Fix deprecation notices for OpenSSL 3 and failure to build on GCC12
Tested with libssl 3.0.10-1ubuntu2.1 (Ubuntu 23.10) and 1.1.1f-1ubuntu2.20 (Ubuntu 20.04). Signed-off-by: Loïc Gomez <bip@animanova.fr>
This commit is contained in:
parent
f797d25e06
commit
01b467b0eb
@ -1171,6 +1171,7 @@ static connection_t *connection_init(int anti_flood, int ssl, time_t timeout,
|
||||
static int ctx_set_dh(SSL_CTX *ctx)
|
||||
{
|
||||
/* Return ephemeral DH parameters. */
|
||||
#if OPENSSL_VERSION_NUMBER < 0x30000000L /* 3.0.0 */
|
||||
DH *dh = NULL;
|
||||
FILE *f;
|
||||
long ret;
|
||||
@ -1203,7 +1204,31 @@ static int ctx_set_dh(SSL_CTX *ctx)
|
||||
ERR_error_string(ERR_get_error(), NULL));
|
||||
return 0;
|
||||
}
|
||||
#else
|
||||
BIO *pbio = BIO_new_file(conf_client_dh_file, "r");
|
||||
if (!pbio) {
|
||||
mylog(LOG_ERROR, "Unable to open DH parameters, BIO_new_file(%s): %s",
|
||||
conf_client_dh_file, ERR_error_string(ERR_get_error(), NULL));
|
||||
return 0;
|
||||
}
|
||||
|
||||
EVP_PKEY *param = PEM_read_bio_Parameters(pbio, NULL);
|
||||
BIO_free(pbio);
|
||||
if (!param) {
|
||||
mylog(LOG_ERROR, "TLS DH Error: PEM_read_bio_Parameters(%s): %s",
|
||||
conf_client_dh_file, ERR_error_string(ERR_get_error(), NULL));
|
||||
return 0;
|
||||
}
|
||||
|
||||
if (SSL_CTX_set0_tmp_dh_pkey(ctx, param) != 1) {
|
||||
EVP_PKEY_free(param);
|
||||
mylog(LOG_ERROR, "TLS DH Error: SSL_CTX_set0_tmp_dh_pkey(%s): %s",
|
||||
conf_client_dh_file, ERR_error_string(ERR_get_error(), NULL));
|
||||
return 0;
|
||||
}
|
||||
#endif
|
||||
mylog(LOG_DEBUG, "TLS: succesfully set up DH params %s",
|
||||
conf_client_dh_file);
|
||||
return 1;
|
||||
}
|
||||
#endif
|
||||
|
Loading…
Reference in New Issue
Block a user