summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorGravatar Rosen Penev2019-06-22 02:19:18 +0200
committerGravatar Nikias Bassen2019-06-22 02:19:18 +0200
commite8dac8e231b72bfec56e32873d8572b673c1adbc (patch)
treeb007ccd99166e07ba2d29b440fcd81e740f168ed
parentb3eaf9ce6a852c2000ce443e851ef9fc36a4d331 (diff)
downloadlibimobiledevice-e8dac8e231b72bfec56e32873d8572b673c1adbc.tar.gz
libimobiledevice-e8dac8e231b72bfec56e32873d8572b673c1adbc.tar.bz2
Make sure to not use deprecated API when compiling with OpenSSL >= 1.1
There are several missing headers as well as deprecated functions for which compatibility was added as needed.
Diffstat
-rw-r--r--common/userpref.c18
-rw-r--r--src/idevice.c8
2 files changed, 19 insertions, 7 deletions
diff --git a/common/userpref.c b/common/userpref.c
index b985285..a5aa7cb 100644
--- a/common/userpref.c
+++ b/common/userpref.c
@@ -37,10 +37,16 @@
37#include <unistd.h> 37#include <unistd.h>
38#include <usbmuxd.h> 38#include <usbmuxd.h>
39#ifdef HAVE_OPENSSL 39#ifdef HAVE_OPENSSL
40#include <openssl/bn.h>
40#include <openssl/pem.h> 41#include <openssl/pem.h>
41#include <openssl/rsa.h> 42#include <openssl/rsa.h>
42#include <openssl/x509.h> 43#include <openssl/x509.h>
43#include <openssl/x509v3.h> 44#include <openssl/x509v3.h>
45#if OPENSSL_VERSION_NUMBER < 0x1010000fL || \
46 (defined(LIBRESSL_VERSION_NUMBER) && (LIBRESSL_VERSION_NUMBER < 0x20700000L))
47#define X509_set1_notBefore X509_set_notBefore
48#define X509_set1_notAfter X509_set_notAfter
49#endif
44#else 50#else
45#include <gnutls/gnutls.h> 51#include <gnutls/gnutls.h>
46#include <gnutls/crypto.h> 52#include <gnutls/crypto.h>
@@ -420,9 +426,9 @@ userpref_error_t pair_record_generate_keys_and_certs(plist_t pair_record, key_da
420 /* set key validity */ 426 /* set key validity */
421 ASN1_TIME* asn1time = ASN1_TIME_new(); 427 ASN1_TIME* asn1time = ASN1_TIME_new();
422 ASN1_TIME_set(asn1time, time(NULL)); 428 ASN1_TIME_set(asn1time, time(NULL));
423 X509_set_notBefore(root_cert, asn1time); 429 X509_set1_notBefore(root_cert, asn1time);
424 ASN1_TIME_set(asn1time, time(NULL) + (60 * 60 * 24 * 365 * 10)); 430 ASN1_TIME_set(asn1time, time(NULL) + (60 * 60 * 24 * 365 * 10));
425 X509_set_notAfter(root_cert, asn1time); 431 X509_set1_notAfter(root_cert, asn1time);
426 ASN1_TIME_free(asn1time); 432 ASN1_TIME_free(asn1time);
427 433
428 /* use root public key for root cert */ 434 /* use root public key for root cert */
@@ -453,9 +459,9 @@ userpref_error_t pair_record_generate_keys_and_certs(plist_t pair_record, key_da
453 /* set key validity */ 459 /* set key validity */
454 ASN1_TIME* asn1time = ASN1_TIME_new(); 460 ASN1_TIME* asn1time = ASN1_TIME_new();
455 ASN1_TIME_set(asn1time, time(NULL)); 461 ASN1_TIME_set(asn1time, time(NULL));
456 X509_set_notBefore(host_cert, asn1time); 462 X509_set1_notBefore(host_cert, asn1time);
457 ASN1_TIME_set(asn1time, time(NULL) + (60 * 60 * 24 * 365 * 10)); 463 ASN1_TIME_set(asn1time, time(NULL) + (60 * 60 * 24 * 365 * 10));
458 X509_set_notAfter(host_cert, asn1time); 464 X509_set1_notAfter(host_cert, asn1time);
459 ASN1_TIME_free(asn1time); 465 ASN1_TIME_free(asn1time);
460 466
461 /* use host public key for host cert */ 467 /* use host public key for host cert */
@@ -533,9 +539,9 @@ userpref_error_t pair_record_generate_keys_and_certs(plist_t pair_record, key_da
533 539
534 ASN1_TIME* asn1time = ASN1_TIME_new(); 540 ASN1_TIME* asn1time = ASN1_TIME_new();
535 ASN1_TIME_set(asn1time, time(NULL)); 541 ASN1_TIME_set(asn1time, time(NULL));
536 X509_set_notBefore(dev_cert, asn1time); 542 X509_set1_notBefore(dev_cert, asn1time);
537 ASN1_TIME_set(asn1time, time(NULL) + (60 * 60 * 24 * 365 * 10)); 543 ASN1_TIME_set(asn1time, time(NULL) + (60 * 60 * 24 * 365 * 10));
538 X509_set_notAfter(dev_cert, asn1time); 544 X509_set1_notAfter(dev_cert, asn1time);
539 ASN1_TIME_free(asn1time); 545 ASN1_TIME_free(asn1time);
540 546
541 EVP_PKEY* pkey = EVP_PKEY_new(); 547 EVP_PKEY* pkey = EVP_PKEY_new();
diff --git a/src/idevice.c b/src/idevice.c
index 8c81576..02d34cc 100644
--- a/src/idevice.c
+++ b/src/idevice.c
@@ -36,6 +36,7 @@
36#include <usbmuxd.h> 36#include <usbmuxd.h>
37#ifdef HAVE_OPENSSL 37#ifdef HAVE_OPENSSL
38#include <openssl/err.h> 38#include <openssl/err.h>
39#include <openssl/rsa.h>
39#include <openssl/ssl.h> 40#include <openssl/ssl.h>
40#else 41#else
41#include <gnutls/gnutls.h> 42#include <gnutls/gnutls.h>
@@ -49,6 +50,11 @@
49 50
50#ifdef HAVE_OPENSSL 51#ifdef HAVE_OPENSSL
51 52
53#if OPENSSL_VERSION_NUMBER < 0x10100000L || \
54 (defined(LIBRESSL_VERSION_NUMBER) && (LIBRESSL_VERSION_NUMBER < 0x20020000L))
55#define TLS_method TLSv1_method
56#endif
57
52#if OPENSSL_VERSION_NUMBER < 0x10002000L || defined(LIBRESSL_VERSION_NUMBER) 58#if OPENSSL_VERSION_NUMBER < 0x10002000L || defined(LIBRESSL_VERSION_NUMBER)
53static void SSL_COMP_free_compression_methods(void) 59static void SSL_COMP_free_compression_methods(void)
54{ 60{
@@ -771,7 +777,7 @@ LIBIMOBILEDEVICE_API idevice_error_t idevice_connection_enable_ssl(idevice_conne
771 } 777 }
772 BIO_set_fd(ssl_bio, (int)(long)connection->data, BIO_NOCLOSE); 778 BIO_set_fd(ssl_bio, (int)(long)connection->data, BIO_NOCLOSE);
773 779
774 SSL_CTX *ssl_ctx = SSL_CTX_new(TLSv1_method()); 780 SSL_CTX *ssl_ctx = SSL_CTX_new(TLS_method());
775 if (ssl_ctx == NULL) { 781 if (ssl_ctx == NULL) {
776 debug_info("ERROR: Could not create SSL context."); 782 debug_info("ERROR: Could not create SSL context.");
777 BIO_free(ssl_bio); 783 BIO_free(ssl_bio);
© 2009-2020 sukimashita.com - Generated by cgit - Icons from Tango - Uses Google Analytics