration: config_h)
|
configure_file(output: 'config.h', configuration: config_h)
|
||||||
|
|
|
@ -349,7 +349,14 @@ _SSL_close (SSL * ssl)
|
||||||
{
|
{
|
||||||
SSL_set_shutdown (ssl, SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN);
|
SSL_set_shutdown (ssl, SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN);
|
||||||
SSL_free (ssl);
|
SSL_free (ssl);
|
||||||
ERR_remove_state (0); /* free state buffer */
|
#ifdef HAVE_ERR_REMOVE_THREAD_STATE
|
||||||
|
#if OPENSSL_VERSION_NUMBER >= 0x10000000L && OPENSSL_VERSION_NUMBER < 0x10100000L
|
||||||
|
/* OpenSSL handles this itself in 1.1+ and this is a no-op */
|
||||||
|
ERR_remove_thread_state (NULL);
|
||||||
|
#endif
|
||||||
|
#else
|
||||||
|
ERR_remove_state (0);
|
||||||
|
#endif
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Hostname validation code based on OpenBSD's libtls. */
|
/* Hostname validation code based on OpenBSD's libtls. */
|
||||||
|
@ -438,13 +445,17 @@ _SSL_check_subject_altname (X509 *cert, const char *host)
|
||||||
|
|
||||||
if (type == GEN_DNS)
|
if (type == GEN_DNS)
|
||||||
{
|
{
|
||||||
unsigned char *data;
|
const unsigned char *data;
|
||||||
int format;
|
int format;
|
||||||
|
|
||||||
format = ASN1_STRING_type (altname->d.dNSName);
|
format = ASN1_STRING_type (altname->d.dNSName);
|
||||||
if (format == V_ASN1_IA5STRING)
|
if (format == V_ASN1_IA5STRING)
|
||||||
{
|
{
|
||||||
|
#ifdef HAVE_ASN1_STRING_GET0_DATA
|
||||||
|
data = ASN1_STRING_get0_data (altname->d.dNSName);
|
||||||
|
#else
|
||||||
data = ASN1_STRING_data (altname->d.dNSName);
|
data = ASN1_STRING_data (altname->d.dNSName);
|
||||||
|
#endif
|
||||||
|
|
||||||
if (ASN1_STRING_length (altname->d.dNSName) != (int)strlen(data))
|
if (ASN1_STRING_length (altname->d.dNSName) != (int)strlen(data))
|
||||||
{
|
{
|
||||||
|
@ -465,12 +476,16 @@ _SSL_check_subject_altname (X509 *cert, const char *host)
|
||||||
}
|
}
|
||||||
else if (type == GEN_IPADD)
|
else if (type == GEN_IPADD)
|
||||||
{
|
{
|
||||||
unsigned char *data;
|
const unsigned char *data;
|
||||||
const guint8 *addr_bytes;
|
const guint8 *addr_bytes;
|
||||||
int datalen, addr_len;
|
int datalen, addr_len;
|
||||||
|
|
||||||
datalen = ASN1_STRING_length (altname->d.iPAddress);
|
datalen = ASN1_STRING_length (altname->d.iPAddress);
|
||||||
|
#ifdef HAVE_ASN1_STRING_GET0_DATA
|
||||||
|
data = ASN1_STRING_get0_data (altname->d.iPAddress);
|
||||||
|
#else
|
||||||
data = ASN1_STRING_data (altname->d.iPAddress);
|
data = ASN1_STRING_data (altname->d.iPAddress);
|
||||||
|
#endif
|
||||||
|
|
||||||
addr_bytes = g_inet_address_to_bytes (addr);
|
addr_bytes = g_inet_address_to_bytes (addr);
|
||||||
addr_len = (int)g_inet_address_get_native_size (addr);
|
addr_len = (int)g_inet_address_get_native_size (addr);
|
||||||
|
|
Loading…
Reference in New Issue