From 19ef7082baa5097e3d4cddb68c98ea1ec8e34a88 Mon Sep 17 00:00:00 2001 From: Kazuki Yamaguchi Date: Sat, 22 Feb 2020 05:37:01 +0900 Subject: [PATCH] [ruby/openssl] ts: use TS_VERIFY_CTX_set_certs instead of TS_VERIFY_CTS_set_certs OpenSSL 3.0 fixed the typo in the function name and replaced the current 'CTS' version with a macro. https://github.com/ruby/openssl/commit/2be6779b08 --- ext/openssl/extconf.rb | 3 ++- ext/openssl/openssl_missing.h | 5 +++++ ext/openssl/ossl_ts.c | 2 +- 3 files changed, 8 insertions(+), 2 deletions(-) diff --git a/ext/openssl/extconf.rb b/ext/openssl/extconf.rb index baf36e9477..e64fe32f21 100644 --- a/ext/openssl/extconf.rb +++ b/ext/openssl/extconf.rb @@ -160,7 +160,7 @@ have_func("SSL_SESSION_get_protocol_version") have_func("TS_STATUS_INFO_get0_status") have_func("TS_STATUS_INFO_get0_text") have_func("TS_STATUS_INFO_get0_failure_info") -have_func("TS_VERIFY_CTS_set_certs") +have_func("TS_VERIFY_CTS_set_certs(NULL, NULL)", "openssl/ts.h") have_func("TS_VERIFY_CTX_set_store") have_func("TS_VERIFY_CTX_add_flags") have_func("TS_RESP_CTX_set_time_cb") @@ -173,6 +173,7 @@ have_func("EVP_PKEY_check") # added in 3.0.0 have_func("SSL_set0_tmp_dh_pkey") have_func("ERR_get_error_all") +have_func("TS_VERIFY_CTX_set_certs(NULL, NULL)", "openssl/ts.h") Logging::message "=== Checking done. ===\n" diff --git a/ext/openssl/openssl_missing.h b/ext/openssl/openssl_missing.h index 4d9b880138..1b1a54a824 100644 --- a/ext/openssl/openssl_missing.h +++ b/ext/openssl/openssl_missing.h @@ -214,4 +214,9 @@ IMPL_PKEY_GETTER(EC_KEY, ec) } while (0) #endif +/* added in 3.0.0 */ +#if !defined(HAVE_TS_VERIFY_CTX_SET_CERTS) +# define TS_VERIFY_CTX_set_certs(ctx, crts) TS_VERIFY_CTS_set_certs(ctx, crts) +#endif + #endif /* _OSSL_OPENSSL_MISSING_H_ */ diff --git a/ext/openssl/ossl_ts.c b/ext/openssl/ossl_ts.c index b9a62fd9e4..b33ff10c10 100644 --- a/ext/openssl/ossl_ts.c +++ b/ext/openssl/ossl_ts.c @@ -826,7 +826,7 @@ ossl_ts_resp_verify(int argc, VALUE *argv, VALUE self) X509_up_ref(cert); } - TS_VERIFY_CTS_set_certs(ctx, x509inter); + TS_VERIFY_CTX_set_certs(ctx, x509inter); TS_VERIFY_CTX_add_flags(ctx, TS_VFY_SIGNATURE); TS_VERIFY_CTX_set_store(ctx, x509st);