changeset 944:798cc9df0787

Allow compilation against OpenSSL 1.1
author Simon Horman <horms@verge.net.au>
date Mon, 31 Oct 2016 13:56:49 +0100
parents 96a24b495d6b
children de67c5c7c866
files debian/changelog perdition/ssl.c
diffstat 2 files changed, 16 insertions(+), 7 deletions(-) [+]
line wrap: on
line diff
--- a/debian/changelog	Thu May 12 16:56:30 2016 +0900
+++ b/debian/changelog	Mon Oct 31 13:56:49 2016 +0100
@@ -4,8 +4,10 @@
     (closes: #765867)
   * Make builds reproducible
     (closes: #787998)
+  * Allow compilation against OpenSSL 1.1
+    (closes: #828494)
 
- -- Simon Horman <horms@debian.org>  Sat, 13 Jun 2015 09:05:34 +0900
+ -- Simon Horman <horms@debian.org>  Mon, 31 Oct 2016 13:55:18 +0100
 
 perdition (2.1-2) unstable; urgency=medium
 
--- a/perdition/ssl.c	Thu May 12 16:56:30 2016 +0900
+++ b/perdition/ssl.c	Mon Oct 31 13:56:49 2016 +0100
@@ -262,10 +262,9 @@
 		return 0;
 	}
 
-	if (__perdition_verify_result(ctx->error, cert) 
-			== X509_V_OK) {
+	if (__perdition_verify_result(X509_STORE_CTX_get_error(ctx),
+				      cert) == X509_V_OK)
 		return 1;
-	}
 
 	return ok;
 }
@@ -910,7 +909,6 @@
 __perdition_ssl_check_common_name(X509 *cert, const char *key)
 {
 	int i;
-	X509_NAME_ENTRY *e;
 	X509_NAME *name;
 
 	name = X509_get_subject_name(cert);
@@ -922,6 +920,9 @@
 
 	i = -1;
 	while (1) {
+		X509_NAME_ENTRY *e;
+		ASN1_STRING *data;
+
 		i = X509_NAME_get_index_by_NID(name, NID_commonName, i);
 		if (i == -1)
 			break;
@@ -933,8 +934,14 @@
 			return -1;
 		}
 
-		if (!__perdition_ssl_compare_key(key, e->value->data,
-						 e->value->length))
+		data = X509_NAME_ENTRY_get_data(e);
+		if (!data) {
+			VANESSA_LOGGER_DEBUG_RAW_UNSAFE("warning: could not "
+				"extract data for name entry %d", i);
+			return -1;
+		}
+
+		if (!__perdition_ssl_compare_key(key, data->data, data->length))
 			return 0;
 	}