tags 828494 +pending
thanks
This problem should be resolved by the following patch:
# HG changeset patch
# User Simon Horman <ho...@verge.net.au>
# Date 1477918609 -3600
# Mon Oct 31 13:56:49 2016 +0100
# Node ID 798cc9df07879d58db9096456b43948159c2825b
# Parent 96a24b495d6bac69e5fb450718163e741da7f147
Allow compilation against OpenSSL 1.1
diff -r 96a24b495d6b -r 798cc9df0787 debian/changelog
--- a/debian/changelog Thu May 12 16:56:30 2016 +0900
+++ b/debian/changelog Mon Oct 31 13:56:49 2016 +0100
@@ -4,8 +4,10 @@
(closes: #765867)
* Make builds reproducible
(closes: #787998)
+ * Allow compilation against OpenSSL 1.1
+ (closes: #828494)
- -- Simon Horman <ho...@debian.org> Sat, 13 Jun 2015 09:05:34 +0900
+ -- Simon Horman <ho...@debian.org> Mon, 31 Oct 2016 13:55:18 +0100
perdition (2.1-2) unstable; urgency=medium
diff -r 96a24b495d6b -r 798cc9df0787 perdition/ssl.c
--- a/perdition/ssl.c Thu May 12 16:56:30 2016 +0900
+++ b/perdition/ssl.c Mon Oct 31 13:56:49 2016 +0100
@@ -262,10 +262,9 @@
return 0;
}
- if (__perdition_verify_result(ctx->error, cert)
- == X509_V_OK) {
+ if (__perdition_verify_result(X509_STORE_CTX_get_error(ctx),
+ cert) == X509_V_OK)
return 1;
- }
return ok;
}
@@ -910,7 +909,6 @@
__perdition_ssl_check_common_name(X509 *cert, const char *key)
{
int i;
- X509_NAME_ENTRY *e;
X509_NAME *name;
name = X509_get_subject_name(cert);
@@ -922,6 +920,9 @@
i = -1;
while (1) {
+ X509_NAME_ENTRY *e;
+ ASN1_STRING *data;
+
i = X509_NAME_get_index_by_NID(name, NID_commonName, i);
if (i == -1)
break;
@@ -933,8 +934,14 @@
return -1;
}
- if (!__perdition_ssl_compare_key(key, e->value->data,
- e->value->length))
+ data = X509_NAME_ENTRY_get_data(e);
+ if (!data) {
+ VANESSA_LOGGER_DEBUG_RAW_UNSAFE("warning: could not "
+ "extract data for name entry %d", i);
+ return -1;
+ }
+
+ if (!__perdition_ssl_compare_key(key, data->data, data->length))
return 0;
}
