forked from pool/stunnel
2b40af0db6
versions. Replaces stunnel-5.22-code11-openssl-compat.diff. OBS-URL: https://build.opensuse.org/package/show/security:Stunnel/stunnel?expand=0&rev=73
27 lines
1013 B
Diff
27 lines
1013 B
Diff
diff -ru stunnel-5.22-orig/src/verify.c stunnel-5.22/src/verify.c
|
|
--- stunnel-5.22-orig/src/verify.c 2015-07-30 12:08:46.000000000 +0200
|
|
+++ stunnel-5.22/src/verify.c 2015-08-06 09:26:59.129991000 +0200
|
|
@@ -717,6 +717,7 @@
|
|
s_log(LOG_DEBUG, "OCSP: Connected %s:%s", host, port);
|
|
|
|
/* OCSP protocol communication loop */
|
|
+#if OPENSSL_VERSION_NUMBER>=0x10000000L
|
|
req_ctx=OCSP_sendreq_new(bio, path, NULL, -1);
|
|
if(!req_ctx) {
|
|
sslerror("OCSP: OCSP_sendreq_new");
|
|
@@ -728,6 +729,14 @@
|
|
}
|
|
if(!OCSP_REQ_CTX_set1_req(req_ctx, req))
|
|
goto cleanup;
|
|
+#else
|
|
+ /* there is no way to send the Host header with older OpenSSL versions */
|
|
+ req_ctx=OCSP_sendreq_new(bio, path, req, -1);
|
|
+ if(!req_ctx) {
|
|
+ sslerror("OCSP: OCSP_sendreq_new");
|
|
+ goto cleanup;
|
|
+ }
|
|
+#endif
|
|
while(OCSP_sendreq_nbio(&resp, req_ctx)==-1) {
|
|
s_poll_init(c->fds);
|
|
s_poll_add(c->fds, c->fd, BIO_should_read(bio), BIO_should_write(bio));
|