From 4cfed4e5f68a1b9a2370dfceec3b97fb65e6ef46 Mon Sep 17 00:00:00 2001 From: Wade Cline Date: Fri, 2 Mar 2018 21:05:05 -0800 Subject: m_ssl_openssl: Remove deprecated API members. Backported from 2afc1af4639ae2bbef397f4f6acc834950017d91. --- src/modules/extra/m_ssl_openssl.cpp | 15 ++++++++++++--- 1 file changed, 12 insertions(+), 3 deletions(-) (limited to 'src/modules/extra/m_ssl_openssl.cpp') diff --git a/src/modules/extra/m_ssl_openssl.cpp b/src/modules/extra/m_ssl_openssl.cpp index aee7a5e34..f2189f257 100644 --- a/src/modules/extra/m_ssl_openssl.cpp +++ b/src/modules/extra/m_ssl_openssl.cpp @@ -33,6 +33,7 @@ #include "inspircd.h" #include #include +#include #include "ssl.h" #ifdef _WIN32 @@ -42,6 +43,15 @@ # define MAX_DESCRIPTORS 10000 #endif +// Compatibility layer to allow OpenSSL 1.0 to use the 1.1 API. +#if ((defined LIBRESSL_VERSION_NUMBER) || (OPENSSL_VERSION_NUMBER < 0x10100000L)) +# define X509_getm_notAfter X509_get_notAfter +# define X509_getm_notBefore X509_get_notBefore +# define OPENSSL_init_ssl(OPTIONS, SETTINGS) \ + SSL_library_init(); \ + SSL_load_error_strings(); +#endif + /* $ModDesc: Provides SSL support for clients */ /* $LinkerFlags: if("USE_FREEBSD_BASE_SSL") -lssl -lcrypto */ @@ -216,8 +226,7 @@ class ModuleSSLOpenSSL : public Module sessions = new issl_session[ServerInstance->SE->GetMaxFds()]; /* Global SSL library initialization*/ - SSL_library_init(); - SSL_load_error_strings(); + OPENSSL_init_ssl(0, NULL); /* Build our SSL contexts: * NOTE: OpenSSL makes us have two contexts, one for servers and one for clients. ICK. @@ -835,7 +844,7 @@ class ModuleSSLOpenSSL : public Module certinfo->fingerprint = irc::hex(md, n); } - if ((ASN1_UTCTIME_cmp_time_t(X509_get_notAfter(cert), ServerInstance->Time()) == -1) || (ASN1_UTCTIME_cmp_time_t(X509_get_notBefore(cert), ServerInstance->Time()) == 0)) + if ((ASN1_UTCTIME_cmp_time_t(X509_getm_notAfter(cert), ServerInstance->Time()) == -1) || (ASN1_UTCTIME_cmp_time_t(X509_getm_notBefore(cert), ServerInstance->Time()) == 0)) { certinfo->error = "Not activated, or expired certificate"; } -- cgit v1.2.3