diff options
Diffstat (limited to 'alpine')
-rw-r--r-- | alpine/compilation3.patch | 101 |
1 files changed, 0 insertions, 101 deletions
diff --git a/alpine/compilation3.patch b/alpine/compilation3.patch deleted file mode 100644 index 5379efe6d..000000000 --- a/alpine/compilation3.patch +++ /dev/null @@ -1,101 +0,0 @@ -diff --git a/imap/src/osdep/nt/ssl_nt.c b/imap/src/osdep/nt/ssl_nt.c -index 3b0118d..d39fdf0 100644 ---- a/imap/src/osdep/nt/ssl_nt.c -+++ b/imap/src/osdep/nt/ssl_nt.c -@@ -501,7 +501,7 @@ static int ssl_open_verify (int ok,X509_STORE_CTX *ctx) - - static char *ssl_validate_cert (X509 *cert,char *host) - { -- int i,j,n; -+ int i,j,n, m = 0;; - char *s=NULL,*t,*ret = NIL; - void *ext; - GENERAL_NAME *name; -@@ -511,9 +511,11 @@ static char *ssl_validate_cert (X509 *cert,char *host) - /* make sure have a certificate */ - if (!cert) return "No certificate from server"; - /* Method 1: locate CN */ -+#ifndef OPENSSL_1_1_0 - if (cert->name == NIL) - ret = "No name in certificate"; - else if ((s = strstr (cert->name,"/CN=")) != NIL) { -+ m++; /* count that we tried this method */ - if (t = strchr (s += 4,'/')) *t = '\0'; - /* host name matches pattern? */ - ret = ssl_compare_hostnames (host,s) ? NIL : -@@ -528,8 +530,10 @@ static char *ssl_validate_cert (X509 *cert,char *host) - (name->type = GEN_DNS) && (s = name->d.ia5->data) && - ssl_compare_hostnames (host,s)) ret = NIL; - } -+#endif /* OPENSSL_1_1_0 */ - /* Method 2, use Cname */ -- if(ret != NIL){ -+ if(m == 0 || ret != NIL){ -+ cname = X509_get_subject_name(cert); - for(j = 0, ret = NIL; j < X509_NAME_entry_count(cname) && ret == NIL; j++){ - if((e = X509_NAME_get_entry(cname, j)) != NULL){ - X509_NAME_get_text_by_OBJ(cname, X509_NAME_ENTRY_get_object(e), buf, sizeof(buf)); -@@ -552,7 +556,11 @@ static char *ssl_validate_cert (X509 *cert,char *host) - } - } - -- if (ret == NIL && !cert->name && !(cname = X509_get_subject_name(cert))) -+ if (ret == NIL -+#ifndef OPENSSL_1_1_0 -+ && !cert->name -+#endif /* OPENSSL_1_1_9 */ -+ && !X509_get_subject_name(cert)) - ret = "No name in certificate"; - - if (ret == NIL && s == NIL) -diff --git a/imap/src/osdep/unix/ssl_unix.c b/imap/src/osdep/unix/ssl_unix.c -index 0033e55..24f91e1 100644 ---- a/imap/src/osdep/unix/ssl_unix.c -+++ b/imap/src/osdep/unix/ssl_unix.c -@@ -504,7 +504,7 @@ static int ssl_open_verify (int ok,X509_STORE_CTX *ctx) - - static char *ssl_validate_cert (X509 *cert,char *host) - { -- int i,j,n; -+ int i,j,n, m = 0; - char *s=NULL,*t,*ret = NIL; - void *ext; - GENERAL_NAME *name; -@@ -514,9 +514,11 @@ static char *ssl_validate_cert (X509 *cert,char *host) - /* make sure have a certificate */ - if (!cert) return "No certificate from server"; - /* Method 1: locate CN */ -+#ifndef OPENSSL_1_1_0 - if (cert->name == NIL) - ret = "No name in certificate"; - else if ((s = strstr (cert->name,"/CN=")) != NIL) { -+ m++; /* count that we tried this method */ - if (t = strchr (s += 4,'/')) *t = '\0'; - /* host name matches pattern? */ - ret = ssl_compare_hostnames (host,s) ? NIL : -@@ -531,8 +533,10 @@ static char *ssl_validate_cert (X509 *cert,char *host) - (name->type = GEN_DNS) && (s = name->d.ia5->data) && - ssl_compare_hostnames (host,s)) ret = NIL; - } -- /* Method 2, use Cname */ -- if(ret != NIL){ -+#endif /* OPENSSL_1_1_0 */ -+ /* Method 2, use cname */ -+ if(m == 0 || ret != NIL){ -+ cname = X509_get_subject_name(cert); - for(j = 0, ret = NIL; j < X509_NAME_entry_count(cname) && ret == NIL; j++){ - if((e = X509_NAME_get_entry(cname, j)) != NULL){ - X509_NAME_get_text_by_OBJ(cname, X509_NAME_ENTRY_get_object(e), buf, sizeof(buf)); -@@ -555,7 +559,11 @@ static char *ssl_validate_cert (X509 *cert,char *host) - } - } - -- if (ret == NIL && !cert->name && !(cname = X509_get_subject_name(cert))) -+ if (ret == NIL -+#ifndef OPENSSL_1_1_0 -+ && !cert->name -+#endif /* OPENSSL_1_1_0 */ -+ && !X509_get_subject_name(cert)) - ret = "No name in certificate"; - - if (ret == NIL && s == NIL) |