From 6966c8e0302819c69535751bc8d52d7d7d4c9627 Mon Sep 17 00:00:00 2001 From: William Pitcock Date: Wed, 24 Oct 2018 18:43:38 -0500 Subject: testing/libtls-standalone: port to openssl 1.1.0 API --- .../openssl-1.1.0-verify-param.patch | 50 ++++++++++++++++++++++ 1 file changed, 50 insertions(+) create mode 100644 testing/libtls-standalone/openssl-1.1.0-verify-param.patch (limited to 'testing/libtls-standalone/openssl-1.1.0-verify-param.patch') diff --git a/testing/libtls-standalone/openssl-1.1.0-verify-param.patch b/testing/libtls-standalone/openssl-1.1.0-verify-param.patch new file mode 100644 index 0000000000..ef3f948e02 --- /dev/null +++ b/testing/libtls-standalone/openssl-1.1.0-verify-param.patch @@ -0,0 +1,50 @@ +--- libressl-2.7.4.orig/tls/tls.c ++++ libressl-2.7.4/tls/tls.c +@@ -438,8 +438,16 @@ + } + + if (ctx->config->verify_time == 0) { +- X509_VERIFY_PARAM_set_flags(ssl_ctx->param, +- X509_V_FLAG_NO_CHECK_TIME); ++ X509_VERIFY_PARAM *param = X509_VERIFY_PARAM_new(); ++ ++ if (param == NULL) { ++ goto err; ++ } ++ ++ X509_VERIFY_PARAM_set_flags(param, X509_V_FLAG_NO_CHECK_TIME); ++ SSL_CTX_set1_param(ssl_ctx, param); ++ ++ X509_VERIFY_PARAM_free(param); + } + + /* Disable any form of session caching by default */ +@@ -487,6 +495,7 @@ + STACK_OF(X509_INFO) *xis = NULL; + X509_STORE *store; + X509_INFO *xi; ++ X509_VERIFY_PARAM *param; + BIO *bio = NULL; + int rv = -1; + int i; +@@ -548,8 +557,19 @@ + } + xi->crl = NULL; + } +- X509_VERIFY_PARAM_set_flags(store->param, ++ ++ param = X509_VERIFY_PARAM_new(); ++ ++ if (param == NULL) { ++ goto err; ++ } ++ ++ X509_VERIFY_PARAM_set_flags(param, + X509_V_FLAG_CRL_CHECK | X509_V_FLAG_CRL_CHECK_ALL); ++ ++ X509_STORE_set1_param(store, param); ++ ++ X509_VERIFY_PARAM_free(param); + } + + done: -- cgit v1.2.3