summary refs log tree commit diff stats
diff options
context:
space:
mode:
authorPatrick Griffis <tingping@tingping.se>2016-10-23 03:26:43 -0400
committerPatrick Griffis <tingping@tingping.se>2016-10-23 03:34:15 -0400
commita0e80ebda2bc9270beb4818a2438d7555593b6fd (patch)
treee77259e3e7b3175f88d7fd1ac6c3fcc9819c49be
parent1186236ac11d959bd7b2af5c53db065f3aa3da13 (diff)
Final fixup of OpenSSL 1.1.0 changes
-rw-r--r--plugins/fishlim/dh1080.c39
-rw-r--r--src/common/ssl.c4
2 files changed, 36 insertions, 7 deletions
diff --git a/plugins/fishlim/dh1080.c b/plugins/fishlim/dh1080.c
index 5afb1c63..ff6e5794 100644
--- a/plugins/fishlim/dh1080.c
+++ b/plugins/fishlim/dh1080.c
@@ -64,12 +64,23 @@ dh1080_init (void)
 	if ((g_dh = DH_new()))
 	{
 		int codes;
+		BIGNUM *p, *g;
 
-		g_dh->p = BN_bin2bn (prime1080, DH1080_PRIME_BYTES, NULL);
-		g_dh->g = BN_new ();
+		p = BN_bin2bn (prime1080, DH1080_PRIME_BYTES, NULL);
+		g = BN_new ();
 
-		g_assert (g_dh->p != NULL && g_dh->g != NULL);
-		BN_set_word(g_dh->g, 2);
+		if (p == NULL || g == NULL)
+			return 1;
+
+		BN_set_word (g, 2);
+
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
+		g_dh->p = p;
+		g_dh->g = g;
+#else
+		if (!DH_set0_pqg (g_dh, p, NULL, g))
+			return 1;
+#endif
 
 		if (DH_check (g_dh, &codes))
 			return codes == 0;
@@ -136,6 +147,7 @@ dh1080_generate_key (char **priv_key, char **pub_key)
 	guchar buf[DH1080_PRIME_BYTES];
 	int len;
 	DH *dh;
+	const BIGNUM *dh_priv_key, *dh_pub_key;
 
   	g_assert (priv_key != NULL);
 	g_assert (pub_key != NULL);
@@ -150,12 +162,19 @@ dh1080_generate_key (char **priv_key, char **pub_key)
 		return 0;
 	}
 
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
+	dh_pub_key = dh->pub_key;
+	dh_priv_key = dh->priv_key;
+#else
+	DH_get0_key (dh, &dh_pub_key, &dh_priv_key);
+#endif
+
 	MEMZERO (buf);
-	len = BN_bn2bin (dh->priv_key, buf);
+	len = BN_bn2bin (dh_priv_key, buf);
 	*priv_key = dh1080_encode_b64 (buf, len);
 
 	MEMZERO (buf);
-	len = BN_bn2bin(dh->pub_key, buf);
+	len = BN_bn2bin (dh_pub_key, buf);
 	*pub_key = dh1080_encode_b64 (buf, len);
 
 	OPENSSL_cleanse (buf, sizeof (buf));
@@ -190,9 +209,15 @@ dh1080_compute_key (const char *priv_key, const char *pub_key, char **secret_key
 		char *priv_key_data;
 		gsize priv_key_len;
 		int shared_len;
+		BIGNUM *priv_key_num;
 
 	  	priv_key_data = dh1080_decode_b64 (priv_key, &priv_key_len);
-		dh->priv_key = BN_bin2bn(priv_key_data, priv_key_len, NULL);
+		priv_key_num = BN_bin2bn(priv_key_data, priv_key_len, NULL);
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
+		dh->priv_key = priv_key_num;
+#else
+		DH_set0_key (dh, NULL, priv_key_num);
+#endif
 
 		shared_len = DH_compute_key (shared_key, pk, dh);
 		SHA256(shared_key, shared_len, sha256);
diff --git a/src/common/ssl.c b/src/common/ssl.c
index ad83d070..cb58ce25 100644
--- a/src/common/ssl.c
+++ b/src/common/ssl.c
@@ -176,7 +176,11 @@ _SSL_get_cert_info (struct cert_info *cert_info, SSL * ssl)
 		return 1;
 
 	alg = OBJ_obj2nid (algor->algorithm);
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
 	sign_alg = OBJ_obj2nid (peer_cert->sig_alg->algorithm);
+#else
+	sign_alg = X509_get_signature_nid (peer_cert);
+#endif
 	ASN1_TIME_snprintf (notBefore, sizeof (notBefore),
 							  X509_get_notBefore (peer_cert));
 	ASN1_TIME_snprintf (notAfter, sizeof (notAfter),