From 41308e481466b91813f6765a0c92ad83fd9d1ab2 Mon Sep 17 00:00:00 2001 From: Oswald Buddenhagen Date: Sun, 24 Jul 2016 11:58:57 +0200 Subject: [PATCH] fix build with openssl 1.1 they finally made their structs opaque, and provided proper getters. --- src/socket.c | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/src/socket.c b/src/socket.c index 94d0e7f..3736fd5 100644 --- a/src/socket.c +++ b/src/socket.c @@ -40,6 +40,10 @@ # include # include # include +# if OPENSSL_VERSION_NUMBER < 0x10100000L +# define X509_OBJECT_get0_X509(o) ((o)->data.x509) +# define X509_STORE_get0_objects(o) ((o)->objs) +# endif #endif enum { @@ -171,7 +175,7 @@ verify_cert_host( const server_conf_t *conf, conn_t *sock ) trusted = (STACK_OF(X509_OBJECT) *)sock->conf->trusted_certs; for (i = 0; i < sk_X509_OBJECT_num( trusted ); i++) { - if (!X509_cmp( cert, sk_X509_OBJECT_value( trusted, i )->data.x509 )) + if (!X509_cmp( cert, X509_OBJECT_get0_X509( sk_X509_OBJECT_value( trusted, i ) ) )) return 0; } @@ -222,7 +226,7 @@ init_ssl_ctx( const server_conf_t *conf ) conf->cert_file, ERR_error_string( ERR_get_error(), 0 ) ); return 0; } - mconf->trusted_certs = (_STACK *)sk_X509_OBJECT_dup( SSL_CTX_get_cert_store( mconf->SSLContext )->objs ); + mconf->trusted_certs = (_STACK *)sk_X509_OBJECT_dup( X509_STORE_get0_objects( SSL_CTX_get_cert_store( mconf->SSLContext ) ) ); if (mconf->system_certs && !SSL_CTX_set_default_verify_paths( mconf->SSLContext )) warn( "Warning: Unable to load default certificate files: %s\n", ERR_error_string( ERR_get_error(), 0 ) );