From bcc55f99bcdf5c03bd766639c1dcd14bcb6ee56c Mon Sep 17 00:00:00 2001 From: SergiySW Date: Fri, 10 Aug 2018 06:05:37 +0300 Subject: [PATCH] Allow OpenSSL 1.1 (#950) Tested with OpenSSL 1.1.0f (Debian Stretch) and OpenSSL 1.0.2g (Ubuntu 16.04 LTS) --- CMakeLists.txt | 2 +- rai/node/rpc_secure.cpp | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index bb947dd3..68b01bd9 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -100,7 +100,7 @@ endif () SET( CMAKE_EXE_LINKER_FLAGS "${CMAKE_EXE_LINKER_FLAGS} ${PLATFORM_LINK_FLAGS}" ) if (RAIBLOCKS_SECURE_RPC) - find_package (OpenSSL 1.0 EXACT REQUIRED) + find_package (OpenSSL 1.0 REQUIRED) #include_directories(${OPENSSL_INCLUDE_DIR}) add_definitions (-DRAIBLOCKS_SECURE_RPC) message("OpenSSL include dir: ${OPENSSL_INCLUDE_DIR}") diff --git a/rai/node/rpc_secure.cpp b/rai/node/rpc_secure.cpp index b19d0d3b..dc8beb84 100644 --- a/rai/node/rpc_secure.cpp +++ b/rai/node/rpc_secure.cpp @@ -4,8 +4,8 @@ bool rai::rpc_secure::on_verify_certificate (bool preverified, boost::asio::ssl::verify_context & ctx) { X509_STORE_CTX * cts = ctx.native_handle (); - - switch (cts->error) + auto error (X509_STORE_CTX_get_error (cts)); + switch (error) { case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT: BOOST_LOG (node.log) << "TLS: Unable to get issuer"; @@ -36,9 +36,9 @@ bool rai::rpc_secure::on_verify_certificate (bool preverified, boost::asio::ssl: if (config.secure.verbose_logging) { - if (cts->error != 0) + if (error != 0) { - BOOST_LOG (node.log) << "TLS: Error: " << cts->error; + BOOST_LOG (node.log) << "TLS: Error: " << X509_verify_cert_error_string (error); BOOST_LOG (node.log) << "TLS: Error chain depth : " << X509_STORE_CTX_get_error_depth (cts); }