libressl 2.7 has SSL_CTX_get0_certificate

d8a34131 · Tatsuhiro Tsujikawa · 5db17d0a · d8a34131
Commit d8a34131 authored Apr 14, 2018 by Tatsuhiro Tsujikawa
Hide whitespace changes
Inline Side-by-side

Showing with 4 additions and 5 deletions

src/shrpx_tls.cc src/shrpx_tls.cc +4 -5

No files found.
--- a/src/shrpx_tls.cc
+++ b/src/shrpx_tls.cc
@@ -1555,16 +1555,15 @@ int cert_lookup_tree_add_ssl_ctx(
    SSL_CTX *ssl_ctx) {
  std::array<uint8_t, NI_MAXHOST> buf;

-#if !defined(LIBRESSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER >= 0x10002000L
+#if LIBRESSL_2_7_API ||                                                        \
+    (!LIBRESSL_IN_USE && OPENSSL_VERSION_NUMBER >= 0x10002000L)
  auto cert = SSL_CTX_get0_certificate(ssl_ctx);
-#else  // defined(LIBRESSL_VERSION_NUMBER) || OPENSSL_VERSION_NUMBER <
-  // 0x10002000L
+#else  // !LIBRESSL_2_7_API && OPENSSL_VERSION_NUMBER < 0x10002000L
  auto tls_ctx_data =
      static_cast<TLSContextData *>(SSL_CTX_get_app_data(ssl_ctx));
  auto cert = load_certificate(tls_ctx_data->cert_file);
  auto cert_deleter = defer(X509_free, cert);
-#endif // defined(LIBRESSL_VERSION_NUMBER) || OPENSSL_VERSION_NUMBER <
-       // 0x10002000L
+#endif // !LIBRESSL_2_7_API && OPENSSL_VERSION_NUMBER < 0x10002000L

  auto altnames = static_cast<GENERAL_NAMES *>(
      X509_get_ext_d2i(cert, NID_subject_alt_name, nullptr, nullptr));