diff --git a/qmail-remote.c b/qmail-remote.c index 4504e28..9787135 100644 --- a/qmail-remote.c +++ b/qmail-remote.c @@ -270,8 +270,8 @@ char *append; { #ifdef TLS /* shouldn't talk to the client unless in an appropriate state */ - int state = ssl ? ssl->state : SSL_ST_BEFORE; - if (state & SSL_ST_OK || (!smtps && state & SSL_ST_BEFORE)) + int state = ssl ? SSL_get_state(ssl) : TLS_ST_BEFORE; + if (state & TLS_ST_OK || (!smtps && state & TLS_ST_BEFORE)) #endif substdio_putsflush(&smtpto,"QUIT\r\n"); /* waiting for remote side is just too ridiculous */ @@ -499,7 +499,7 @@ int tls_init() X509_NAME *subj = X509_get_subject_name(peercert); i = X509_NAME_get_index_by_NID(subj, NID_commonName, -1); if (i >= 0) { - const ASN1_STRING *s = X509_NAME_get_entry(subj, i)->value; + const ASN1_STRING *s = X509_NAME_ENTRY_get_data(X509_NAME_get_entry(subj, i)); if (s) { peer.len = s->length; peer.s = s->data; } } if (peer.len <= 0) { diff --git a/qmail-smtpd.c b/qmail-smtpd.c index 70ed45f..025eb9c 100644 --- a/qmail-smtpd.c +++ b/qmail-smtpd.c @@ -887,7 +887,7 @@ int tls_verify() subj = X509_get_subject_name(peercert); n = X509_NAME_get_index_by_NID(subj, NID_pkcs9_emailAddress, -1); if (n >= 0) { - const ASN1_STRING *s = X509_NAME_get_entry(subj, n)->value; + const ASN1_STRING *s = X509_NAME_ENTRY_get_data(X509_NAME_get_entry(subj, n)); if (s) { email.len = s->length; email.s = s->data; } } diff --git a/ssl_timeoutio.c b/ssl_timeoutio.c index 5b2dc9d..882d655 100644 --- a/ssl_timeoutio.c +++ b/ssl_timeoutio.c @@ -74,10 +74,10 @@ int ssl_timeoutrehandshake(int t, int rfd, int wfd, SSL *ssl) SSL_renegotiate(ssl); r = ssl_timeoutio(SSL_do_handshake, t, rfd, wfd, ssl, NULL, 0); - if (r <= 0 || ssl->type == SSL_ST_CONNECT) return r; + if (r <= 0 || SSL_get_state(ssl) == SSL_ST_CONNECT) return r; /* this is for the server only */ - ssl->state = SSL_ST_ACCEPT; + SSL_set_accept_state(ssl); return ssl_timeoutio(SSL_do_handshake, t, rfd, wfd, ssl, NULL, 0); }