diff options
| author | 2018-03-04 13:58:00 +0000 | |
|---|---|---|
| committer | 2018-03-04 13:58:00 +0000 | |
| commit | ded44748551a0aaa117420324f324168dadaf1db (patch) | |
| tree | 1d6f6c0e9b9ff4c2a08a559cf482fe4c1c6284d3 /src/modules | |
| parent | Merge pull request #1458 from linuxdaemon/insp20+duplicate-redir-meta (diff) | |
| parent | m_ssl_openssl: Remove deprecated API members. (diff) | |
| download | inspircd++-ded44748551a0aaa117420324f324168dadaf1db.tar.gz inspircd++-ded44748551a0aaa117420324f324168dadaf1db.tar.bz2 inspircd++-ded44748551a0aaa117420324f324168dadaf1db.zip | |
Merge pull request #1463 from clinew/insp20+openssl-v1.1-compat
m_ssl_openssl: Remove deprecated API members.
Diffstat (limited to 'src/modules')
| -rw-r--r-- | src/modules/extra/m_ssl_openssl.cpp | 15 |
1 files changed, 12 insertions, 3 deletions
diff --git a/src/modules/extra/m_ssl_openssl.cpp b/src/modules/extra/m_ssl_openssl.cpp index aee7a5e34..f2189f257 100644 --- a/src/modules/extra/m_ssl_openssl.cpp +++ b/src/modules/extra/m_ssl_openssl.cpp @@ -33,6 +33,7 @@ #include "inspircd.h" #include <openssl/ssl.h> #include <openssl/err.h> +#include <openssl/dh.h> #include "ssl.h" #ifdef _WIN32 @@ -42,6 +43,15 @@ # define MAX_DESCRIPTORS 10000 #endif +// Compatibility layer to allow OpenSSL 1.0 to use the 1.1 API. +#if ((defined LIBRESSL_VERSION_NUMBER) || (OPENSSL_VERSION_NUMBER < 0x10100000L)) +# define X509_getm_notAfter X509_get_notAfter +# define X509_getm_notBefore X509_get_notBefore +# define OPENSSL_init_ssl(OPTIONS, SETTINGS) \ + SSL_library_init(); \ + SSL_load_error_strings(); +#endif + /* $ModDesc: Provides SSL support for clients */ /* $LinkerFlags: if("USE_FREEBSD_BASE_SSL") -lssl -lcrypto */ @@ -216,8 +226,7 @@ class ModuleSSLOpenSSL : public Module sessions = new issl_session[ServerInstance->SE->GetMaxFds()]; /* Global SSL library initialization*/ - SSL_library_init(); - SSL_load_error_strings(); + OPENSSL_init_ssl(0, NULL); /* Build our SSL contexts: * NOTE: OpenSSL makes us have two contexts, one for servers and one for clients. ICK. @@ -835,7 +844,7 @@ class ModuleSSLOpenSSL : public Module certinfo->fingerprint = irc::hex(md, n); } - if ((ASN1_UTCTIME_cmp_time_t(X509_get_notAfter(cert), ServerInstance->Time()) == -1) || (ASN1_UTCTIME_cmp_time_t(X509_get_notBefore(cert), ServerInstance->Time()) == 0)) + if ((ASN1_UTCTIME_cmp_time_t(X509_getm_notAfter(cert), ServerInstance->Time()) == -1) || (ASN1_UTCTIME_cmp_time_t(X509_getm_notBefore(cert), ServerInstance->Time()) == 0)) { certinfo->error = "Not activated, or expired certificate"; } |
