From 217fa9d0f9fe21d998672fd72c547ee68dfe1aac Mon Sep 17 00:00:00 2001
From: Patrick Griffis <tingping@tingping.se>
Date: Sun, 23 Oct 2016 00:58:28 -0400
Subject: ssl: More OpenSSL 1.1.0 fixes

---
 src/common/ssl.c | 12 ++++++++----
 1 file changed, 8 insertions(+), 4 deletions(-)

(limited to 'src')

diff --git a/src/common/ssl.c b/src/common/ssl.c
index f4e23665..31b3062e 100644
--- a/src/common/ssl.c
+++ b/src/common/ssl.c
@@ -152,9 +152,9 @@ int
 _SSL_get_cert_info (struct cert_info *cert_info, SSL * ssl)
 {
 	X509 *peer_cert;
+	X509_PUBKEY *key;
+	X509_ALGOR *algor = NULL;
 	EVP_PKEY *peer_pkey;
-	/* EVP_PKEY *ca_pkey; */
-	/* EVP_PKEY *tmp_pkey; */
 	char notBefore[64];
 	char notAfter[64];
 	int alg;
@@ -171,7 +171,11 @@ _SSL_get_cert_info (struct cert_info *cert_info, SSL * ssl)
 	broke_oneline (cert_info->subject, cert_info->subject_word);
 	broke_oneline (cert_info->issuer, cert_info->issuer_word);
 
-	alg = OBJ_obj2nid (peer_cert->cert_info->key->algor->algorithm);
+	key = X509_get_X509_PUBKEY(peer_cert);
+	if (!X509_PUBKEY_get0_param(NULL, NULL, 0, &algor, key))
+		return 1;
+
+	alg = OBJ_obj2nid (algor->algorithm);
 	sign_alg = OBJ_obj2nid (peer_cert->sig_alg->algorithm);
 	ASN1_TIME_snprintf (notBefore, sizeof (notBefore),
 							  X509_get_notBefore (peer_cert));
@@ -297,7 +301,7 @@ _SSL_socket (SSL_CTX *ctx, int sd)
 		__SSL_critical_error ("SSL_new");
 
 	SSL_set_fd (ssl, sd);
-	if (ctx->method == SSLv23_client_method())
+	if (SSL_CTX_get_ssl_method (ctx) == SSLv23_client_method())
 		SSL_set_connect_state (ssl);
 	else
 	        SSL_set_accept_state(ssl);
-- 
cgit 1.4.1