File openssl110-fix.patch of Package libeXosip2

Overview Repositories Revisions Requests Users Attributes Meta

File openssl110-fix.patch of Package libeXosip2

Index: src/eXtl_dtls.c
===================================================================
--- src/eXtl_dtls.c.orig
+++ src/eXtl_dtls.c
@@ -233,7 +233,7 @@ shutdown_free_client_dtls (struct eXosip
 
       BIO_ctrl (rbio, BIO_CTRL_DGRAM_SET_PEER, 0, (char *) &addr);
 
-      (reserved->socket_tab[pos].ssl_conn)->rbio = rbio;
+      SSL_set0_rbio((reserved->socket_tab[pos].ssl_conn), rbio);
 
       i = SSL_shutdown (reserved->socket_tab[pos].ssl_conn);
 
@@ -562,12 +562,11 @@ dtls_tl_read_message (struct eXosip_t *e
       rbio = BIO_new_mem_buf (enc_buf, enc_buf_len);
       BIO_set_mem_eof_return (rbio, -1);
 
-      reserved->socket_tab[pos].ssl_conn->rbio = rbio;
+      SSL_set0_rbio(reserved->socket_tab[pos].ssl_conn, rbio);
 
       i = SSL_read (reserved->socket_tab[pos].ssl_conn, dec_buf, SIP_MESSAGE_MAX_LENGTH);
       /* done with the rbio */
-      BIO_free (reserved->socket_tab[pos].ssl_conn->rbio);
-      reserved->socket_tab[pos].ssl_conn->rbio = BIO_new (BIO_s_mem ());
+      SSL_set0_rbio(reserved->socket_tab[pos].ssl_conn, BIO_new (BIO_s_mem ()));
 
       if (i > 5) {
         dec_buf[i] = '\0';
@@ -947,7 +946,7 @@ dtls_tl_send_message (struct eXosip_t *e
         _dtls_stream_used = &reserved->socket_tab[pos];
         rbio = BIO_new_dgram (reserved->dtls_socket, BIO_NOCLOSE);
         BIO_ctrl (rbio, BIO_CTRL_DGRAM_SET_PEER, 0, (char *) &addr);
-        reserved->socket_tab[pos].ssl_conn->rbio = rbio;
+        SSL_set0_rbio(reserved->socket_tab[pos].ssl_conn, rbio);
         break;
       }
     }
@@ -961,7 +960,7 @@ dtls_tl_send_message (struct eXosip_t *e
           _dtls_stream_used = &reserved->socket_tab[pos];
           rbio = BIO_new_dgram (reserved->dtls_socket, BIO_NOCLOSE);
           BIO_ctrl (rbio, BIO_CTRL_DGRAM_SET_PEER, 0, (char *) &addr);
-          reserved->socket_tab[pos].ssl_conn->rbio = rbio;
+          SSL_set0_rbio(reserved->socket_tab[pos].ssl_conn, rbio);
           break;
         }
       }
Index: src/eXtl_tls.c
===================================================================
--- src/eXtl_tls.c.orig
+++ src/eXtl_tls.c
@@ -841,7 +841,7 @@ verify_cb (int preverify_ok, X509_STORE_
    * it for something special
    */
   if (!preverify_ok && (err == X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT)) {
-    X509_NAME_oneline (X509_get_issuer_name (store->current_cert), buf, 256);
+    X509_NAME_oneline (X509_get_issuer_name (X509_STORE_CTX_get_current_cert(store)), buf, 256);
     OSIP_TRACE (osip_trace (__FILE__, __LINE__, OSIP_ERROR, NULL, "issuer= %s\n", buf));
   }
 
@@ -969,7 +969,7 @@ RSA_generate_key (int bits, unsigned lon
   if (!rsa || !e)
     goto err;
 
-  /* The problem is when building with 8, 16, or 32 BN_ULONG,                                                                                                  
+  /* The problem is when building with 8, 16, or 32 BN_ULONG,
    * unsigned long can be larger */
   for (i = 0; i < (int) sizeof (unsigned long) * 8; i++) {
     if (e_value & (1UL << i))
@@ -1160,7 +1160,7 @@ initialize_client_ctx (struct eXosip_t *
       }
       else {
         /* this is used to add a trusted certificate */
-        X509_STORE_add_cert (ctx->cert_store, cert);
+        X509_STORE_add_cert (SSL_CTX_get_cert_store(ctx), cert);
       }
       BIO_free (bio);
     }
@@ -1231,16 +1231,21 @@ initialize_client_ctx (struct eXosip_t *
       if (excontext->tls_verify_client_certificate > 0 && sni_servernameindication!=NULL) {
 	X509_STORE *pkix_validation_store = SSL_CTX_get_cert_store (ctx);
 	const X509_VERIFY_PARAM *param = X509_VERIFY_PARAM_lookup ("ssl_server");
-	
+#if (OPENSSL_VERSION_NUMBER > 0x10001000L)
+    X509_VERIFY_PARAM *store_param = X509_STORE_get0_param(pkix_validation_store);
+#else
+    X509_VERIFY_PARAM *store_param = pkix_validation_store->param;
+#endif
+
 	if (param != NULL) { /* const value, we have to copy (inherit) */
-	  if (X509_VERIFY_PARAM_inherit (pkix_validation_store->param, param)) {
+	  if (X509_VERIFY_PARAM_inherit (store_param, param)) {
 	    X509_STORE_set_flags (pkix_validation_store, X509_V_FLAG_TRUSTED_FIRST);
 	    X509_STORE_set_flags (pkix_validation_store, X509_V_FLAG_PARTIAL_CHAIN);
 	  } else {
 	    OSIP_TRACE (osip_trace (__FILE__, __LINE__, OSIP_ERROR, NULL, "PARAM_inherit: failed for ssl_server\n"));
 	  }
-	  if (X509_VERIFY_PARAM_set1_host (pkix_validation_store->param, sni_servernameindication, 0)) {
-	    X509_VERIFY_PARAM_set_hostflags (pkix_validation_store->param, X509_CHECK_FLAG_NO_WILDCARDS);
+	  if (X509_VERIFY_PARAM_set1_host (store_param, sni_servernameindication, 0)) {
+	    X509_VERIFY_PARAM_set_hostflags (store_param, X509_CHECK_FLAG_NO_WILDCARDS);
 	  } else {
 	    OSIP_TRACE (osip_trace (__FILE__, __LINE__, OSIP_ERROR, NULL, "PARAM_set1_host: %s failed\n", sni_servernameindication));
 	  }

Places

File openssl110-fix.patch of Package libeXosip2

Places