mainnika
/
nginx-auth-ldap
mirror of https://github.com/mainnika/nginx-auth-ldap
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #181 from jmakai/patch-1

Browse Source 
Make it compatible with OpenSSL < 1.1
main
Valery Komarov 7 years ago committed by GitHub
parent aca69ecd3c 1965254b94
commit 42d195d7a7
1 changed files with 10 additions and 0 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 10
      ngx_http_auth_ldap_module.c

10
ngx_http_auth_ldap_module.c
Unescape View File

@ -31,6 +31,7 @@
#include <ngx_http.h> #include <ngx_http.h>
#include <ngx_md5.h> #include <ngx_md5.h>
#include <ldap.h> #include <ldap.h>
#include <openssl/opensslv.h>
// used for manual warnings // used for manual warnings
#define XSTR(x) STR(x) #define XSTR(x) STR(x)
@ -1403,8 +1404,13 @@ ngx_http_auth_ldap_ssl_handshake(ngx_http_auth_ldap_connection_t *c)
if (c->server->ssl_check_cert) { if (c->server->ssl_check_cert) {
// load CA certificates: custom ones if specified, default ones instead // load CA certificates: custom ones if specified, default ones instead
if (c->server->ssl_ca_file.data || c->server->ssl_ca_dir.data) { if (c->server->ssl_ca_file.data || c->server->ssl_ca_dir.data) {
#if (OPENSSL_VERSION_NUMBER >= 0x10100000L)
int setcode = SSL_CTX_load_verify_locations(transport->ssl->session_ctx, int setcode = SSL_CTX_load_verify_locations(transport->ssl->session_ctx,
(char*)(c->server->ssl_ca_file.data), (char*)(c->server->ssl_ca_dir.data)); (char*)(c->server->ssl_ca_file.data), (char*)(c->server->ssl_ca_dir.data));
#else
int setcode = SSL_CTX_load_verify_locations(transport->ssl->connection->ctx,
(char*)(c->server->ssl_ca_file.data), (char*)(c->server->ssl_ca_dir.data));
#endif
if (setcode != 1) { if (setcode != 1) {
unsigned long error_code = ERR_get_error(); unsigned long error_code = ERR_get_error();
char *error_msg = ERR_error_string(error_code, NULL); char *error_msg = ERR_error_string(error_code, NULL);
@ -1413,7 +1419,11 @@ ngx_http_auth_ldap_ssl_handshake(ngx_http_auth_ldap_connection_t *c)
"Error: %lu, %s", error_code, error_msg); "Error: %lu, %s", error_code, error_msg);
} }
} }
#if (OPENSSL_VERSION_NUMBER >= 0x10100000L)
int setcode = SSL_CTX_set_default_verify_paths(transport->ssl->session_ctx); int setcode = SSL_CTX_set_default_verify_paths(transport->ssl->session_ctx);
#else
int setcode = SSL_CTX_set_default_verify_paths(transport->ssl->connection->ctx);
#endif
if (setcode != 1) { if (setcode != 1) {
unsigned long error_code = ERR_get_error(); unsigned long error_code = ERR_get_error();
char *error_msg = ERR_error_string(error_code, NULL); char *error_msg = ERR_error_string(error_code, NULL);

Write Preview
Loading…
Cancel
Save