]> git.ipfire.org Git - thirdparty/hostap.git/commitdiff
OpenSSL: Fix build with OpenSSL 1.0.2
authorJouni Malinen <j@w1.fi>
Sat, 5 Jan 2019 09:33:40 +0000 (11:33 +0200)
committerJouni Malinen <j@w1.fi>
Sat, 5 Jan 2019 09:33:40 +0000 (11:33 +0200)
SSL_use_certificate_chain_file() was added in OpenSSL 1.1.0, so need to
maintain the old version using SSL_use_certificate_file() for backwards
compatibility.

Fixes: 658c39809bf8 ("OpenSSL: Load chain certificates from client_cert file")
Signed-off-by: Jouni Malinen <j@w1.fi>
src/crypto/tls_openssl.c

index 69c0c400591ae82729a1b216d667e7726b1b2cb1..4058f414be2ac54c113d9ebf15c0cc97043b1ec8 100644 (file)
@@ -2757,12 +2757,22 @@ static int tls_connection_client_cert(struct tls_connection *conn,
                return 0;
        }
 
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
        if (SSL_use_certificate_chain_file(conn->ssl, client_cert) == 1) {
                ERR_clear_error();
                wpa_printf(MSG_DEBUG, "OpenSSL: SSL_use_certificate_chain_file"
                           " --> OK");
                return 0;
        }
+#else
+       if (SSL_use_certificate_file(conn->ssl, client_cert,
+                                    SSL_FILETYPE_PEM) == 1) {
+               ERR_clear_error();
+               wpa_printf(MSG_DEBUG, "OpenSSL: SSL_use_certificate_file (PEM)"
+                          " --> OK");
+               return 0;
+       }
+#endif
 
        tls_show_errors(MSG_DEBUG, __func__,
                        "SSL_use_certificate_file failed");