libressl 2.7 has X509_VERIFY_PARAM_*

This commit is contained in:
Tatsuhiro Tsujikawa 2018-04-14 18:04:32 +09:00
parent d8a34131e1
commit 8d0b4544f8
1 changed files with 6 additions and 4 deletions

View File

@ -59,6 +59,7 @@
#include "base64.h"
#include "tls.h"
#include "template.h"
#include "ssl_compat.h"
#ifndef O_BINARY
#define O_BINARY (0)
@ -680,15 +681,16 @@ int HttpClient::initiate_connection() {
const auto &host_string =
config.host_override.empty() ? host : config.host_override;
#if (!defined(LIBRESSL_VERSION_NUMBER) && \
OPENSSL_VERSION_NUMBER >= 0x10002000L) || \
#if LIBRESSL_2_7_API || \
(!LIBRESSL_IN_USE && OPENSSL_VERSION_NUMBER >= 0x10002000L) || \
defined(OPENSSL_IS_BORINGSSL)
auto param = SSL_get0_param(ssl);
X509_VERIFY_PARAM_set_hostflags(param, 0);
X509_VERIFY_PARAM_set1_host(param, host_string.c_str(),
host_string.size());
#endif // (!defined(LIBRESSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER >=
// 0x10002000L) || defined(OPENSSL_IS_BORINGSSL)
#endif // LIBRESSL_2_7_API || (!LIBRESSL_IN_USE &&
// OPENSSL_VERSION_NUMBER >= 0x10002000L) ||
// defined(OPENSSL_IS_BORINGSSL)
SSL_set_verify(ssl, SSL_VERIFY_PEER, verify_cb);
if (!util::numeric_host(host_string.c_str())) {