fix build with openssl 1.1

they finally made their structs opaque, and provided proper getters.
This commit is contained in:
Oswald Buddenhagen 2016-07-24 11:58:57 +02:00
parent 719d4a2437
commit 41308e4814

View File

@ -40,6 +40,10 @@
# include <openssl/ssl.h> # include <openssl/ssl.h>
# include <openssl/err.h> # include <openssl/err.h>
# include <openssl/x509v3.h> # include <openssl/x509v3.h>
# if OPENSSL_VERSION_NUMBER < 0x10100000L
# define X509_OBJECT_get0_X509(o) ((o)->data.x509)
# define X509_STORE_get0_objects(o) ((o)->objs)
# endif
#endif #endif
enum { enum {
@ -171,7 +175,7 @@ verify_cert_host( const server_conf_t *conf, conn_t *sock )
trusted = (STACK_OF(X509_OBJECT) *)sock->conf->trusted_certs; trusted = (STACK_OF(X509_OBJECT) *)sock->conf->trusted_certs;
for (i = 0; i < sk_X509_OBJECT_num( trusted ); i++) { for (i = 0; i < sk_X509_OBJECT_num( trusted ); i++) {
if (!X509_cmp( cert, sk_X509_OBJECT_value( trusted, i )->data.x509 )) if (!X509_cmp( cert, X509_OBJECT_get0_X509( sk_X509_OBJECT_value( trusted, i ) ) ))
return 0; return 0;
} }
@ -222,7 +226,7 @@ init_ssl_ctx( const server_conf_t *conf )
conf->cert_file, ERR_error_string( ERR_get_error(), 0 ) ); conf->cert_file, ERR_error_string( ERR_get_error(), 0 ) );
return 0; return 0;
} }
mconf->trusted_certs = (_STACK *)sk_X509_OBJECT_dup( SSL_CTX_get_cert_store( mconf->SSLContext )->objs ); mconf->trusted_certs = (_STACK *)sk_X509_OBJECT_dup( X509_STORE_get0_objects( SSL_CTX_get_cert_store( mconf->SSLContext ) ) );
if (mconf->system_certs && !SSL_CTX_set_default_verify_paths( mconf->SSLContext )) if (mconf->system_certs && !SSL_CTX_set_default_verify_paths( mconf->SSLContext ))
warn( "Warning: Unable to load default certificate files: %s\n", warn( "Warning: Unable to load default certificate files: %s\n",
ERR_error_string( ERR_get_error(), 0 ) ); ERR_error_string( ERR_get_error(), 0 ) );