From e8dac8e231b72bfec56e32873d8572b673c1adbc Mon Sep 17 00:00:00 2001 From: Rosen Penev Date: Sat, 22 Jun 2019 02:19:18 +0200 Subject: Make sure to not use deprecated API when compiling with OpenSSL >= 1.1 There are several missing headers as well as deprecated functions for which compatibility was added as needed. --- common/userpref.c | 18 ++++++++++++------ 1 file changed, 12 insertions(+), 6 deletions(-) (limited to 'common') diff --git a/common/userpref.c b/common/userpref.c index b985285..a5aa7cb 100644 --- a/common/userpref.c +++ b/common/userpref.c @@ -37,10 +37,16 @@ #include <unistd.h> #include <usbmuxd.h> #ifdef HAVE_OPENSSL +#include <openssl/bn.h> #include <openssl/pem.h> #include <openssl/rsa.h> #include <openssl/x509.h> #include <openssl/x509v3.h> +#if OPENSSL_VERSION_NUMBER < 0x1010000fL || \ + (defined(LIBRESSL_VERSION_NUMBER) && (LIBRESSL_VERSION_NUMBER < 0x20700000L)) +#define X509_set1_notBefore X509_set_notBefore +#define X509_set1_notAfter X509_set_notAfter +#endif #else #include <gnutls/gnutls.h> #include <gnutls/crypto.h> @@ -420,9 +426,9 @@ userpref_error_t pair_record_generate_keys_and_certs(plist_t pair_record, key_da /* set key validity */ ASN1_TIME* asn1time = ASN1_TIME_new(); ASN1_TIME_set(asn1time, time(NULL)); - X509_set_notBefore(root_cert, asn1time); + X509_set1_notBefore(root_cert, asn1time); ASN1_TIME_set(asn1time, time(NULL) + (60 * 60 * 24 * 365 * 10)); - X509_set_notAfter(root_cert, asn1time); + X509_set1_notAfter(root_cert, asn1time); ASN1_TIME_free(asn1time); /* use root public key for root cert */ @@ -453,9 +459,9 @@ userpref_error_t pair_record_generate_keys_and_certs(plist_t pair_record, key_da /* set key validity */ ASN1_TIME* asn1time = ASN1_TIME_new(); ASN1_TIME_set(asn1time, time(NULL)); - X509_set_notBefore(host_cert, asn1time); + X509_set1_notBefore(host_cert, asn1time); ASN1_TIME_set(asn1time, time(NULL) + (60 * 60 * 24 * 365 * 10)); - X509_set_notAfter(host_cert, asn1time); + X509_set1_notAfter(host_cert, asn1time); ASN1_TIME_free(asn1time); /* use host public key for host cert */ @@ -533,9 +539,9 @@ userpref_error_t pair_record_generate_keys_and_certs(plist_t pair_record, key_da ASN1_TIME* asn1time = ASN1_TIME_new(); ASN1_TIME_set(asn1time, time(NULL)); - X509_set_notBefore(dev_cert, asn1time); + X509_set1_notBefore(dev_cert, asn1time); ASN1_TIME_set(asn1time, time(NULL) + (60 * 60 * 24 * 365 * 10)); - X509_set_notAfter(dev_cert, asn1time); + X509_set1_notAfter(dev_cert, asn1time); ASN1_TIME_free(asn1time); EVP_PKEY* pkey = EVP_PKEY_new(); -- cgit v1.1-32-gdbae