93 lines
2.7 KiB
Text
93 lines
2.7 KiB
Text
https://github.com/snimmagadda/pop3d/pull/12
|
|
|
|
Use LibreSSL-specific API for by_mem lookup.
|
|
|
|
Index: ssl_privsep.c
|
|
--- ssl_privsep.c.orig
|
|
+++ ssl_privsep.c
|
|
@@ -81,6 +81,7 @@ int ssl_ctx_use_certificate_chain(SSL_CTX *, char *,
|
|
int ssl_ctx_load_verify_memory(SSL_CTX *, char *, off_t);
|
|
int ssl_by_mem_ctrl(X509_LOOKUP *, int, const char *, long, char **);
|
|
|
|
+#if 0
|
|
X509_LOOKUP_METHOD x509_mem_lookup = {
|
|
"Load cert from memory",
|
|
NULL, /* new */
|
|
@@ -95,6 +96,7 @@ X509_LOOKUP_METHOD x509_mem_lookup = {
|
|
};
|
|
|
|
#define X509_L_ADD_MEM 3
|
|
+#endif
|
|
|
|
int
|
|
ssl_ctx_use_private_key(SSL_CTX *ctx, char *buf, off_t len)
|
|
@@ -111,8 +113,8 @@ ssl_ctx_use_private_key(SSL_CTX *ctx, char *buf, off_t
|
|
}
|
|
|
|
pkey = PEM_read_bio_PrivateKey(in, NULL,
|
|
- ctx->default_passwd_callback,
|
|
- ctx->default_passwd_callback_userdata);
|
|
+ SSL_CTX_get_default_passwd_cb(ctx),
|
|
+ SSL_CTX_get_default_passwd_cb_userdata(ctx));
|
|
|
|
if (pkey == NULL) {
|
|
SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE, ERR_R_PEM_LIB);
|
|
@@ -145,8 +147,8 @@ ssl_ctx_use_certificate_chain(SSL_CTX *ctx, char *buf,
|
|
}
|
|
|
|
if ((x = PEM_read_bio_X509(in, NULL,
|
|
- ctx->default_passwd_callback,
|
|
- ctx->default_passwd_callback_userdata)) == NULL) {
|
|
+ SSL_CTX_get_default_passwd_cb(ctx),
|
|
+ SSL_CTX_get_default_passwd_cb_userdata(ctx))) == NULL) {
|
|
SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_CHAIN_FILE, ERR_R_PEM_LIB);
|
|
goto end;
|
|
}
|
|
@@ -158,14 +160,11 @@ ssl_ctx_use_certificate_chain(SSL_CTX *ctx, char *buf,
|
|
* the CA certificates.
|
|
*/
|
|
|
|
- if (ctx->extra_certs != NULL) {
|
|
- sk_X509_pop_free(ctx->extra_certs, X509_free);
|
|
- ctx->extra_certs = NULL;
|
|
- }
|
|
+ SSL_CTX_clear_extra_chain_certs(ctx);
|
|
|
|
while ((ca = PEM_read_bio_X509(in, NULL,
|
|
- ctx->default_passwd_callback,
|
|
- ctx->default_passwd_callback_userdata)) != NULL) {
|
|
+ SSL_CTX_get_default_passwd_cb(ctx),
|
|
+ SSL_CTX_get_default_passwd_cb_userdata(ctx))) != NULL) {
|
|
|
|
if (!SSL_CTX_add_extra_chain_cert(ctx, ca))
|
|
goto end;
|
|
@@ -195,20 +194,20 @@ ssl_ctx_load_verify_memory(SSL_CTX *ctx, char *buf, of
|
|
X509_LOOKUP *lu;
|
|
struct iovec iov;
|
|
|
|
- if ((lu = X509_STORE_add_lookup(ctx->cert_store,
|
|
- &x509_mem_lookup)) == NULL)
|
|
+ if ((lu = X509_STORE_add_lookup(SSL_CTX_get_cert_store(ctx),
|
|
+ X509_LOOKUP_mem())) == NULL)
|
|
return (0);
|
|
|
|
iov.iov_base = buf;
|
|
iov.iov_len = len;
|
|
|
|
- if (!ssl_by_mem_ctrl(lu, X509_L_ADD_MEM,
|
|
- (const char *)&iov, X509_FILETYPE_PEM, NULL))
|
|
+ if (!X509_LOOKUP_add_mem(lu, &iov, X509_FILETYPE_PEM))
|
|
return (0);
|
|
|
|
return (1);
|
|
}
|
|
|
|
+#if 0
|
|
int
|
|
ssl_by_mem_ctrl(X509_LOOKUP *lu, int cmd, const char *buf,
|
|
long type, char **ret)
|
|
@@ -251,3 +250,4 @@ ssl_by_mem_ctrl(X509_LOOKUP *lu, int cmd, const char *
|
|
BIO_free(in);
|
|
return (count);
|
|
}
|
|
+#endif
|