]> git.ipfire.org Git - thirdparty/haproxy.git/commitdiff
BUILD/MINOR: ssl: Fix compilation with OpenSSL 1.0.2
authorRemi Tricot-Le Breton <rlebreton@haproxy.com>
Mon, 17 May 2021 16:38:34 +0000 (18:38 +0200)
committerWilliam Lallemand <wlallemand@haproxy.org>
Mon, 17 May 2021 22:28:31 +0000 (00:28 +0200)
The following functions used in CA/CRL file hot update were not defined
in OpenSSL 1.0.2 so they need to be defined in openssl-compat :
- X509_CRL_get_signature_nid
- X509_CRL_get0_lastUpdate
- X509_CRL_get0_nextUpdate
- X509_REVOKED_get0_serialNumber
- X509_REVOKED_get0_revocationDate

include/haproxy/openssl-compat.h
src/ssl_ckch.c

index 96a0bf38b0c893fc82f1c1abff166c18f547e83e..8e1b94bc3953a33fb229ac426f7d22a0dee723fb 100644 (file)
@@ -261,6 +261,31 @@ static inline void SSL_CTX_up_ref(SSL_CTX *ctx)
 {
     CRYPTO_add(&ctx->references, 1, CRYPTO_LOCK_SSL_CTX);
 }
+
+static inline int X509_CRL_get_signature_nid(const X509_CRL *crl)
+{
+       return OBJ_obj2nid(crl->sig_alg->algorithm);
+}
+
+static inline const ASN1_TIME *X509_CRL_get0_lastUpdate(const X509_CRL *crl)
+{
+       return X509_CRL_get_lastUpdate(crl);
+}
+
+static inline const ASN1_TIME *X509_CRL_get0_nextUpdate(const X509_CRL *crl)
+{
+       return X509_CRL_get_nextUpdate(crl);
+}
+
+static inline const ASN1_INTEGER *X509_REVOKED_get0_serialNumber(const X509_REVOKED *x)
+{
+    return x->serialNumber;
+}
+
+static inline const ASN1_TIME *X509_REVOKED_get0_revocationDate(const X509_REVOKED *x)
+{
+    return x->revocationDate;
+}
 #endif
 
 #if (HA_OPENSSL_VERSION_NUMBER >= 0x1010000fL) || (LIBRESSL_VERSION_NUMBER >= 0x2070200fL)
index bbd83aae767debff7b4cd57720817e3e37bb210e..f59c212f8e5ae45bc595d2bc4b202c6c66bae5bd 100644 (file)
@@ -3327,7 +3327,7 @@ static int show_crl_detail(X509_CRL *crl, struct buffer *out)
                if (BIO_reset(bio) == -1)
                        goto end;
                BIO_printf(bio , "    Serial Number: ");
-               i2a_ASN1_INTEGER(bio, X509_REVOKED_get0_serialNumber(rev_entry));
+               i2a_ASN1_INTEGER(bio, (ASN1_INTEGER*)X509_REVOKED_get0_serialNumber(rev_entry));
                BIO_printf(bio, "\n        Revocation Date: ");
                ASN1_TIME_print(bio, X509_REVOKED_get0_revocationDate(rev_entry));
                BIO_printf(bio, "\n");