summaryrefslogtreecommitdiff
path: root/pith
diff options
context:
space:
mode:
Diffstat (limited to 'pith')
-rw-r--r--pith/pine.hlp2
-rw-r--r--pith/smime.c8
-rw-r--r--pith/smkeys.c39
-rw-r--r--pith/smkeys.h13
4 files changed, 39 insertions, 23 deletions
diff --git a/pith/pine.hlp b/pith/pine.hlp
index 5ee5e72c..6559f9d6 100644
--- a/pith/pine.hlp
+++ b/pith/pine.hlp
@@ -140,7 +140,7 @@ with help text for the config screen and the composer that didn't have any
reasonable place to be called from.
Dummy change to get revision in pine.hlp
============= h_revision =================
-Alpine Commit 166 2016-08-29 20:39:48
+Alpine Commit 167 2016-09-03 18:44:36
============= h_news =================
<HTML>
<HEAD>
diff --git a/pith/smime.c b/pith/smime.c
index 9629f743..389ce012 100644
--- a/pith/smime.c
+++ b/pith/smime.c
@@ -1238,8 +1238,12 @@ smime_init(void)
s_cert_store = get_ca_store();
setup_certs_backup_by_type(CACert);
+#ifdef OPENSSL_1_1_0
+ OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_CIPHERS|OPENSSL_INIT_ADD_ALL_DIGESTS|OPENSSL_INIT_LOAD_CRYPTO_STRINGS, NULL);
+#else
OpenSSL_add_all_algorithms();
ERR_load_crypto_strings();
+#endif /* OPENSSL_1_1_0 */
app_RAND_load_file(NULL);
openssl_extra_randomness();
@@ -3142,8 +3146,8 @@ find_certificate_matching_recip_info(PKCS7_RECIP_INFO *ri)
mine = x->cert;
- if(!X509_NAME_cmp(ri->issuer_and_serial->issuer,mine->cert_info->issuer) &&
- !ASN1_INTEGER_cmp(ri->issuer_and_serial->serial,mine->cert_info->serialNumber)){
+ if(!X509_NAME_cmp(ri->issuer_and_serial->issuer,X509_get_issuer_name(mine)) &&
+ !ASN1_INTEGER_cmp(ri->issuer_and_serial->serial,X509_get_serialNumber(mine))){
break;
}
}
diff --git a/pith/smkeys.c b/pith/smkeys.c
index ce58ed41..8666d53b 100644
--- a/pith/smkeys.c
+++ b/pith/smkeys.c
@@ -62,11 +62,9 @@ smime_X509_to_cert_info(X509 *x, char *name)
memset((void *)cert, 0, sizeof(CertList));
cert->x509_cert = x;
cert->name = name ? cpystr(name) : NULL;
- if(x && x->cert_info){
- cert->data.date_from = smime_get_date(x->cert_info->validity->notBefore);
- cert->data.date_to = smime_get_date(x->cert_info->validity->notAfter);
- cert->cn = smime_get_cn(x->cert_info->subject);
- }
+ cert->data.date_from = smime_get_date(X509_get0_notBefore(x));
+ cert->data.date_to = smime_get_date(X509_get0_notAfter(x));
+ cert->cn = smime_get_cn(x);
get_fingerprint(x, EVP_md5(), buf, sizeof(buf), NULL);
cert->data.md5 = cpystr(buf);
@@ -222,7 +220,7 @@ setup_certs_backup_by_type(WhichCerts ctype)
case CACert:
if((in = BIO_new_file(buf2, "r"))!=0){
x = PEM_read_bio_X509(in, NULL, NULL, NULL);
- if(x && x->cert_info){ /* for now copy this information */
+ if(x){ /* for now copy this information */
cert = smime_X509_to_cert_info(x, df->d_name);
/* we will use the cert->data.md5 variable to find a backup
certificate, not the name */
@@ -261,14 +259,20 @@ setup_certs_backup_by_type(WhichCerts ctype)
}
char *
-smime_get_cn(X509_NAME *subject)
+smime_get_cn(X509 *x)
{
- char buf[256];
X509_NAME_ENTRY *e;
- e = X509_NAME_get_entry(subject, X509_NAME_entry_count(subject)-1);
- if(e)
- X509_NAME_get_text_by_OBJ(subject, e->object, buf, sizeof(buf));
- return cpystr(buf);
+ X509_NAME *subject;
+ char buf[256];
+ char *rv = NULL;
+
+ subject = X509_get_subject_name(x);
+ if((e = X509_NAME_get_entry(subject, X509_NAME_entry_count(subject)-1)) != NULL){
+ X509_NAME_get_text_by_OBJ(subject, X509_NAME_ENTRY_get_object(e), buf, sizeof(buf));
+ rv = cpystr(buf);
+ }
+
+ return rv;
}
int
@@ -395,7 +399,7 @@ emailstrclean(char *string)
char *
-smime_get_date(ASN1_GENERALIZEDTIME *tm)
+smime_get_date(const ASN1_TIME *tm)
{
BIO *mb = BIO_new(BIO_s_mem());
char iobuf[4096];
@@ -476,13 +480,12 @@ add_certs_in_dir(X509_LOOKUP *lookup, char *path, char *ext, CertList **cdata)
cert->name = cpystr(d->d_name);
/* read buf into a bio and fill the CertData structure */
if((in = BIO_new_file(buf, "r"))!=0){
- x = PEM_read_bio_X509(in, NULL, NULL, NULL);
- if(x && x->cert_info){
- cert->data.date_from = smime_get_date(x->cert_info->validity->notBefore);
- cert->data.date_to = smime_get_date(x->cert_info->validity->notAfter);
+ if((x = PEM_read_bio_X509(in, NULL, NULL, NULL)) != NULL){
+ cert->data.date_from = smime_get_date(X509_get0_notBefore(x));
+ cert->data.date_to = smime_get_date(X509_get0_notAfter(x));
get_fingerprint(x, EVP_md5(), buf, sizeof(buf), NULL);
cert->data.md5 = cpystr(buf);
- cert->cn = smime_get_cn(x->cert_info->subject);
+ cert->cn = smime_get_cn(x);
X509_free(x);
}
BIO_free(in);
diff --git a/pith/smkeys.h b/pith/smkeys.h
index 8c23d905..0d3570bc 100644
--- a/pith/smkeys.h
+++ b/pith/smkeys.h
@@ -29,7 +29,16 @@
#include <openssl/pem.h>
#include <openssl/err.h>
#include <openssl/bio.h>
+#include <openssl/safestack.h>
+#ifndef OPENSSL_1_1_0
+#define X509_get0_notBefore(x) ((x) && (x)->cert_info \
+ ? (x)->cert_info->validity->notBefore \
+ : NULL)
+#define X509_get0_notAfter(x) ((x) && (x)->cert_info \
+ ? (x)->cert_info->validity->notAfter \
+ : NULL)
+#endif /* OPENSSL_1_1_0 */
#define EMAILADDRLEADER "emailAddress="
#define CACERTSTORELEADER "cacert="
@@ -64,10 +73,10 @@ void free_personal_certs(PERSONAL_CERT **pc);
void get_fingerprint(X509 *cert, const EVP_MD *type, char *buf, size_t maxLen, char *s);
int certlist_to_file(char *filename, CertList *certlist);
int load_cert_for_key(char *pathdir, EVP_PKEY *pkey, char **certfile, X509 **pcert);
-char *smime_get_date(ASN1_GENERALIZEDTIME *tm);
+char *smime_get_date(const ASN1_TIME *tm);
void resort_certificates(CertList **data, WhichCerts ctype);
int setup_certs_backup_by_type(WhichCerts ctype);
-char *smime_get_cn(X509_NAME *);
+char *smime_get_cn(X509 *);
CertList *smime_X509_to_cert_info(X509 *, char *);