1
0
Fork 0
mirror of https://gitlab.alpinelinux.org/alpine/aports.git synced 2025-07-23 03:05:48 +03:00
aports/community/dillo/openssl-1.1.patch
2022-09-12 02:49:41 +00:00

40 lines
1.3 KiB
Diff

--- a/configure.ac
+++ b/configure.ac
@@ -286,7 +286,7 @@
if test "x$ssl_ok" = "xyes"; then
old_libs="$LIBS"
- AC_CHECK_LIB(ssl, SSL_library_init, ssl_ok=yes, ssl_ok=no, -lcrypto)
+ AC_CHECK_LIB(ssl, OPENSSL_config, ssl_ok=yes, ssl_ok=no, -lcrypto)
LIBS="$old_libs"
fi
--- a/dpi/https.c
+++ b/dpi/https.c
@@ -295,6 +295,16 @@
}
}
+ // fix for SNI servername 2017-08-11
+ MSG("SNI setting (%s)\n", root_url);
+ if (exit_error == 0){
+ MSG("really do SNI setting\n");
+ if (SSL_set_tlsext_host_name(ssl_connection, root_url) != 1){
+ MSG("SSL_set_tlsext_host_name failed\n");
+ ERR_print_errors_fp(stderr);
+ exit_error = 1;
+ }
+ }
if (exit_error == 0){
/*Actually do SSL connection handshake*/
if (SSL_connect(ssl_connection) != 1){
@@ -476,7 +486,8 @@
case X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT:
/*Either self signed and untrusted*/
/*Extract CN from certificate name information*/
- if ((cn = strstr(remote_cert->name, "/CN=")) == NULL) {
+ X509_NAME_oneline(X509_get_subject_name(remote_cert), buf, sizeof(buf));
+ if ((cn = strstr(buf, "/CN=")) == NULL) {
strcpy(buf, "(no CN given)");
} else {
char *cn_end;