Merge remote-tracking branch 'jelly/openssl1.1' into openssl1.1

boothj5 · boothj5 · commit 1175a4196e4f · 2017-03-23T21:02:22.000Z
diff --git a/src/tls_openssl.c b/src/tls_openssl.c
@@ -168,7 +168,15 @@ static struct _tlscert_t *_x509_to_tlscert(xmpp_ctx_t *ctx, X509 *cert)
 	}
 
     tlscert->keyalg = NULL;
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
 	int alg_nid = OBJ_obj2nid(cert->cert_info->key->algor->algorithm);
+#else
+	X509_PUBKEY *pubkey = X509_get_X509_PUBKEY(cert);
+	ASN1_OBJECT *ppkalg;
+	// FIXME: handle 0 on error.
+	X509_PUBKEY_get0_param(&ppkalg, NULL, NULL, NULL, NULL);
+	int alg_nid = OBJ_obj2nid(ppkalg);
+#endif
 	if (alg_nid != NID_undef) {
         const char* keyalg = OBJ_nid2ln(alg_nid);
         if (keyalg) {
@@ -177,7 +185,13 @@ static struct _tlscert_t *_x509_to_tlscert(xmpp_ctx_t *ctx, X509 *cert)
     }
 
     tlscert->sigalg = NULL;
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
 	alg_nid = OBJ_obj2nid(cert->sig_alg->algorithm);
+#else
+	const X509_ALGOR *palg;
+	X509_get0_signature(NULL, &palg, cert);
+	alg_nid = OBJ_obj2nid(palg->algorithm);
+#endif
 	if (alg_nid != NID_undef) {
         const char* sigalg = OBJ_nid2ln(alg_nid);
         if (sigalg) {
@@ -255,6 +269,8 @@ tls_t *tls_new(xmpp_ctx_t *ctx, sock_t sock, xmpp_certfail_handler certfail_hand
     _last_cb_res = 0;
     tls_t *tls = xmpp_alloc(ctx, sizeof(*tls));
 
+    xmpp_debug(ctx, "TLS", "OpenSSL version: %s", SSLeay_version(SSLEAY_VERSION));
+
     if (tls) {
         int ret;
         memset(tls, 0, sizeof(*tls));
