From 439ff094ce0d1be5704d52bc445a22c1be01ab0d Mon Sep 17 00:00:00 2001 From: Patrick Griffis Date: Sun, 26 Jun 2016 14:37:25 -0400 Subject: [PATCH] Fix building against openssl 1.1.0 Fixes #1759 --- configure.ac | 2 +- src/common/server.c | 16 ++++++++++------ 2 files changed, 11 insertions(+), 7 deletions(-) diff --git a/configure.ac b/configure.ac index ec6e2401..2c60a484 100644 --- a/configure.ac +++ b/configure.ac @@ -373,7 +373,7 @@ dnl ********************************************************************* AS_IF([test "$openssl" != no], [ - PKG_CHECK_MODULES(OPENSSL, [openssl], [ + PKG_CHECK_MODULES(OPENSSL, [openssl >= 0.9.8], [ AC_DEFINE(USE_OPENSSL) openssl=yes COMMON_LIBS="$COMMON_LIBS $OPENSSL_LIBS" diff --git a/src/common/server.c b/src/common/server.c index 83e3ba9a..1ed90d0b 100644 --- a/src/common/server.c +++ b/src/common/server.c @@ -466,19 +466,22 @@ ssl_cb_verify (int ok, X509_STORE_CTX * ctx) char subject[256]; char issuer[256]; char buf[512]; + X509 *current_cert = X509_STORE_CTX_get_current_cert (ctx); + if (!current_cert) + return TRUE; - X509_NAME_oneline (X509_get_subject_name (ctx->current_cert), subject, - sizeof (subject)); - X509_NAME_oneline (X509_get_issuer_name (ctx->current_cert), issuer, - sizeof (issuer)); + X509_NAME_oneline (X509_get_subject_name (current_cert), + subject, sizeof (subject)); + X509_NAME_oneline (X509_get_issuer_name (current_cert), + issuer, sizeof (issuer)); g_snprintf (buf, sizeof (buf), "* Subject: %s", subject); EMIT_SIGNAL (XP_TE_SSLMESSAGE, g_sess, buf, NULL, NULL, NULL, 0); g_snprintf (buf, sizeof (buf), "* Issuer: %s", issuer); EMIT_SIGNAL (XP_TE_SSLMESSAGE, g_sess, buf, NULL, NULL, NULL, 0); - return (TRUE); /* always ok */ + return TRUE; } static int @@ -638,7 +641,8 @@ conn_fail: return (0); /* remove it (0) */ } else { - if (serv->ssl->session && serv->ssl->session->time + SSLTMOUT < time (NULL)) + SSL_SESSION *session = SSL_get_session (serv->ssl); + if (session && SSL_SESSION_get_time (session) + SSLTMOUT < time (NULL)) { g_snprintf (buf, sizeof (buf), "SSL handshake timed out"); EMIT_SIGNAL (XP_TE_CONNFAIL, serv->server_session, buf, NULL,