mainnika/nginx-auth-ldap
1
0
Fork 0
mirror of https://github.com/mainnika/nginx-auth-ldap.git synced 2026-06-12 18:03:36 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #181 from jmakai/patch-1

Browse Source 
Make it compatible with OpenSSL < 1.1
This commit is contained in:
Valery Komarov
2017-07-25 07:58:46 +03:00
committed by GitHub
parent aca69ecd3c 1965254b94
commit 42d195d7a7
1 changed files with 10 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
ngx_http_auth_ldap_module.c
+10
View File
@@ -31,6 +31,7 @@
#include <ngx_http.h> #include <ngx_http.h>
#include <ngx_md5.h> #include <ngx_md5.h>
#include <ldap.h> #include <ldap.h>
#include <openssl/opensslv.h>
// used for manual warnings // used for manual warnings
#define XSTR(x) STR(x) #define XSTR(x) STR(x)
@@ -1403,8 +1404,13 @@ ngx_http_auth_ldap_ssl_handshake(ngx_http_auth_ldap_connection_t *c)
if (c->server->ssl_check_cert) { if (c->server->ssl_check_cert) {
// load CA certificates: custom ones if specified, default ones instead // load CA certificates: custom ones if specified, default ones instead
if (c->server->ssl_ca_file.data || c->server->ssl_ca_dir.data) { if (c->server->ssl_ca_file.data || c->server->ssl_ca_dir.data) {
#if (OPENSSL_VERSION_NUMBER >= 0x10100000L)
int setcode = SSL_CTX_load_verify_locations(transport->ssl->session_ctx, int setcode = SSL_CTX_load_verify_locations(transport->ssl->session_ctx,
(char*)(c->server->ssl_ca_file.data), (char*)(c->server->ssl_ca_dir.data)); (char*)(c->server->ssl_ca_file.data), (char*)(c->server->ssl_ca_dir.data));
#else
int setcode = SSL_CTX_load_verify_locations(transport->ssl->connection->ctx,
(char*)(c->server->ssl_ca_file.data), (char*)(c->server->ssl_ca_dir.data));
#endif
if (setcode != 1) { if (setcode != 1) {
unsigned long error_code = ERR_get_error(); unsigned long error_code = ERR_get_error();
char *error_msg = ERR_error_string(error_code, NULL); char *error_msg = ERR_error_string(error_code, NULL);
@@ -1413,7 +1419,11 @@ ngx_http_auth_ldap_ssl_handshake(ngx_http_auth_ldap_connection_t *c)
"Error: %lu, %s", error_code, error_msg); "Error: %lu, %s", error_code, error_msg);
} }
} }
#if (OPENSSL_VERSION_NUMBER >= 0x10100000L)
int setcode = SSL_CTX_set_default_verify_paths(transport->ssl->session_ctx); int setcode = SSL_CTX_set_default_verify_paths(transport->ssl->session_ctx);
#else
int setcode = SSL_CTX_set_default_verify_paths(transport->ssl->connection->ctx);
#endif
if (setcode != 1) { if (setcode != 1) {
unsigned long error_code = ERR_get_error(); unsigned long error_code = ERR_get_error();
char *error_msg = ERR_error_string(error_code, NULL); char *error_msg = ERR_error_string(error_code, NULL);