Full_Name: Graham Leggett Version: git master OS: CentOS7 URL: ftp://ftp.openldap.org/incoming/ Submission from: (NULL) (2001:470:18b1:1:c920:9f6:b546:7826)

The addition of 8e34ed8c on the 7th of November broke the build for openssl < 1.1, as the patch used the newer versions of these functions.

The following patch adds the associated autoconf stuff to fix this:

From e111db878300d60acdc295eec08e008a831f9895 Mon Sep 17 00:00:00 2001

From: Graham Leggett minfrin@sharp.fm Date: Sat, 23 Sep 2017 02:10:36 +0000 Subject: [PATCH] EVP_MD_CTX_create and EVP_MD_CTX_destroy have been replaced by EVP_MD_CTX_new and EVP_MD_CTX_free in openssl v1.1 and above.

--- configure.in | 5 +++++ libraries/libldap/tls_o.c | 8 ++++++++ 2 files changed, 13 insertions(+)

diff --git a/configure.in b/configure.in index 46e5e8c..b3da5f1 100644 --- a/configure.in +++ b/configure.in @@ -1223,6 +1223,11 @@ if test $ol_with_tls = openssl || test $ol_with_tls = auto ; then TLS_LIBS="-lssl -lcrypto" fi

+ save_LIBS="$LIBS" + LIBS="$LIBS $TLS_LIBS" + AC_CHECK_FUNCS(EVP_MD_CTX_create EVP_MD_CTX_destroy) + LIBS="$save_LIBS" + OL_SSL_COMPAT if test $ol_cv_ssl_crl_compat = yes ; then AC_DEFINE(HAVE_OPENSSL_CRL, 1, diff --git a/libraries/libldap/tls_o.c b/libraries/libldap/tls_o.c index d3b6ceb..14dffbd 100644 --- a/libraries/libldap/tls_o.c +++ b/libraries/libldap/tls_o.c @@ -867,7 +867,11 @@ tlso_session_pinning( LDAP *ld, tls_session *sess, char *hashalg, struct berval goto done; }

+#ifdef HAVE_EVP_MD_CTX_CREATE + mdctx = EVP_MD_CTX_create(); +#else mdctx = EVP_MD_CTX_new(); +#endif if ( !mdctx ) { rc = -1; goto done; @@ -877,7 +881,11 @@ tlso_session_pinning( LDAP *ld, tls_session *sess, char *hashalg, struct berval EVP_DigestUpdate( mdctx, key.bv_val, key.bv_len ); EVP_DigestFinal_ex( mdctx, (unsigned char *)keyhash.bv_val, &len ); keyhash.bv_len = len; +#ifdef HAVE_EVP_MD_CTX_DESTROY + EVP_MD_CTX_destroy( mdctx ); +#else EVP_MD_CTX_free( mdctx ); +#endif } else { keyhash = key; }