|
|
- From a9f883cbc28b865d312918368772627cf9610a2f Mon Sep 17 00:00:00 2001
- From: Mark Andrews <marka@isc.org>
- Date: Tue, 16 Mar 2021 21:58:55 +0000
- Subject: [PATCH] Stop using deprecated calls in lib/isc/tls.c
-
- from Rosen Penev @neheb
- ---
- lib/isc/tls.c | 10 ++++++++++
- 1 file changed, 10 insertions(+)
-
- --- a/lib/isc/tls.c
- +++ b/lib/isc/tls.c
- @@ -12,10 +12,12 @@
- #include <inttypes.h>
- #include <nghttp2/nghttp2.h>
-
- +#include <openssl/bn.h>
- #include <openssl/conf.h>
- #include <openssl/err.h>
- #include <openssl/opensslv.h>
- #include <openssl/rand.h>
- +#include <openssl/rsa.h>
-
- #include <isc/atomic.h>
- #include <isc/log.h>
- @@ -274,11 +276,19 @@ isc_tlsctx_createserver(const char *keyf
- rsa = NULL;
- ASN1_INTEGER_set(X509_get_serialNumber(cert), 1);
-
- +#if OPENSSL_VERSION_NUMBER < 0x10101000L
- X509_gmtime_adj(X509_get_notBefore(cert), 0);
- +#else
- + X509_gmtime_adj(X509_getm_notBefore(cert), 0);
- +#endif
- /*
- * We set the vailidy for 10 years.
- */
- +#if OPENSSL_VERSION_NUMBER < 0x10101000L
- X509_gmtime_adj(X509_get_notAfter(cert), 3650 * 24 * 3600);
- +#else
- + X509_gmtime_adj(X509_getm_notAfter(cert), 3650 * 24 * 3600);
- +#endif
-
- X509_set_pubkey(cert, pkey);
-
|