--- src/ssl_support.c.orig 2010-03-15 04:20:45.000000000 +1100 +++ src/ssl_support.c 2019-09-10 13:35:14.000000000 +1000 @@ -110,7 +110,7 @@ static int ssl_verify_cb(int ok, X509_STORE_CTX * ctx) { char buffer[256]; - X509 *peer_cert = ctx->cert; + X509 *peer_cert = X509_STORE_CTX_get0_cert(ctx); X509_NAME_oneline(X509_get_subject_name(peer_cert), buffer, sizeof(buffer)); @@ -118,7 +118,7 @@ ssl_verify_cb(int ok, X509_STORE_CTX * c if (ok) { debug(83, 5) ("SSL Certificate signature OK: %s\n", buffer); } else { - switch (ctx->error) { + switch (X509_STORE_CTX_get_error(ctx)) { case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT: debug(83, 5) ("SSL Certficate error: CA not known: %s\n", buffer); break; @@ -136,7 +136,7 @@ ssl_verify_cb(int ok, X509_STORE_CTX * c break; default: debug(83, 1) ("SSL unknown certificate error %d in %s\n", - ctx->error, buffer); + X509_STORE_CTX_get_error(ctx), buffer); break; } } @@ -446,19 +446,13 @@ sslCreateServerContext(const char *certf ERR_clear_error(); debug(83, 1) ("Initialising SSL.\n"); switch (version) { - case 2: - debug(83, 5) ("Using SSLv2.\n"); - method = SSLv2_server_method(); - break; - case 3: - debug(83, 5) ("Using SSLv3.\n"); - method = SSLv3_server_method(); - break; case 4: debug(83, 5) ("Using TLSv1.\n"); method = TLSv1_server_method(); break; case 1: + case 2: + case 3: default: debug(83, 5) ("Using SSLv2/SSLv3.\n"); method = SSLv23_server_method(); @@ -609,19 +603,13 @@ sslCreateClientContext(const char *certf ERR_clear_error(); debug(83, 1) ("Initialising SSL.\n"); switch (version) { - case 2: - debug(83, 5) ("Using SSLv2.\n"); - method = SSLv2_client_method(); - break; - case 3: - debug(83, 5) ("Using SSLv3.\n"); - method = SSLv3_client_method(); - break; case 4: debug(83, 5) ("Using TLSv1.\n"); method = TLSv1_client_method(); break; case 1: + case 2: + case 3: default: debug(83, 5) ("Using SSLv2/SSLv3.\n"); method = SSLv23_client_method();