1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
|
Description: Changes for OpenSSL 1.1.0.
Forwarded: no
From: Di-Shi Sun <di-shi@transnexus.com>
Last-Update: 2017-02-21
--- a/src/ospopenssl.c
+++ b/src/ospopenssl.c
@@ -84,7 +84,11 @@
* function. It will be done only once now, rather than with every ProviderNew
*/
ctx = (SSL_CTX **)&(security->ContextRef);
+#if (OPENSSL_VERSION_NUMBER >= 0x010100000)
+ version = TLS_client_method();
+#else
version = TLSv1_client_method();
+#endif
*ctx = SSL_CTX_new(version);
if (*ctx != OSPC_OSNULL) {
@@ -508,21 +512,21 @@
ok = 0;
}
}
- switch (ctx->error) {
+ switch (err) {
case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT:
- X509_NAME_oneline(X509_get_issuer_name(ctx->current_cert), buf, 256);
+ X509_NAME_oneline(X509_get_issuer_name(err_cert), buf, 256);
BIO_printf(bio_stdout, "issuer= %s\n", buf);
break;
case X509_V_ERR_CERT_NOT_YET_VALID:
case X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD:
BIO_printf(bio_stdout, "notBefore=");
- ASN1_TIME_print(bio_stdout, X509_get_notBefore(ctx->current_cert));
+ ASN1_TIME_print(bio_stdout, X509_get_notBefore(err_cert));
BIO_printf(bio_stdout, "\n");
break;
case X509_V_ERR_CERT_HAS_EXPIRED:
case X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD:
BIO_printf(bio_stdout, "notAfter=");
- ASN1_TIME_print(bio_stdout, X509_get_notAfter(ctx->current_cert));
+ ASN1_TIME_print(bio_stdout, X509_get_notAfter(err_cert));
BIO_printf(bio_stdout, "\n");
break;
}
|
