summary refs log tree commit diff stats
diff options
context:
space:
mode:
authorPatrick Griffis <tingping@tingping.se>2016-06-26 14:37:25 -0400
committerPatrick Griffis <tingping@tingping.se>2016-08-27 22:57:09 -0400
commit439ff094ce0d1be5704d52bc445a22c1be01ab0d (patch)
tree89c3867883cfd5df3e17c23c4f592dea69e23a4b
parent7281da8b2c37b58d69378cc852a2aa5173c82f47 (diff)
Fix building against openssl 1.1.0
Fixes #1759
-rw-r--r--configure.ac2
-rw-r--r--src/common/server.c16
2 files changed, 11 insertions, 7 deletions
diff --git a/configure.ac b/configure.ac
index ec6e2401..2c60a484 100644
--- a/configure.ac
+++ b/configure.ac
@@ -373,7 +373,7 @@ dnl *********************************************************************
 
 
 AS_IF([test "$openssl" != no], [
-	PKG_CHECK_MODULES(OPENSSL, [openssl], [
+	PKG_CHECK_MODULES(OPENSSL, [openssl >= 0.9.8], [
 		AC_DEFINE(USE_OPENSSL)
 		openssl=yes
 		COMMON_LIBS="$COMMON_LIBS $OPENSSL_LIBS"
diff --git a/src/common/server.c b/src/common/server.c
index 83e3ba9a..1ed90d0b 100644
--- a/src/common/server.c
+++ b/src/common/server.c
@@ -466,19 +466,22 @@ ssl_cb_verify (int ok, X509_STORE_CTX * ctx)
 	char subject[256];
 	char issuer[256];
 	char buf[512];
+	X509 *current_cert = X509_STORE_CTX_get_current_cert (ctx);
 
+	if (!current_cert)
+		return TRUE;
 
-	X509_NAME_oneline (X509_get_subject_name (ctx->current_cert), subject,
-							 sizeof (subject));
-	X509_NAME_oneline (X509_get_issuer_name (ctx->current_cert), issuer,
-							 sizeof (issuer));
+	X509_NAME_oneline (X509_get_subject_name (current_cert),
+	                   subject, sizeof (subject));
+	X509_NAME_oneline (X509_get_issuer_name (current_cert),
+	                   issuer, sizeof (issuer));
 
 	g_snprintf (buf, sizeof (buf), "* Subject: %s", subject);
 	EMIT_SIGNAL (XP_TE_SSLMESSAGE, g_sess, buf, NULL, NULL, NULL, 0);
 	g_snprintf (buf, sizeof (buf), "* Issuer: %s", issuer);
 	EMIT_SIGNAL (XP_TE_SSLMESSAGE, g_sess, buf, NULL, NULL, NULL, 0);
 
-	return (TRUE);					  /* always ok */
+	return TRUE;
 }
 
 static int
@@ -638,7 +641,8 @@ conn_fail:
 		return (0);					  /* remove it (0) */
 	} else
 	{
-		if (serv->ssl->session && serv->ssl->session->time + SSLTMOUT < time (NULL))
+		SSL_SESSION *session = SSL_get_session (serv->ssl);
+		if (session && SSL_SESSION_get_time (session) + SSLTMOUT < time (NULL))
 		{
 			g_snprintf (buf, sizeof (buf), "SSL handshake timed out");
 			EMIT_SIGNAL (XP_TE_CONNFAIL, serv->server_session, buf, NULL,