summaryrefslogtreecommitdiff
path: root/src/network.c
diff options
context:
space:
mode:
authorGlenn Strauss <gstrauss@gluelogic.com>2016-04-20 03:57:38 -0400
committerGlenn Strauss <gstrauss@gluelogic.com>2016-04-24 20:28:03 -0400
commit49c74fff65d23756746cab1470c67cf94b9db789 (patch)
tree2d4c4ed2bd0066be6d51ecb03f85ef6d209680c1 /src/network.c
parent4db255ca39f0f9963f131bb4dc9f1f6bc52460a8 (diff)
downloadlighttpd1.4-49c74fff65d23756746cab1470c67cf94b9db789.tar.gz
lighttpd1.4-49c74fff65d23756746cab1470c67cf94b9db789.zip
[core] compile with upcoming openssl 1.1.0 release (fixes #2727)
(thx falemagn) x-ref: "Won't compile with OpenSSL 1.1.0" https://redmine.lighttpd.net/issues/2727
Diffstat (limited to 'src/network.c')
-rw-r--r--src/network.c16
1 files changed, 12 insertions, 4 deletions
diff --git a/src/network.c b/src/network.c
index 6f34aef2..d8526a64 100644
--- a/src/network.c
+++ b/src/network.c
@@ -826,20 +826,28 @@ int network_init(server *srv) {
return -1;
}
} else {
+ BIGNUM *dh_p, *dh_g;
/* Default DH parameters from RFC5114 */
dh = DH_new();
if (dh == NULL) {
log_error_write(srv, __FILE__, __LINE__, "s", "SSL: DH_new () failed");
return -1;
}
- dh->p = BN_bin2bn(dh1024_p,sizeof(dh1024_p), NULL);
- dh->g = BN_bin2bn(dh1024_g,sizeof(dh1024_g), NULL);
- dh->length = 160;
- if ((dh->p == NULL) || (dh->g == NULL)) {
+ dh_p = BN_bin2bn(dh1024_p,sizeof(dh1024_p), NULL);
+ dh_g = BN_bin2bn(dh1024_g,sizeof(dh1024_g), NULL);
+ if ((dh_p == NULL) || (dh_g == NULL)) {
DH_free(dh);
log_error_write(srv, __FILE__, __LINE__, "s", "SSL: BN_bin2bn () failed");
return -1;
}
+ #if OPENSSL_VERSION_NUMBER < 0x10100000L
+ dh->p = dh_p;
+ dh->g = dh_g;
+ dh->length = 160;
+ #else
+ DH_set0_pqg(dh, dh_p, NULL, dh_g);
+ DH_set_length(dh, 160);
+ #endif
}
SSL_CTX_set_tmp_dh(s->ssl_ctx,dh);
SSL_CTX_set_options(s->ssl_ctx,SSL_OP_SINGLE_DH_USE);