Fix OpenSSL 1.1 deprecations
This commit is contained in:
Patrick Griffis
parent
27fd9b3fd6
commit
ce91bebc39
@ -64,6 +64,12 @@ if libssl_dep.found()
|
||||
config_h.set('HAVE_DH_SET0_KEY',
|
||||
cc.has_function('DH_set0_key', dependencies: libssl_dep)
|
||||
)
|
||||
config_h.set('HAVE_ERR_REMOVE_THREAD_STATE',
|
||||
cc.has_function('ERR_remove_thread_state', dependencies: libssl_dep)
|
||||
)
|
||||
config_h.set('HAVE_ASN1_STRING_GET0_DATA',
|
||||
cc.has_function('ASN1_STRING_get0_data', dependencies: libssl_dep)
|
||||
)
|
||||
endif
|
||||
|
||||
configure_file(output: 'config.h', configuration: config_h)
|
||||
|
||||
@ -349,7 +349,14 @@ _SSL_close (SSL * ssl)
|
||||
{
|
||||
SSL_set_shutdown (ssl, SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN);
|
||||
SSL_free (ssl);
|
||||
ERR_remove_state (0); /* free state buffer */
|
||||
#ifdef HAVE_ERR_REMOVE_THREAD_STATE
|
||||
#if OPENSSL_VERSION_NUMBER >= 0x10000000L && OPENSSL_VERSION_NUMBER < 0x10100000L
|
||||
/* OpenSSL handles this itself in 1.1+ and this is a no-op */
|
||||
ERR_remove_thread_state (NULL);
|
||||
#endif
|
||||
#else
|
||||
ERR_remove_state (0);
|
||||
#endif
|
||||
}
|
||||
|
||||
/* Hostname validation code based on OpenBSD's libtls. */
|
||||
@ -438,13 +445,17 @@ _SSL_check_subject_altname (X509 *cert, const char *host)
|
||||
|
||||
if (type == GEN_DNS)
|
||||
{
|
||||
unsigned char *data;
|
||||
const unsigned char *data;
|
||||
int format;
|
||||
|
||||
format = ASN1_STRING_type (altname->d.dNSName);
|
||||
if (format == V_ASN1_IA5STRING)
|
||||
{
|
||||
#ifdef HAVE_ASN1_STRING_GET0_DATA
|
||||
data = ASN1_STRING_get0_data (altname->d.dNSName);
|
||||
#else
|
||||
data = ASN1_STRING_data (altname->d.dNSName);
|
||||
#endif
|
||||
|
||||
if (ASN1_STRING_length (altname->d.dNSName) != (int)strlen(data))
|
||||
{
|
||||
@ -465,12 +476,16 @@ _SSL_check_subject_altname (X509 *cert, const char *host)
|
||||
}
|
||||
else if (type == GEN_IPADD)
|
||||
{
|
||||
unsigned char *data;
|
||||
const unsigned char *data;
|
||||
const guint8 *addr_bytes;
|
||||
int datalen, addr_len;
|
||||
|
||||
datalen = ASN1_STRING_length (altname->d.iPAddress);
|
||||
#ifdef HAVE_ASN1_STRING_GET0_DATA
|
||||
data = ASN1_STRING_get0_data (altname->d.iPAddress);
|
||||
#else
|
||||
data = ASN1_STRING_data (altname->d.iPAddress);
|
||||
#endif
|
||||
|
||||
addr_bytes = g_inet_address_to_bytes (addr);
|
||||
addr_len = (int)g_inet_address_get_native_size (addr);
|
||||
|
||||
Loading…
Reference in New Issue
Block a user