diff mbox series

[1/1] Update imap-send.c, fix incompatibilities with OpenSSL 1.1.x

Message ID 8c96c56a1818b066d4570873e00c52d42399e3c2.1578391376.git.gitgitgadget@gmail.com (mailing list archive)
State New, archived
Headers show
Series Update imap-send.c, fix incompatibilities with OpenSSL 1.1.x | expand

Commit Message

Linus Arver via GitGitGadget Jan. 7, 2020, 10:02 a.m. UTC 
From: Liam Huang <Liam0205@users.noreply.github.com>

Some APIs have been changed since OpenSSL 1.1.0, so fix incompatibilities with OpenSSL 1.1.x.

See:

* <https://www.openssl.org/docs/man1.1.0/man3/SSLv23_method.html>
* <https://wiki.openssl.org/index.php/Library_Initialization>

Signed-off-by: Liam Huang <liamhuang0205@gmail.com>
---
 imap-send.c | 23 +++++++++++++++++++++++
 1 file changed, 23 insertions(+)

Comments

Junio C Hamano Jan. 7, 2020, 8:19 p.m. UTC | #1 
"Liam Huang via GitGitGadget" <gitgitgadget@gmail.com> writes:

> From: Liam Huang <Liam0205@users.noreply.github.com>
>
> Some APIs have been changed since OpenSSL 1.1.0, so fix incompatibilities with OpenSSL 1.1.x.

I wonder if the patch can be made a lot less noisy with something
along this line

        #if OPENSSL_VERSION_NUMBER < 0x10100000L
        #define OPENSSL_sk_num(x) sk_GENERAL_NAME_num(x)
        #define OPENSSL_sk_value(x,y) sk_GENERAL_NAME_value((x),(y))
        #define OPENSSL_sk_pop_free(x,y) sk_GENERAL_NAME_pop_free((x),(y))
        #endif

which would allow you to reduce many #if/#else/#endif in the actual
code.
diff mbox series

Patch

diff --git a/imap-send.c b/imap-send.c
index 6c54d8c29d..446fd5532b 100644
--- a/imap-send.c
+++ b/imap-send.c
@@ -249,15 +249,28 @@  static int verify_hostname(X509 *cert, const char *hostname)
 	/* try the DNS subjectAltNames */
 	found = 0;
 	if ((subj_alt_names = X509_get_ext_d2i(cert, NID_subject_alt_name, NULL, NULL))) {
+#if (OPENSSL_VERSION_NUMBER >= 0x10100000L)
+		int num_subj_alt_names = OPENSSL_sk_num(subj_alt_names);
+#else
 		int num_subj_alt_names = sk_GENERAL_NAME_num(subj_alt_names);
+#endif
 		for (i = 0; !found && i < num_subj_alt_names; i++) {
+			
+#if (OPENSSL_VERSION_NUMBER >= 0x10100000L)
+			GENERAL_NAME *subj_alt_name = OPENSSL_sk_value(subj_alt_names, i);
+#else
 			GENERAL_NAME *subj_alt_name = sk_GENERAL_NAME_value(subj_alt_names, i);
+#endif
 			if (subj_alt_name->type == GEN_DNS &&
 			    strlen((const char *)subj_alt_name->d.ia5->data) == (size_t)subj_alt_name->d.ia5->length &&
 			    host_matches(hostname, (const char *)(subj_alt_name->d.ia5->data)))
 				found = 1;
 		}
+#if (OPENSSL_VERSION_NUMBER >= 0x10100000L)
+		OPENSSL_sk_pop_free(subj_alt_names, GENERAL_NAME_free);
+#else
 		sk_GENERAL_NAME_pop_free(subj_alt_names, GENERAL_NAME_free);
+#endif
 	}
 	if (found)
 		return 0;
@@ -284,12 +297,22 @@  static int ssl_socket_connect(struct imap_socket *sock, int use_tls_only, int ve
 	int ret;
 	X509 *cert;
 
+#if (OPENSSL_VERSION_NUMBER >= 0x10100000L)
+        OPENSSL_init_ssl(0, NULL);
+
+	meth = TLS_method();
+#else
 	SSL_library_init();
 	SSL_load_error_strings();
 
 	meth = SSLv23_method();
+#endif
 	if (!meth) {
+#if (OPENSSL_VERSION_NUMBER >= 0x10100000L)
+		ssl_socket_perror("TLS_method");
+#else
 		ssl_socket_perror("SSLv23_method");
+#endif
 		return -1;
 	}