Overview

File qpid-proton-openssl-3.0.0.patch of Package qpid-proton

Index: qpid-proton-0.31.0/c/src/ssl/openssl.c
===================================================================
--- qpid-proton-0.31.0.orig/c/src/ssl/openssl.c	2020-06-03 18:25:09.020577060 +0200
+++ qpid-proton-0.31.0/c/src/ssl/openssl.c	2020-06-03 18:26:10.217016007 +0200
@@ -702,7 +702,7 @@ int pn_ssl_domain_set_trusted_ca_db(pn_s
   if (!domain) return -1;
 
   // certificates can be either a file or a directory, which determines how it is passed
-  // to SSL_CTX_load_verify_locations()
+  // to SSL_CTX_load_verify_*()
   struct stat sbuf;
   if (stat( certificate_db, &sbuf ) != 0) {
     ssl_log(NULL, PN_LEVEL_ERROR, "stat(%s) failed: %s", certificate_db, strerror(errno));
@@ -719,10 +719,24 @@ int pn_ssl_domain_set_trusted_ca_db(pn_s
     file = certificate_db;
   }
 
+#if defined(OPENSSL_VERSION_MAJOR) && OPENSSL_VERSION_MAJOR >= 3
+  if (dir) {
+    if (SSL_CTX_load_verify_dir( domain->ctx, dir ) != 1) {
+      ssl_log_error("SSL_CTX_load_verify_dir( %s ) failed", certificate_db);
+      return -1;
+    }
+  } else {
+    if (SSL_CTX_load_verify_file( domain->ctx, file ) != 1) {
+      ssl_log_error("SSL_CTX_load_verify_file( %s ) failed", certificate_db);
+      return -1;
+    }
+  }
+#else
   if (SSL_CTX_load_verify_locations( domain->ctx, file, dir ) != 1) {
     ssl_log_error("SSL_CTX_load_verify_locations( %s ) failed", certificate_db);
     return -1;
   }
+#endif
 
   return 0;
 }
openSUSE Build Service is sponsored by
Places