diff options
-rw-r--r-- | src/modules/extra/m_ssl_openssl.cpp | 15 |
1 files changed, 12 insertions, 3 deletions
diff --git a/src/modules/extra/m_ssl_openssl.cpp b/src/modules/extra/m_ssl_openssl.cpp index aee7a5e34..f2189f257 100644 --- a/src/modules/extra/m_ssl_openssl.cpp +++ b/src/modules/extra/m_ssl_openssl.cpp @@ -33,6 +33,7 @@ #include "inspircd.h" #include <openssl/ssl.h> #include <openssl/err.h> +#include <openssl/dh.h> #include "ssl.h" #ifdef _WIN32 @@ -42,6 +43,15 @@ # define MAX_DESCRIPTORS 10000 #endif +// Compatibility layer to allow OpenSSL 1.0 to use the 1.1 API. +#if ((defined LIBRESSL_VERSION_NUMBER) || (OPENSSL_VERSION_NUMBER < 0x10100000L)) +# define X509_getm_notAfter X509_get_notAfter +# define X509_getm_notBefore X509_get_notBefore +# define OPENSSL_init_ssl(OPTIONS, SETTINGS) \ + SSL_library_init(); \ + SSL_load_error_strings(); +#endif + /* $ModDesc: Provides SSL support for clients */ /* $LinkerFlags: if("USE_FREEBSD_BASE_SSL") -lssl -lcrypto */ @@ -216,8 +226,7 @@ class ModuleSSLOpenSSL : public Module sessions = new issl_session[ServerInstance->SE->GetMaxFds()]; /* Global SSL library initialization*/ - SSL_library_init(); - SSL_load_error_strings(); + OPENSSL_init_ssl(0, NULL); /* Build our SSL contexts: * NOTE: OpenSSL makes us have two contexts, one for servers and one for clients. ICK. @@ -835,7 +844,7 @@ class ModuleSSLOpenSSL : public Module certinfo->fingerprint = irc::hex(md, n); } - if ((ASN1_UTCTIME_cmp_time_t(X509_get_notAfter(cert), ServerInstance->Time()) == -1) || (ASN1_UTCTIME_cmp_time_t(X509_get_notBefore(cert), ServerInstance->Time()) == 0)) + if ((ASN1_UTCTIME_cmp_time_t(X509_getm_notAfter(cert), ServerInstance->Time()) == -1) || (ASN1_UTCTIME_cmp_time_t(X509_getm_notBefore(cert), ServerInstance->Time()) == 0)) { certinfo->error = "Not activated, or expired certificate"; } |