On the ocsp-verification branch: Avoid using a deprecated function
with OpenSSL 1.1.
* SConstruct (SERF_NO_SSL_ASN1_STRING_GET0_DATA):
Define if the ASN1_STRING_get0_data() is not available.
* buckets/ssl_buckets.c (ASN1_STRING_get0_data):
Add optional replacement macro for the new function.
(convert_asn1_generalized_time): Update implementation.
git-svn-id: https://svn.apache.org/repos/asf/serf/branches/ocsp-verification@1830700 13f79535-47bb-0310-9956-ffa450edef68
diff --git a/SConstruct b/SConstruct
index c314ede..3a82e4a 100644
--- a/SConstruct
+++ b/SConstruct
@@ -469,6 +469,8 @@
env.Append(CPPDEFINES=['SERF_NO_SSL_X509_GET0_NOTAFTER'])
if not conf.CheckFunc('X509_STORE_CTX_get0_chain'):
env.Append(CPPDEFINES=['SERF_NO_SSL_X509_GET0_CHAIN'])
+if not conf.CheckFunc('ASN1_STRING_get0_data'):
+ env.Append(CPPDEFINES=['SERF_NO_SSL_ASN1_STRING_GET0_DATA'])
if conf.CheckFunc('CRYPTO_set_locking_callback'):
env.Append(CPPDEFINES=['SERF_HAVE_SSL_LOCKING_CALLBACKS'])
if conf.CheckFunc('OPENSSL_malloc_init', '#include <openssl/crypto.h>'):
diff --git a/buckets/ssl_buckets.c b/buckets/ssl_buckets.c
index fdf880f..4ae0d8a 100644
--- a/buckets/ssl_buckets.c
+++ b/buckets/ssl_buckets.c
@@ -65,6 +65,9 @@
#define X509_STORE_CTX_get0_chain(store) (X509_STORE_CTX_get_chain(store))
#endif
+#ifdef SERF_NO_SSL_ASN1_STRING_GET0_DATA
+#define ASN1_STRING_get0_data(asn1string) (ASN1_STRING_data(asn1string))
+#endif
/*
* Here's an overview of the SSL bucket's relationship to OpenSSL and serf.
@@ -2950,7 +2953,7 @@
apr_status_t parse_error)
{
apr_time_exp_t xt = { 0 };
- void *data;
+ const void *data;
char *date;
int len;
char tz;
@@ -2959,7 +2962,7 @@
return 0;
len = ASN1_STRING_length(asn1_time);
- data = ASN1_STRING_data(asn1_time);
+ data = ASN1_STRING_get0_data(asn1_time);
date = apr_pstrndup(scratch_pool, data, len);
if (6 > sscanf(date, "%4d%2d%2d%2d%2d%2d%c",