From 088af365ce4f715b9f1d41754651e01db6ebf39a Mon Sep 17 00:00:00 2001 From: Sebastian Andrzej Siewior Date: Sat, 2 Jul 2016 00:12:01 +0200 Subject: make it compile against openssl 1.1.0 - SSL_library_init() is no longer a function but a define invoking another function with parameters. Thus a link check against this function will fail. As a fix AC_LINK_IFELSE is used so the header file can be included. - X509_CRL is opaque and needs an accessor. X509_CRL_get_nextUpdate() is around since OpenSSL 0.9.1c. X509_cmp_current_time() seems to be around since SSLeay 0.8.1b. BTS: https://bugs.debian.org/828083 clamav: https://bugzilla.clamav.net/show_bug.cgi?id=11594 Patch-Name: make_it_compile_against_openssl_1_1_0.patch Signed-off-by: Sebastian Andrzej Siewior --- libclamav/crypto.c | 21 ++++++--------------- m4/reorganization/libs/openssl.m4 | 12 +++++++++--- 2 files changed, 15 insertions(+), 18 deletions(-) diff --git a/libclamav/crypto.c b/libclamav/crypto.c index c62c65a..4be900f 100644 --- a/libclamav/crypto.c +++ b/libclamav/crypto.c @@ -1096,7 +1096,6 @@ X509_CRL *cl_load_crl(const char *file) { X509_CRL *x=NULL; FILE *fp; - struct tm *tm; if (!(file)) return NULL; @@ -1110,21 +1109,13 @@ X509_CRL *cl_load_crl(const char *file) fclose(fp); if ((x)) { - tm = cl_ASN1_GetTimeT(x->crl->nextUpdate); - if (!(tm)) { - X509_CRL_free(x); - return NULL; - } + ASN1_TIME *tme; -#if !defined(_WIN32) - if (timegm(tm) < time(NULL)) { - X509_CRL_free(x); - free(tm); - return NULL; - } -#endif - - free(tm); + tme = X509_CRL_get_nextUpdate(x); + if (!tme || X509_cmp_current_time(tme) < 0) { + X509_CRL_free(x); + return NULL; + } } return x; diff --git a/m4/reorganization/libs/openssl.m4 b/m4/reorganization/libs/openssl.m4 index 78e2c23..45ee02d 100644 --- a/m4/reorganization/libs/openssl.m4 +++ b/m4/reorganization/libs/openssl.m4 @@ -26,12 +26,13 @@ save_LDFLAGS="$LDFLAGS" save_CFLAGS="$CFLAGS" save_LIBS="$LIBS" -SSL_LIBS="-lssl -lcrypto -lz" +SSL_LIBS="$LIBS -lssl -lcrypto -lz" +LIBS="$LIBS $SSL_LIBS" if test "$LIBSSL_HOME" != "/usr"; then SSL_LDFLAGS="-L$LIBSSL_HOME/lib" SSL_CPPFLAGS="-I$LIBSSL_HOME/include" - LDFLAGS="-L$LIBSSL_HOME/lib $SSL_LIBS" + LDFLAGS="-L$LIBSSL_HOME/lib" CFLAGS="$SSL_CPPFLAGS" else SSL_LDFLAGS="" @@ -41,7 +42,12 @@ fi have_ssl="no" have_crypto="no" -AC_CHECK_LIB([ssl], [SSL_library_init], [have_ssl="yes"], [AC_MSG_ERROR([Your OpenSSL installation is misconfigured or missing])], [-lcrypto -lz]) +AC_LINK_IFELSE( + [AC_LANG_PROGRAM([[#include ]], + [[SSL_library_init();]])], + [have_ssl="yes";], + [AC_MSG_ERROR([Your OpenSSL installation is misconfigured or missing])]) + AC_CHECK_LIB([crypto], [EVP_EncryptInit], [have_crypto="yes"], [AC_MSG_ERROR([Your OpenSSL installation is misconfigured or missing])], [-lcrypto -lz])