[PATCH 1/1] Update imap-send.c, fix incompatibilities with OpenSSL 1.1.x

"Liam Huang via GitGitGadget" <gitgitgadget@xxxxxxxxx> · Tue, 07 Jan 2020 10:02:56 +0000

From: Liam Huang <Liam0205@xxxxxxxxxxxxxxxxxxxxxxxx>

Some APIs have been changed since OpenSSL 1.1.0, so fix incompatibilities with OpenSSL 1.1.x.

See:

* <https://www.openssl.org/docs/man1.1.0/man3/SSLv23_method.html>
* <https://wiki.openssl.org/index.php/Library_Initialization>

Signed-off-by: Liam Huang <liamhuang0205@xxxxxxxxx>
---
 imap-send.c | 23 +++++++++++++++++++++++
 1 file changed, 23 insertions(+)

diff --git a/imap-send.c b/imap-send.c
index 6c54d8c29d..446fd5532b 100644
--- a/imap-send.c
+++ b/imap-send.c
@@ -249,15 +249,28 @@ static int verify_hostname(X509 *cert, const char *hostname)
 	/* try the DNS subjectAltNames */
 	found = 0;
 	if ((subj_alt_names = X509_get_ext_d2i(cert, NID_subject_alt_name, NULL, NULL))) {
+#if (OPENSSL_VERSION_NUMBER >= 0x10100000L)
+		int num_subj_alt_names = OPENSSL_sk_num(subj_alt_names);
+#else
 		int num_subj_alt_names = sk_GENERAL_NAME_num(subj_alt_names);
+#endif
 		for (i = 0; !found && i < num_subj_alt_names; i++) {
+			
+#if (OPENSSL_VERSION_NUMBER >= 0x10100000L)
+			GENERAL_NAME *subj_alt_name = OPENSSL_sk_value(subj_alt_names, i);
+#else
 			GENERAL_NAME *subj_alt_name = sk_GENERAL_NAME_value(subj_alt_names, i);
+#endif
 			if (subj_alt_name->type == GEN_DNS &&
 			    strlen((const char *)subj_alt_name->d.ia5->data) == (size_t)subj_alt_name->d.ia5->length &&
 			    host_matches(hostname, (const char *)(subj_alt_name->d.ia5->data)))
 				found = 1;
 		}
+#if (OPENSSL_VERSION_NUMBER >= 0x10100000L)
+		OPENSSL_sk_pop_free(subj_alt_names, GENERAL_NAME_free);
+#else
 		sk_GENERAL_NAME_pop_free(subj_alt_names, GENERAL_NAME_free);
+#endif
 	}
 	if (found)
 		return 0;
@@ -284,12 +297,22 @@ static int ssl_socket_connect(struct imap_socket *sock, int use_tls_only, int ve
 	int ret;
 	X509 *cert;
 
+#if (OPENSSL_VERSION_NUMBER >= 0x10100000L)
+        OPENSSL_init_ssl(0, NULL);
+
+	meth = TLS_method();
+#else
 	SSL_library_init();
 	SSL_load_error_strings();
 
 	meth = SSLv23_method();
+#endif
 	if (!meth) {
+#if (OPENSSL_VERSION_NUMBER >= 0x10100000L)
+		ssl_socket_perror("TLS_method");
+#else
 		ssl_socket_perror("SSLv23_method");
+#endif
 		return -1;
 	}
 
-- 
gitgitgadget






