Improve compatibility with OpenSSL 1.1.0
* add missing headers * stop using deprecated APIs
This commit is contained in:
@@ -38,6 +38,7 @@
|
||||
#endif
|
||||
|
||||
#include "openssl-compat.h"
|
||||
#include <openssl/bn.h>
|
||||
#include <openssl/evp.h>
|
||||
#include <openssl/x509.h>
|
||||
#include <openssl/rsa.h>
|
||||
|
||||
+23
-1
@@ -43,10 +43,12 @@
|
||||
#endif
|
||||
|
||||
#include "openssl-compat.h"
|
||||
#include <openssl/bn.h>
|
||||
#include <openssl/des.h>
|
||||
#include <openssl/pem.h>
|
||||
#include <openssl/pkcs12.h>
|
||||
#include <openssl/rand.h>
|
||||
#include <openssl/rsa.h>
|
||||
|
||||
#include "cmdline.h"
|
||||
#include "util.h"
|
||||
@@ -868,11 +870,19 @@ static bool selfsign_certificate(ykpiv_state *state, enum enum_key_format key_fo
|
||||
fprintf(stderr, "Failed to set certificate serial.\n");
|
||||
goto selfsign_out;
|
||||
}
|
||||
#if OPENSSL_VERSION_NUMBER < 0x10100000L
|
||||
if(!X509_gmtime_adj(X509_get_notBefore(x509), 0)) {
|
||||
#else
|
||||
if(!X509_gmtime_adj(X509_getm_notBefore(x509), 0)) {
|
||||
#endif
|
||||
fprintf(stderr, "Failed to set certificate notBefore.\n");
|
||||
goto selfsign_out;
|
||||
}
|
||||
#if OPENSSL_VERSION_NUMBER < 0x10100000L
|
||||
if(!X509_gmtime_adj(X509_get_notAfter(x509), 60L * 60L * 24L * validDays)) {
|
||||
#else
|
||||
if(!X509_gmtime_adj(X509_getm_notAfter(x509), 60L * 60L * 24L * validDays)) {
|
||||
#endif
|
||||
fprintf(stderr, "Failed to set certificate notAfter.\n");
|
||||
goto selfsign_out;
|
||||
}
|
||||
@@ -1241,7 +1251,7 @@ static void print_cert_info(ykpiv_state *state, enum enum_slot slot, const EVP_M
|
||||
|
||||
if(*ptr++ == 0x70) {
|
||||
unsigned int md_len = sizeof(data);
|
||||
ASN1_TIME *not_before, *not_after;
|
||||
const ASN1_TIME *not_before, *not_after;
|
||||
|
||||
ptr += get_length(ptr, &cert_len);
|
||||
x509 = X509_new();
|
||||
@@ -1299,13 +1309,21 @@ static void print_cert_info(ykpiv_state *state, enum enum_slot slot, const EVP_M
|
||||
dump_data(data, md_len, output, false, format_arg_hex);
|
||||
|
||||
bio = BIO_new_fp(output, BIO_NOCLOSE | BIO_FP_TEXT);
|
||||
#if OPENSSL_VERSION_NUMBER < 0x10100000L
|
||||
not_before = X509_get_notBefore(x509);
|
||||
#else
|
||||
not_before = X509_get0_notBefore(x509);
|
||||
#endif
|
||||
if(not_before) {
|
||||
fprintf(output, "\tNot Before:\t");
|
||||
ASN1_TIME_print(bio, not_before);
|
||||
fprintf(output, "\n");
|
||||
}
|
||||
#if OPENSSL_VERSION_NUMBER < 0x10100000L
|
||||
not_after = X509_get_notAfter(x509);
|
||||
#else
|
||||
not_after = X509_get0_notAfter(x509);
|
||||
#endif
|
||||
if(not_after) {
|
||||
fprintf(output, "\tNot After:\t");
|
||||
ASN1_TIME_print(bio, not_after);
|
||||
@@ -1950,7 +1968,9 @@ int main(int argc, char *argv[]) {
|
||||
|
||||
|
||||
/* openssl setup.. */
|
||||
#if OPENSSL_VERSION_NUMBER < 0x10100000L
|
||||
OpenSSL_add_all_algorithms();
|
||||
#endif
|
||||
|
||||
|
||||
for(i = 0; i < args_info.action_given; i++) {
|
||||
@@ -2191,6 +2211,8 @@ int main(int argc, char *argv[]) {
|
||||
}
|
||||
|
||||
ykpiv_done(state);
|
||||
#if OPENSSL_VERSION_NUMBER < 0x10100000L
|
||||
EVP_cleanup();
|
||||
#endif
|
||||
return ret;
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user