[BUG] OpenSSL function has been deprecated
Peter van der Does
peter at avirtualhome.com
Wed Apr 26 05:56:21 EEST 2017
In src/lib-ssl-iostream/iostream-openssl-params.c a call is made to DH_generate_parameters. This function has been deprecated since OpenSSL 0.9.8. With OpenSSL 1.1 compilation will throw an error.
Not sure how to send patches, I don't even know if the patch I wrote actually works (I don't program in C, but gave it a shot anyway) but below is the patch.
--- a/src/lib-ssl-iostream/iostream-openssl-params.c
+++ b/src/lib-ssl-iostream/iostream-openssl-params.c
@@ -13,13 +13,21 @@ generate_dh_parameters(int bitsize, buffer_t *output, const char **error_r)
{
DH *dh;
unsigned char *p;
- int len, len2;
+ int len, len2, success;
+#if OPENSSL_VERSION_NUMBER >= 0x00908000L
+ success = DH_generate_parameters_ex(dh, bitsize, DH_GENERATOR, NULL);
+#else
dh = DH_generate_parameters(bitsize, DH_GENERATOR, NULL, NULL);
if (dh == NULL) {
+ success = 0;
+ }
+#endif
+
+ if (success == 0) {
*error_r = t_strdup_printf(
- "DH_generate_parameters(bits=%d, gen=%d) failed: %s",
- bitsize, DH_GENERATOR, openssl_iostream_error());
+ "DH_generate_parameters(bits=%d, gen=%d) failed: %s",
+ bitsize, DH_GENERATOR, openssl_iostream_error());
return -1;
}
--
If anybody knows the instruction on how to send patches, please let me know and I follow those instructions.
Regards,
Peter van der Does
More information about the dovecot
mailing list