libressl 2.7 has X509_VERIFY_PARAM_*

2018-04-14 18:04:32 +09:00 · 2018-04-14 18:04:32 +09:00 · 8d0b4544f8
parent d8a34131e1
commit 8d0b4544f8
1 changed files with 6 additions and 4 deletions
--- a/src/nghttp.cc
+++ b/src/nghttp.cc
@ -59,6 +59,7 @@
 #include "base64.h"
 #include "tls.h"
 #include "template.h"
+#include "ssl_compat.h"

 #ifndef O_BINARY
 #define O_BINARY (0)
@ -680,15 +681,16 @@ int HttpClient::initiate_connection() {
      const auto &host_string =
          config.host_override.empty() ? host : config.host_override;

-#if (!defined(LIBRESSL_VERSION_NUMBER) &&                                      \
-     OPENSSL_VERSION_NUMBER >= 0x10002000L) ||                                 \
+#if LIBRESSL_2_7_API ||                                                        \
+    (!LIBRESSL_IN_USE && OPENSSL_VERSION_NUMBER >= 0x10002000L) ||             \
    defined(OPENSSL_IS_BORINGSSL)
      auto param = SSL_get0_param(ssl);
      X509_VERIFY_PARAM_set_hostflags(param, 0);
      X509_VERIFY_PARAM_set1_host(param, host_string.c_str(),
                                  host_string.size());
-#endif // (!defined(LIBRESSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER >=
-       // 0x10002000L) || defined(OPENSSL_IS_BORINGSSL)
+#endif // LIBRESSL_2_7_API || (!LIBRESSL_IN_USE &&
+       // OPENSSL_VERSION_NUMBER >= 0x10002000L) ||
+       // defined(OPENSSL_IS_BORINGSSL)
      SSL_set_verify(ssl, SSL_VERIFY_PEER, verify_cb);

      if (!util::numeric_host(host_string.c_str())) {