Control: tags -1 + patch
Hello!
Please see attached patch which makes the package build against
openssl 1.1.0 (and hopefully also still against 1.0).
The patch has only been compile-tested so please review and
test carefully. There are still a number of deprecated warnings
which you might want to fix up as well.
Please forward the patch upstream for me if you find it useful.
Regards,
Andreas Henriksson
diff -urip libexosip2-4.1.0/src/eXtl_dtls.c libexosip2-4.1.0.openssl110/src/eXtl_dtls.c
--- libexosip2-4.1.0/src/eXtl_dtls.c 2014-01-06 19:30:21.000000000 +0100
+++ libexosip2-4.1.0.openssl110/src/eXtl_dtls.c 2016-11-07 20:23:01.503943171 +0100
@@ -233,7 +233,7 @@ shutdown_free_client_dtls (struct eXosip
BIO_ctrl (rbio, BIO_CTRL_DGRAM_SET_PEER, 0, (char *) &addr);
- (reserved->socket_tab[pos].ssl_conn)->rbio = rbio;
+ SSL_set0_rbio((reserved->socket_tab[pos].ssl_conn), rbio);
i = SSL_shutdown (reserved->socket_tab[pos].ssl_conn);
@@ -588,12 +588,11 @@ dtls_tl_read_message (struct eXosip_t *e
rbio = BIO_new_mem_buf (enc_buf, enc_buf_len);
BIO_set_mem_eof_return (rbio, -1);
- reserved->socket_tab[pos].ssl_conn->rbio = rbio;
+ SSL_set0_rbio(reserved->socket_tab[pos].ssl_conn, rbio);
i = SSL_read (reserved->socket_tab[pos].ssl_conn, dec_buf, SIP_MESSAGE_MAX_LENGTH);
/* done with the rbio */
- BIO_free (reserved->socket_tab[pos].ssl_conn->rbio);
- reserved->socket_tab[pos].ssl_conn->rbio = BIO_new (BIO_s_mem ());
+ SSL_set0_rbio(reserved->socket_tab[pos].ssl_conn, BIO_new (BIO_s_mem ()));
if (i > 5) {
dec_buf[i] = '\0';
@@ -904,7 +903,7 @@ dtls_tl_send_message (struct eXosip_t *e
_dtls_stream_used = &reserved->socket_tab[pos];
rbio = BIO_new_dgram (reserved->dtls_socket, BIO_NOCLOSE);
BIO_ctrl (rbio, BIO_CTRL_DGRAM_SET_PEER, 0, (char *) &addr);
- reserved->socket_tab[pos].ssl_conn->rbio = rbio;
+ SSL_set0_rbio(reserved->socket_tab[pos].ssl_conn, rbio);
break;
}
}
@@ -918,7 +917,7 @@ dtls_tl_send_message (struct eXosip_t *e
_dtls_stream_used = &reserved->socket_tab[pos];
rbio = BIO_new_dgram (reserved->dtls_socket, BIO_NOCLOSE);
BIO_ctrl (rbio, BIO_CTRL_DGRAM_SET_PEER, 0, (char *) &addr);
- reserved->socket_tab[pos].ssl_conn->rbio = rbio;
+ SSL_set0_rbio(reserved->socket_tab[pos].ssl_conn, rbio);
break;
}
}
diff -urip libexosip2-4.1.0/src/eXtl_tls.c libexosip2-4.1.0.openssl110/src/eXtl_tls.c
--- libexosip2-4.1.0/src/eXtl_tls.c 2014-01-06 19:30:21.000000000 +0100
+++ libexosip2-4.1.0.openssl110/src/eXtl_tls.c 2016-11-07 20:27:51.568892332 +0100
@@ -838,7 +838,7 @@ verify_cb (int preverify_ok, X509_STORE_
* it for something special
*/
if (!preverify_ok && (err == X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT)) {
- X509_NAME_oneline (X509_get_issuer_name (store->current_cert), buf, 256);
+ X509_NAME_oneline (X509_get_issuer_name (X509_STORE_CTX_get_current_cert(store)), buf, 256);
OSIP_TRACE (osip_trace (__FILE__, __LINE__, OSIP_ERROR, NULL, "issuer= %s\n", buf));
}
@@ -1155,7 +1155,7 @@ initialize_client_ctx (struct eXosip_t *
}
else {
/* this is used to add a trusted certificate */
- X509_STORE_add_cert (ctx->cert_store, cert);
+ X509_STORE_add_cert (SSL_CTX_get_cert_store(ctx), cert);
}
BIO_free (bio);
}
