]> git.ipfire.org Git - thirdparty/bind9.git/commitdiff
Stop using deprecated calls in lib/isc/tls.c
authorMark Andrews <marka@isc.org>
Tue, 16 Mar 2021 21:58:55 +0000 (21:58 +0000)
committerMark Andrews <marka@isc.org>
Wed, 17 Mar 2021 20:05:47 +0000 (20:05 +0000)
from Rosen Penev @neheb

lib/isc/tls.c

index d15fc16b1cea8329ad7d60aa4ca0f8ac7fdf9180..5fc293d526704c0cdbb272fdde8264fb5b4ff64e 100644 (file)
 #include <inttypes.h>
 #include <nghttp2/nghttp2.h>
 
+#include <openssl/bn.h>
 #include <openssl/conf.h>
 #include <openssl/err.h>
 #include <openssl/opensslv.h>
 #include <openssl/rand.h>
+#include <openssl/rsa.h>
 
 #include <isc/atomic.h>
 #include <isc/log.h>
@@ -274,11 +276,19 @@ isc_tlsctx_createserver(const char *keyfile, const char *certfile,
                rsa = NULL;
                ASN1_INTEGER_set(X509_get_serialNumber(cert), 1);
 
+#if OPENSSL_VERSION_NUMBER < 0x10101000L
                X509_gmtime_adj(X509_get_notBefore(cert), 0);
+#else
+               X509_gmtime_adj(X509_getm_notBefore(cert), 0);
+#endif
                /*
                 * We set the vailidy for 10 years.
                 */
+#if OPENSSL_VERSION_NUMBER < 0x10101000L
                X509_gmtime_adj(X509_get_notAfter(cert), 3650 * 24 * 3600);
+#else
+               X509_gmtime_adj(X509_getm_notAfter(cert), 3650 * 24 * 3600);
+#endif
 
                X509_set_pubkey(cert, pkey);