tags 828494 +pending thanks This problem should be resolved by the following patch:
# HG changeset patch # User Simon Horman <ho...@verge.net.au> # Date 1477918609 -3600 # Mon Oct 31 13:56:49 2016 +0100 # Node ID 798cc9df07879d58db9096456b43948159c2825b # Parent 96a24b495d6bac69e5fb450718163e741da7f147 Allow compilation against OpenSSL 1.1 diff -r 96a24b495d6b -r 798cc9df0787 debian/changelog --- a/debian/changelog Thu May 12 16:56:30 2016 +0900 +++ b/debian/changelog Mon Oct 31 13:56:49 2016 +0100 @@ -4,8 +4,10 @@ (closes: #765867) * Make builds reproducible (closes: #787998) + * Allow compilation against OpenSSL 1.1 + (closes: #828494) - -- Simon Horman <ho...@debian.org> Sat, 13 Jun 2015 09:05:34 +0900 + -- Simon Horman <ho...@debian.org> Mon, 31 Oct 2016 13:55:18 +0100 perdition (2.1-2) unstable; urgency=medium diff -r 96a24b495d6b -r 798cc9df0787 perdition/ssl.c --- a/perdition/ssl.c Thu May 12 16:56:30 2016 +0900 +++ b/perdition/ssl.c Mon Oct 31 13:56:49 2016 +0100 @@ -262,10 +262,9 @@ return 0; } - if (__perdition_verify_result(ctx->error, cert) - == X509_V_OK) { + if (__perdition_verify_result(X509_STORE_CTX_get_error(ctx), + cert) == X509_V_OK) return 1; - } return ok; } @@ -910,7 +909,6 @@ __perdition_ssl_check_common_name(X509 *cert, const char *key) { int i; - X509_NAME_ENTRY *e; X509_NAME *name; name = X509_get_subject_name(cert); @@ -922,6 +920,9 @@ i = -1; while (1) { + X509_NAME_ENTRY *e; + ASN1_STRING *data; + i = X509_NAME_get_index_by_NID(name, NID_commonName, i); if (i == -1) break; @@ -933,8 +934,14 @@ return -1; } - if (!__perdition_ssl_compare_key(key, e->value->data, - e->value->length)) + data = X509_NAME_ENTRY_get_data(e); + if (!data) { + VANESSA_LOGGER_DEBUG_RAW_UNSAFE("warning: could not " + "extract data for name entry %d", i); + return -1; + } + + if (!__perdition_ssl_compare_key(key, data->data, data->length)) return 0; }