[commit] master: Merge branch 'isync_1_2_branch'

Sat, 05 Nov 2016 05:18:08 -0700 

Skipped 3 existing revision(s) on branch 'master'.

commit b2f6ef391bba6c0c77002f73fe259b424fce1169
Merge: 46e792c 41308e4
Author: Oswald Buddenhagen <[email protected]>
Date:   Sat Nov 5 13:16:32 2016 +0100

    Merge branch 'isync_1_2_branch'

 src/socket.c |   11 +++++++----
 1 files changed, 7 insertions(+), 4 deletions(-)


===== Full diff against 1st parent =====

diff --git a/src/socket.c b/src/socket.c
index 8b19396..6ab3ce4 100644
--- a/src/socket.c
+++ b/src/socket.c
@@ -39,8 +39,11 @@
 #ifdef HAVE_LIBSSL
 # include <openssl/ssl.h>
 # include <openssl/err.h>
-# include <openssl/hmac.h>
 # include <openssl/x509v3.h>
+# if OPENSSL_VERSION_NUMBER < 0x10100000L
+#  define X509_OBJECT_get0_X509(o) ((o)->data.x509)
+#  define X509_STORE_get0_objects(o) ((o)->objs)
+# endif
 #endif
 
 enum {
@@ -172,13 +175,13 @@ verify_cert_host( const server_conf_t *conf, conn_t *sock 
)
 
        trusted = (STACK_OF(X509_OBJECT) *)sock->conf->trusted_certs;
        for (i = 0; i < sk_X509_OBJECT_num( trusted ); i++) {
-               if (!X509_cmp( cert, sk_X509_OBJECT_value( trusted, i 
)->data.x509 ))
+               if (!X509_cmp( cert, X509_OBJECT_get0_X509( 
sk_X509_OBJECT_value( trusted, i ) ) ))
                        return 0;
        }
 
        err = SSL_get_verify_result( sock->ssl );
        if (err != X509_V_OK) {
-               error( "SSL error connecting %s: %s\n", sock->name, 
ERR_error_string( err, NULL ) );
+               error( "SSL error connecting %s: %s\n", sock->name, 
X509_verify_cert_error_string( err ) );
                return -1;
        }
 
@@ -223,7 +226,7 @@ init_ssl_ctx( const server_conf_t *conf )
                       conf->cert_file, ERR_error_string( ERR_get_error(), 0 ) 
);
                return 0;
        }
-       mconf->trusted_certs = (_STACK *)sk_X509_OBJECT_dup( 
SSL_CTX_get_cert_store( mconf->SSLContext )->objs );
+       mconf->trusted_certs = (_STACK *)sk_X509_OBJECT_dup( 
X509_STORE_get0_objects( SSL_CTX_get_cert_store( mconf->SSLContext ) ) );
        if (mconf->system_certs && !SSL_CTX_set_default_verify_paths( 
mconf->SSLContext ))
                warn( "Warning: Unable to load default certificate files: %s\n",
                      ERR_error_string( ERR_get_error(), 0 ) );

------------------------------------------------------------------------------
Developer Access Program for Intel Xeon Phi Processors
Access to Intel Xeon Phi processor-based developer platforms.
With one year of Intel Parallel Studio XE.
Training and support from Colfax.
Order your platform today. http://sdm.link/xeonphi
_______________________________________________
isync-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/isync-devel

Reply via email to