From f3f25108a1ea5ef90e6fc172dca56cf55befe772 Mon Sep 17 00:00:00 2001 From: Carl Hetherington Date: Thu, 10 Nov 2016 09:53:52 +0000 Subject: Fix build with OpenSSL 1.1 and later. --- src/certificate.cc | 7 +++++++ src/certificate_chain.cc | 11 +++++++++++ 2 files changed, 18 insertions(+) (limited to 'src') diff --git a/src/certificate.cc b/src/certificate.cc index fbe3a80d..64fb3626 100644 --- a/src/certificate.cc +++ b/src/certificate.cc @@ -355,6 +355,7 @@ Certificate::serial () const return st; } +/** @return thumbprint of the to-be-signed portion of this certificate */ string Certificate::thumbprint () const { @@ -362,7 +363,13 @@ Certificate::thumbprint () const uint8_t buffer[8192]; uint8_t* p = buffer; + +#if OPENSSL_VERSION_NUMBER > 0x10100000L +#warning "Using new OpenSSL API" + i2d_re_X509_tbs(_certificate, &p); +#else i2d_X509_CINF (_certificate->cert_info, &p); +#endif unsigned int const length = p - buffer; if (length > sizeof (buffer)) { throw MiscError ("buffer too small to generate thumbprint"); diff --git a/src/certificate_chain.cc b/src/certificate_chain.cc index 29ae7feb..f06b2c3e 100644 --- a/src/certificate_chain.cc +++ b/src/certificate_chain.cc @@ -51,6 +51,7 @@ #include #include #include +#include #include #include #include @@ -463,7 +464,17 @@ CertificateChain::valid () const RSA* private_key = PEM_read_bio_RSAPrivateKey (bio, 0, 0, 0); RSA* public_key = leaf().public_key (); + +#if OPENSSL_VERSION_NUMBER > 0x10100000L +#warning "Using new OpenSSL API" + BIGNUM const * private_key_n; + RSA_get0_key(private_key, &private_key_n, 0, 0); + BIGNUM const * public_key_n; + RSA_get0_key(public_key, &public_key_n, 0, 0); + bool const valid = !BN_cmp (private_key_n, public_key_n); +#else bool const valid = !BN_cmp (private_key->n, public_key->n); +#endif BIO_free (bio); return valid; -- cgit v1.2.3