Fixes for openssl 1.1

The define for SSLeay_add_all_ciphers -> OpenSSL_add_all_ciphers was
removed, and X509_STORE_CTX is now an internal structure.

diff --git a/src/conf.c b/src/conf.c
index ff62ae6fbe0f67e8c26b7a95086ae152c18be6c9..f55a30a30d3daf956913cea9516f3c81ac3a368a 100644 (file)
--- a/src/conf.c
+++ b/src/conf.c
@@ -312,13 +312,15 @@ check_client(struct Client *source_p)
 int
 check_x509store(X509_STORE *store, X509 *cert, const char **error)
 {
-  int ret;
-  X509_STORE_CTX verify_ctx;
-  X509_STORE_CTX_init(&verify_ctx, store, cert, NULL);
-  ret = X509_verify_cert(&verify_ctx);
+  X509_STORE_CTX *verify_ctx = X509_STORE_CTX_new();
+  if (verify_ctx == NULL)
+    return 0;
+
+  X509_STORE_CTX_init(verify_ctx, store, cert, NULL);
+  int ret = X509_verify_cert(verify_ctx);
   if (error)
-    *error = X509_verify_cert_error_string(X509_STORE_CTX_get_error(&verify_ctx));
-  X509_STORE_CTX_cleanup(&verify_ctx);
+    *error = X509_verify_cert_error_string(X509_STORE_CTX_get_error(verify_ctx));
+  X509_STORE_CTX_free(verify_ctx);
   return ret;
 }
 

diff --git a/tools/respond.c b/tools/respond.c
index e1554cbc5201888dfed0dfd4568a97bca9312038..791b74595c8cadfa5f0df7633b0600349c2ebb26 100644 (file)
--- a/tools/respond.c
+++ b/tools/respond.c
@@ -156,7 +156,7 @@ main(int argc, char **argv)
     return 0;
   }
 
-  SSLeay_add_all_ciphers();
+  OpenSSL_add_all_ciphers();
   rsa = PEM_read_RSAPrivateKey(kfile, NULL,pass_cb, NULL);
 
   if (!rsa)