From: Emmanuel Hocdet <manu@gandi.net>
Date: Mon, 2 Dec 2019 10:41:23 +0000 (+0100)
Subject: BUG/MINOR: ssl: fix X509 compatibility for openssl < 1.1.0
X-Git-Tag: v2.2-dev1~224
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=e9a100e982cd1fac201e6e2862cc666887e202e9;p=thirdparty%2Fhaproxy.git

BUG/MINOR: ssl: fix X509 compatibility for openssl < 1.1.0

Commit d4f9a60e "MINOR: ssl: deduplicate ca-file" uses undeclared X509
functions when build with openssl < 1.1.0. Introduce this functions
in openssl-compat.h .

Fix issue #385.
---

diff --git a/include/common/openssl-compat.h b/include/common/openssl-compat.h
index b25ca3bd4b..25102fbe3c 100644
--- a/include/common/openssl-compat.h
+++ b/include/common/openssl-compat.h
@@ -155,6 +155,32 @@ static inline X509_CRL *X509_OBJECT_get0_X509_CRL(const X509_OBJECT *a)
  * Functions introduced in OpenSSL 1.1.0 and in LibreSSL 2.7.0
  */
 
+static inline STACK_OF(X509_OBJECT) *X509_STORE_get0_objects(X509_STORE *st)
+{
+    return st->objs;
+}
+
+static inline int X509_OBJECT_get_type(const X509_OBJECT *a)
+{
+    return a->type;
+}
+
+static inline X509 *X509_OBJECT_get0_X509(const X509_OBJECT *a)
+{
+    if (a == NULL || a->type != X509_LU_X509) {
+        return NULL;
+    }
+    return a->data.x509;
+}
+
+static inline X509_CRL *X509_OBJECT_get0_X509_CRL(const X509_OBJECT *a)
+{
+    if (a == NULL || a->type != X509_LU_CRL) {
+        return NULL;
+    }
+    return a->data.crl;
+}
+
 static inline const unsigned char *SSL_SESSION_get0_id_context(const SSL_SESSION *sess, unsigned int *sid_ctx_length)
 {
 	*sid_ctx_length = sess->sid_ctx_length;