@@ -249,15 +249,28 @@ static int verify_hostname(X509 *cert, const char *hostname)
249
249
/* try the DNS subjectAltNames */
250
250
found = 0 ;
251
251
if ((subj_alt_names = X509_get_ext_d2i (cert , NID_subject_alt_name , NULL , NULL ))) {
252
+ #if (OPENSSL_VERSION_NUMBER >= 0x10100000L )
253
+ int num_subj_alt_names = OPENSSL_sk_num (subj_alt_names );
254
+ #else
252
255
int num_subj_alt_names = sk_GENERAL_NAME_num (subj_alt_names );
256
+ #endif
253
257
for (i = 0 ; !found && i < num_subj_alt_names ; i ++ ) {
258
+
259
+ #if (OPENSSL_VERSION_NUMBER >= 0x10100000L )
260
+ GENERAL_NAME * subj_alt_name = OPENSSL_sk_value (subj_alt_names , i );
261
+ #else
254
262
GENERAL_NAME * subj_alt_name = sk_GENERAL_NAME_value (subj_alt_names , i );
263
+ #endif
255
264
if (subj_alt_name -> type == GEN_DNS &&
256
265
strlen ((const char * )subj_alt_name -> d .ia5 -> data ) == (size_t )subj_alt_name -> d .ia5 -> length &&
257
266
host_matches (hostname , (const char * )(subj_alt_name -> d .ia5 -> data )))
258
267
found = 1 ;
259
268
}
269
+ #if (OPENSSL_VERSION_NUMBER >= 0x10100000L )
270
+ OPENSSL_sk_pop_free (subj_alt_names , GENERAL_NAME_free );
271
+ #else
260
272
sk_GENERAL_NAME_pop_free (subj_alt_names , GENERAL_NAME_free );
273
+ #endif
261
274
}
262
275
if (found )
263
276
return 0 ;
@@ -284,12 +297,22 @@ static int ssl_socket_connect(struct imap_socket *sock, int use_tls_only, int ve
284
297
int ret ;
285
298
X509 * cert ;
286
299
300
+ #if (OPENSSL_VERSION_NUMBER >= 0x10100000L )
301
+ OPENSSL_init_ssl (0 , NULL );
302
+
303
+ meth = TLS_method ();
304
+ #else
287
305
SSL_library_init ();
288
306
SSL_load_error_strings ();
289
307
290
308
meth = SSLv23_method ();
309
+ #endif
291
310
if (!meth ) {
311
+ #if (OPENSSL_VERSION_NUMBER >= 0x10100000L )
312
+ ssl_socket_perror ("TLS_method" );
313
+ #else
292
314
ssl_socket_perror ("SSLv23_method" );
315
+ #endif
293
316
return -1 ;
294
317
}
295
318
0 commit comments