mirror/openldap
2
0
Fork 0
mirror of https://git.openldap.org/openldap/openldap.git synced 2025-02-23 14:09:39 +08:00
Code Issues Packages Projects Releases Wiki Activity

ITS#10216 libldap: fix OpenSSL channel binding digest

Browse Source 
The OBJ_find_ API is undocumented but this is what OpenSSL libcrypto does itself.
This commit is contained in:
Howard Chu 2024-05-14 16:13:15 +01:00
parent 283b994104
commit 4d53ae28cf
1 changed files with 8 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
libraries/libldap/tls_o.c
View File

@ -54,8 +54,10 @@
#if OPENSSL_VERSION_MAJOR >= 3
#define ERR_get_error_line( a, b ) ERR_get_error_all( a, b, NULL, NULL, NULL )
#ifndef SSL_get_peer_certificate
#define SSL_get_peer_certificate( s ) SSL_get1_peer_certificate( s )
#endif
#endif
typedef SSL_CTX tlso_ctx;
typedef SSL tlso_session;
@ -1068,7 +1070,12 @@ tlso_session_endpoint( tls_session *sess, struct berval *buf, int is_server )
return 0;
#if OPENSSL_VERSION_NUMBER >= 0x10100000
md = EVP_get_digestbynid( X509_get_signature_nid( cert ));
{
int mdnid;
if ( !OBJ_find_sigid_algs( X509_get_signature_nid( cert ), &mdnid, NULL ))
return 0;
md = EVP_get_digestbynid( mdnid );
}
#else
md = EVP_get_digestbynid(OBJ_obj2nid( cert->sig_alg->algorithm ));
#endif