From 9b19949614d19b16658cfe7bb057b2b34deac1cf Mon Sep 17 00:00:00 2001 From: Alexey Kryuchkov Date: Sat, 7 Apr 2018 22:42:08 +0300 Subject: [PATCH] Fix compilation with OpenSSL 1.1.0 (broken in #327) (#476) --- src/Mayaqua/Network.c | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/src/Mayaqua/Network.c b/src/Mayaqua/Network.c index befe5f7c..b6d339c7 100644 --- a/src/Mayaqua/Network.c +++ b/src/Mayaqua/Network.c @@ -5809,6 +5809,11 @@ SOCK *ListenAnyPortEx2(bool local_only, bool disable_ca) return NULL; } + +#if OPENSSL_VERSION_NUMBER < 0x10100000L +#define X509_STORE_CTX_get0_cert(o) ((o)->cert) +#endif + // Verify client SSL certificate during TLS handshake. // // (actually, only save the certificate for later authentication in Protocol.c) @@ -5816,6 +5821,7 @@ int SslCertVerifyCallback(int preverify_ok, X509_STORE_CTX *ctx) { SSL *ssl; struct SslClientCertInfo *clientcert; + X509 *cert; ssl = X509_STORE_CTX_get_ex_data(ctx, SSL_get_ex_data_X509_STORE_CTX_idx()); clientcert = SSL_get_ex_data(ssl, GetSslClientCertIndex()); @@ -5833,9 +5839,10 @@ int SslCertVerifyCallback(int preverify_ok, X509_STORE_CTX *ctx) } else { - if (ctx->cert != NULL) + cert = X509_STORE_CTX_get0_cert(ctx); + if (cert != NULL) { - X *tmpX = X509ToX(ctx->cert); // this only wraps ctx->cert, but we need to make a copy + X *tmpX = X509ToX(cert); // this only wraps cert, but we need to make a copy X *copyX = CloneX(tmpX); tmpX->do_not_free = true; // do not release inner X509 object FreeX(tmpX);