--- a/configure.ac +++ b/configure.ac @@ -368,8 +368,9 @@ if test "x$SSL" != "xno"; then AC_LINK_IFELSE([ AC_LANG_PROGRAM([[ #include + #include ]], [[ - SSL_CTX* ctx = SSL_CTX_new(TLSv1_method()); + SSL_CTX* ctx = SSL_CTX_new(SSLv23_method()); SSL* ssl = SSL_new(ctx); DH* dh = DH_new(); DH_free(dh); --- a/include/znc/Utils.h +++ b/include/znc/Utils.h @@ -219,6 +219,11 @@ class CTable : protected std::vector> { #include #include #include +#if OPENSSL_VERSION_NUMBER < 0x10100000L +#define X509_getm_notBefore X509_get_notBefore +#define X509_getm_notAfter X509_get_notAfter +#endif + //! does Blowfish w/64 bit feedback, no padding class CBlowfish { public: --- a/src/Utils.cpp +++ b/src/Utils.cpp @@ -27,6 +27,8 @@ #include #ifdef HAVE_LIBSSL #include +#include +#include #endif /* HAVE_LIBSSL */ #include #include @@ -93,8 +95,8 @@ void CUtils::GenerateCert(FILE* pOut, const CString& sHost) { X509_set_version(pCert.get(), 2); ASN1_INTEGER_set(X509_get_serialNumber(pCert.get()), serial); - X509_gmtime_adj(X509_get_notBefore(pCert.get()), 0); - X509_gmtime_adj(X509_get_notAfter(pCert.get()), + X509_gmtime_adj(X509_getm_notBefore(pCert.get()), 0); + X509_gmtime_adj(X509_getm_notAfter(pCert.get()), (long)60 * 60 * 24 * days * years); X509_set_pubkey(pCert.get(), pKey.get()); --- a/src/main.cpp +++ b/src/main.cpp @@ -46,8 +46,8 @@ static void locking_callback(int mode, int type, const char* file, int line) { } } -static unsigned long thread_id_callback() { - return (unsigned long)pthread_self(); +static void thread_id_callback(CRYPTO_THREADID *id) { + CRYPTO_THREADID_set_numeric(id, (unsigned long)pthread_self()); } static CRYPTO_dynlock_value* dyn_create_callback(const char* file, int line) { @@ -78,7 +78,7 @@ static void thread_setup() { for (std::unique_ptr& mtx : lock_cs) mtx = std::unique_ptr(new CMutex()); - CRYPTO_set_id_callback(&thread_id_callback); + CRYPTO_THREADID_set_callback(&thread_id_callback); CRYPTO_set_locking_callback(&locking_callback); CRYPTO_set_dynlock_create_callback(&dyn_create_callback); --- a/third_party/Csocket/Csocket.cc +++ b/third_party/Csocket/Csocket.cc @@ -47,10 +47,16 @@ #include #include #include -#include +#include +#include +#include +#include #ifndef OPENSSL_NO_COMP #include #endif +#ifndef OPENSSL_NO_ENGINE +#include +#endif #define HAVE_ERR_REMOVE_STATE #ifdef OPENSSL_VERSION_NUMBER # if OPENSSL_VERSION_NUMBER >= 0x10000000 @@ -594,9 +600,11 @@ void ShutdownCsocket() #ifndef OPENSSL_IS_BORINGSSL CONF_modules_unload( 1 ); #endif +#if OPENSSL_VERSION_NUMBER < 0x10100000L ERR_free_strings(); EVP_cleanup(); CRYPTO_cleanup_all_ex_data(); +#endif #endif /* HAVE_LIBSSL */ #ifdef HAVE_C_ARES #if ARES_VERSION >= CREATE_ARES_VER( 1, 6, 1 ) @@ -611,12 +619,14 @@ void ShutdownCsocket() #ifdef HAVE_LIBSSL bool InitSSL( ECompType eCompressionType ) { +#if OPENSSL_VERSION_NUMBER < 0x10100000L SSL_load_error_strings(); if( SSL_library_init() != 1 ) { CS_DEBUG( "SSL_library_init() failed!" ); return( false ); } +#endif #ifndef _WIN32 if( access( "/dev/urandom", R_OK ) == 0 )