upstream/openldap
1
0
Fork 0
mirror of https://git.openldap.org/openldap/openldap.git synced 2025-12-20 22:59:34 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions

ITS#10216 libldap: fix OpenSSL channel binding digest

Browse source 
The OBJ_find_ API is undocumented but this is what OpenSSL libcrypto does itself.
This commit is contained in:
Howard Chu 2024-05-14 16:13:15 +01:00
parent 283b994104
commit 4d53ae28cf
1 changed files with 8 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
libraries/libldap/tls_o.c
View file

@ -54,8 +54,10 @@
#if OPENSSL_VERSION_MAJOR >= 3 #if OPENSSL_VERSION_MAJOR >= 3
#define ERR_get_error_line( a, b ) ERR_get_error_all( a, b, NULL, NULL, NULL ) #define ERR_get_error_line( a, b ) ERR_get_error_all( a, b, NULL, NULL, NULL )
#ifndef SSL_get_peer_certificate
#define SSL_get_peer_certificate( s ) SSL_get1_peer_certificate( s ) #define SSL_get_peer_certificate( s ) SSL_get1_peer_certificate( s )
#endif #endif
#endif
typedef SSL_CTX tlso_ctx; typedef SSL_CTX tlso_ctx;
typedef SSL tlso_session; typedef SSL tlso_session;
@ -1068,7 +1070,12 @@ tlso_session_endpoint( tls_session *sess, struct berval *buf, int is_server )
return 0; return 0;
#if OPENSSL_VERSION_NUMBER >= 0x10100000 #if OPENSSL_VERSION_NUMBER >= 0x10100000
md = EVP_get_digestbynid( X509_get_signature_nid( cert )); {
int mdnid;
if ( !OBJ_find_sigid_algs( X509_get_signature_nid( cert ), &mdnid, NULL ))
return 0;
md = EVP_get_digestbynid( mdnid );
}
#else #else
md = EVP_get_digestbynid(OBJ_obj2nid( cert->sig_alg->algorithm )); md = EVP_get_digestbynid(OBJ_obj2nid( cert->sig_alg->algorithm ));
#endif #endif