mainnika
/
nginx-auth-ldap
mirror of https://github.com/mainnika/nginx-auth-ldap
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Make it compatible with OpenSSL < 1.1

Browse Source 
Please make this code compatible with older versions of Open SSL.
main
József Makai 7 years ago committed by GitHub
parent aca69ecd3c
commit 1965254b94
1 changed files with 10 additions and 0 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 10
      ngx_http_auth_ldap_module.c

10
ngx_http_auth_ldap_module.c
Unescape View File

@ -31,6 +31,7 @@
#include <ngx_http.h> #include <ngx_http.h>
#include <ngx_md5.h> #include <ngx_md5.h>
#include <ldap.h> #include <ldap.h>
#include <openssl/opensslv.h>
// used for manual warnings // used for manual warnings
#define XSTR(x) STR(x) #define XSTR(x) STR(x)
@ -1403,8 +1404,13 @@ ngx_http_auth_ldap_ssl_handshake(ngx_http_auth_ldap_connection_t *c)
if (c->server->ssl_check_cert) { if (c->server->ssl_check_cert) {
// load CA certificates: custom ones if specified, default ones instead // load CA certificates: custom ones if specified, default ones instead
if (c->server->ssl_ca_file.data || c->server->ssl_ca_dir.data) { if (c->server->ssl_ca_file.data || c->server->ssl_ca_dir.data) {
#if (OPENSSL_VERSION_NUMBER >= 0x10100000L)
int setcode = SSL_CTX_load_verify_locations(transport->ssl->session_ctx, int setcode = SSL_CTX_load_verify_locations(transport->ssl->session_ctx,
(char*)(c->server->ssl_ca_file.data), (char*)(c->server->ssl_ca_dir.data)); (char*)(c->server->ssl_ca_file.data), (char*)(c->server->ssl_ca_dir.data));
#else
int setcode = SSL_CTX_load_verify_locations(transport->ssl->connection->ctx,
(char*)(c->server->ssl_ca_file.data), (char*)(c->server->ssl_ca_dir.data));
#endif
if (setcode != 1) { if (setcode != 1) {
unsigned long error_code = ERR_get_error(); unsigned long error_code = ERR_get_error();
char *error_msg = ERR_error_string(error_code, NULL); char *error_msg = ERR_error_string(error_code, NULL);
@ -1413,7 +1419,11 @@ ngx_http_auth_ldap_ssl_handshake(ngx_http_auth_ldap_connection_t *c)
"Error: %lu, %s", error_code, error_msg); "Error: %lu, %s", error_code, error_msg);
} }
} }
#if (OPENSSL_VERSION_NUMBER >= 0x10100000L)
int setcode = SSL_CTX_set_default_verify_paths(transport->ssl->session_ctx); int setcode = SSL_CTX_set_default_verify_paths(transport->ssl->session_ctx);
#else
int setcode = SSL_CTX_set_default_verify_paths(transport->ssl->connection->ctx);
#endif
if (setcode != 1) { if (setcode != 1) {
unsigned long error_code = ERR_get_error(); unsigned long error_code = ERR_get_error();
char *error_msg = ERR_error_string(error_code, NULL); char *error_msg = ERR_error_string(error_code, NULL);

Write Preview
Loading…
Cancel
Save