diff -urNp xchat-2.8.8.orig/src/common/server.c xchat-2.8.8/src/common/server.c
--- xchat-2.8.8.orig/src/common/server.c 2010-05-30 04:14:41.000000000 +0200
+++ xchat-2.8.8/src/common/server.c 2017-06-26 15:40:02.989120175 +0200
@@ -593,14 +593,16 @@ ssl_cb_info (SSL * s, int where, int ret
static int
ssl_cb_verify (int ok, X509_STORE_CTX * ctx)
{
+ X509 *current_cert;
char subject[256];
char issuer[256];
char buf[512];
- X509_NAME_oneline (X509_get_subject_name (ctx->current_cert), subject,
+ current_cert = X509_STORE_CTX_get_current_cert (ctx);
+ X509_NAME_oneline (X509_get_subject_name (current_cert), subject,
sizeof (subject));
- X509_NAME_oneline (X509_get_issuer_name (ctx->current_cert), issuer,
+ X509_NAME_oneline (X509_get_issuer_name (current_cert), issuer,
sizeof (issuer));
snprintf (buf, sizeof (buf), "* Subject: %s", subject);
@@ -751,7 +753,12 @@ ssl_do_connect (server * serv)
return (0); /* remove it (0) */
} else
{
- if (serv->ssl->session && serv->ssl->session->time + SSLTMOUT < time (NULL))
+ SSL_SESSION *session;
+ long session_time;
+
+ session = SSL_get_session (serv->ssl);
+ session_time = SSL_SESSION_get_time (session);
+ if (session && session_time + SSLTMOUT < time (NULL))
{
snprintf (buf, sizeof (buf), "SSL handshake timed out");
EMIT_SIGNAL (XP_TE_CONNFAIL, serv->server_session, buf, NULL,
diff -urNp xchat-2.8.8.orig/src/common/ssl.c xchat-2.8.8/src/common/ssl.c
--- xchat-2.8.8.orig/src/common/ssl.c 2017-06-26 15:43:41.924066669 +0200
+++ xchat-2.8.8/src/common/ssl.c 2017-06-26 15:54:09.769849268 +0200
@@ -136,6 +136,8 @@ int
_SSL_get_cert_info (struct cert_info *cert_info, SSL * ssl)
{
X509 *peer_cert;
+ X509_PUBKEY *peer_pub_key;
+ ASN1_OBJECT *algorithm;
EVP_PKEY *peer_pkey;
/* EVP_PKEY *ca_pkey; */
/* EVP_PKEY *tmp_pkey; */
@@ -155,8 +157,10 @@ _SSL_get_cert_info (struct cert_info *ce
broke_oneline (cert_info->subject, cert_info->subject_word);
broke_oneline (cert_info->issuer, cert_info->issuer_word);
- alg = OBJ_obj2nid (peer_cert->cert_info->key->algor->algorithm);
- sign_alg = OBJ_obj2nid (peer_cert->sig_alg->algorithm);
+ peer_pub_key = X509_get_X509_PUBKEY (peer_cert);
+ X509_PUBKEY_get0_param (&algorithm, NULL, NULL, NULL, peer_pub_key);
+ alg = OBJ_obj2nid (algorithm);
+ sign_alg = X509_get_signature_type (peer_cert);
ASN1_TIME_snprintf (notBefore, sizeof (notBefore),
X509_get_notBefore (peer_cert));
ASN1_TIME_snprintf (notAfter, sizeof (notAfter),
@@ -199,7 +203,7 @@ _SSL_get_cert_info (struct cert_info *ce
struct chiper_info *
_SSL_get_cipher_info (SSL * ssl)
{
- SSL_CIPHER *c;
+ const SSL_CIPHER *c;
c = SSL_get_current_cipher (ssl);
@@ -274,6 +278,7 @@ SSL *
_SSL_socket (SSL_CTX *ctx, int sd)
{
SSL *ssl;
+ SSL_METHOD *method;
if (!(ssl = SSL_new (ctx)))
@@ -281,7 +286,9 @@ _SSL_socket (SSL_CTX *ctx, int sd)
__SSL_critical_error ("SSL_new");
SSL_set_fd (ssl, sd);
- if (ctx->method == SSLv23_client_method())
+
+ method = SSL_CTX_get_ssl_method (ctx);
+ if (method == SSLv23_client_method())
SSL_set_connect_state (ssl);
else
SSL_set_accept_state(ssl);