Add patch to fix OpenSSL 1.1 detection + access to now opaque structures
Thanks: Hilko Bengen for the bug report and a hint into the right
direction.
Axel Beckert
7 years ago
| 5 | 5 |
* Switch Vcs-Git header from git:// to https://.
|
| 6 | 6 |
* Switch DEP5 format header from http:// to https://.
|
| 7 | 7 |
* Switch to dh compat level 10, drop --parallel and --with autoreconf.
|
|
8 |
* Add patch to fix OpenSSL detection. (Closes: #845035) Thanks Hilko
|
|
9 |
Bengen for the report and the hint into the right direction!
|
| 8 | 10 |
|
| 9 | 11 |
-- Axel Beckert <abe@debian.org> Fri, 13 May 2016 14:31:49 +0200
|
| 10 | 12 |
|
|
0 |
Description: Fix OpenSSL 1.1 detection and access to now opaque structures.
|
|
1 |
Bug-Debian: https://bugs.debian.org/845035
|
|
2 |
Author: Axel Beckert <abe@debian.org>
|
|
3 |
Forwarded: not-yet
|
|
4 |
|
|
5 |
--- a/configure.ac
|
|
6 |
+++ b/configure.ac
|
|
7 |
@@ -286,7 +286,7 @@
|
|
8 |
|
|
9 |
if test "x$ssl_ok" = "xyes"; then
|
|
10 |
old_libs="$LIBS"
|
|
11 |
- AC_CHECK_LIB(ssl, SSL_library_init, ssl_ok=yes, ssl_ok=no, -lcrypto)
|
|
12 |
+ AC_CHECK_LIB(ssl, SSL_new, ssl_ok=yes, ssl_ok=no, -lcrypto)
|
|
13 |
LIBS="$old_libs"
|
|
14 |
fi
|
|
15 |
|
|
16 |
--- a/dpi/https.c
|
|
17 |
+++ b/dpi/https.c
|
|
18 |
@@ -476,7 +476,7 @@
|
|
19 |
case X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT:
|
|
20 |
/*Either self signed and untrusted*/
|
|
21 |
/*Extract CN from certificate name information*/
|
|
22 |
- if ((cn = strstr(remote_cert->name, "/CN=")) == NULL) {
|
|
23 |
+ if ((cn = strstr(X509_get_subject_name((X509 *) remote_cert), "/CN=")) == NULL) {
|
|
24 |
strcpy(buf, "(no CN given)");
|
|
25 |
} else {
|
|
26 |
char *cn_end;
|
|
0 |
fix-OpenSSL-1.1-detection.patch
|