50 lines
1.6 KiB
Diff
50 lines
1.6 KiB
Diff
From d583ca7d922e5ac6ff466df2e4411b1303a3a2a3 Mon Sep 17 00:00:00 2001
|
|
From: Florian Stinglmayr <florian@n0la.org>
|
|
Date: Tue, 13 Dec 2016 18:41:43 +0100
|
|
Subject: [PATCH] Use AC_CHECK_FUNCS to find functions not in LibreSSL
|
|
|
|
LibreSSL might not have all functions of OpenSSL 1.1.0 so use
|
|
AC_CHECK_FUNCS to find them first before using them.
|
|
|
|
Closes #1899
|
|
Fixes #1898
|
|
---
|
|
configure.ac | 2 ++
|
|
src/common/ssl.c | 4 ++--
|
|
2 files changed, 4 insertions(+), 2 deletions(-)
|
|
|
|
diff --git configure.ac.orig configure.ac
|
|
index 34e6def..1f442c5 100644
|
|
--- configure.ac.orig
|
|
+++ configure.ac
|
|
@@ -374,6 +374,8 @@ AS_IF([test "$openssl" != no], [
|
|
openssl=yes
|
|
COMMON_LIBS="$COMMON_LIBS $OPENSSL_LIBS"
|
|
COMMON_CFLAGS="$COMMON_CFLAGS $OPENSSL_CFLAGS"
|
|
+ dnl Test for various functions that are not available in LibreSSL
|
|
+ AC_CHECK_FUNCS([SSL_CTX_get_ssl_method X509_get_signature_nid])
|
|
], [
|
|
unset openssl_path ac_cv_lib_ssl_SSL_new ac_cv_header_openssl_ssl_h
|
|
AS_IF([test "$openssl" != yes], [
|
|
diff --git src/common/ssl.c.orig src/common/ssl.c
|
|
index cb58ce2..76fea7b 100644
|
|
--- src/common/ssl.c.orig
|
|
+++ src/common/ssl.c
|
|
@@ -176,7 +176,7 @@ _SSL_get_cert_info (struct cert_info *cert_info, SSL * ssl)
|
|
return 1;
|
|
|
|
alg = OBJ_obj2nid (algor->algorithm);
|
|
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
|
|
+#ifndef HAVE_X509_GET_SIGNATURE_NID
|
|
sign_alg = OBJ_obj2nid (peer_cert->sig_alg->algorithm);
|
|
#else
|
|
sign_alg = X509_get_signature_nid (peer_cert);
|
|
@@ -306,7 +306,7 @@ _SSL_socket (SSL_CTX *ctx, int sd)
|
|
|
|
SSL_set_fd (ssl, sd);
|
|
|
|
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
|
|
+#ifndef HAVE_SSL_CTX_GET_SSL_METHOD
|
|
method = ctx->method;
|
|
#else
|
|
method = SSL_CTX_get_ssl_method (ctx);
|