From 905553cf20f81b4a90ba3f027e40f053cc21fbbd Mon Sep 17 00:00:00 2001
From: Timo Sirainen <timo.sirainen@dovecot.fi>
Date: Sun, 5 Feb 2017 21:56:20 +0200
Subject: [PATCH] lib-ssl-iostream: Use ASN1_STRING_get0_data() if it exists

This avoids deprecation warnings about ASN1_STRING_data() in OpenSSL v1.1.
---
 configure.ac                                   | 3 +++
 src/lib-ssl-iostream/iostream-openssl-common.c | 2 +-
 src/lib-ssl-iostream/iostream-openssl.h        | 4 ++++
 3 files changed, 8 insertions(+), 1 deletion(-)

diff --git a/configure.ac b/configure.ac
index f223378168..3f9afd4c6d 100644
--- a/configure.ac
+++ b/configure.ac
@@ -1759,6 +1759,9 @@ if test $want_openssl != no && test $have_ssl = no; then
     AC_CHECK_LIB(ssl, RSA_generate_key_ex, [
       AC_DEFINE(HAVE_RSA_GENERATE_KEY_EX,, [Build with RSA_generate_key_ex() support])
     ],, $SSL_LIBS)
+    AC_CHECK_LIB(ssl, ASN1_STRING_get0_data, [
+      AC_DEFINE(HAVE_ASN1_STRING_GET0_DATA,, [Build with ASN1_STRING_get0_data() support])
+    ],, $SSL_LIBS)
     AC_CHECK_LIB(ssl, [EVP_PKEY_CTX_new_id], [have_evp_pkey_ctx_new_id="yes"],, $SSL_LIBS)
     AC_CHECK_LIB(ssl, [EC_KEY_new], [have_ec_key_new="yes"],, $SSL_LIBS)
     if test "$have_evp_pkey_ctx_new_id" = "yes" && test "$have_ec_key_new" = "yes"; then
diff --git a/src/lib-ssl-iostream/iostream-openssl-common.c b/src/lib-ssl-iostream/iostream-openssl-common.c
index 5eb48aa2bc..d88b2ad4e4 100644
--- a/src/lib-ssl-iostream/iostream-openssl-common.c
+++ b/src/lib-ssl-iostream/iostream-openssl-common.c
@@ -84,7 +84,7 @@ static const char *asn1_string_to_c(ASN1_STRING *asn_str)
 	unsigned int len;
 
 	len = ASN1_STRING_length(asn_str);
-	cstr = t_strndup(ASN1_STRING_data(asn_str), len);
+	cstr = t_strndup(ASN1_STRING_get0_data(asn_str), len);
 	if (strlen(cstr) != len) {
 		/* NULs in the name - could be some MITM attack.
 		   never allow. */
diff --git a/src/lib-ssl-iostream/iostream-openssl.h b/src/lib-ssl-iostream/iostream-openssl.h
index 37b86608ef..d46d608d10 100644
--- a/src/lib-ssl-iostream/iostream-openssl.h
+++ b/src/lib-ssl-iostream/iostream-openssl.h
@@ -5,6 +5,10 @@
 
 #include <openssl/ssl.h>
 
+#ifndef HAVE_ASN1_STRING_GET0_DATA
+#  define ASN1_STRING_get0_data(str) ASN1_STRING_data(str)
+#endif
+
 struct ssl_iostream_context {
 	SSL_CTX *ssl_ctx;
 
-- 
2.47.3