[Minor] Slightly improve openssl 1.1 support

1 files changed, 16 insertions, 4 deletions

diff --git a/src/libutil/ssl_util.c b/src/libutil/ssl_util.c
index 828250e50..3dc34e66a 100644
--- a/src/libutil/ssl_util.c
+++ b/src/libutil/ssl_util.c
@@ -50,6 +50,18 @@ rspamd_ssl_quark (void)
 	return g_quark_from_static_string ("rspamd-ssl");
 }
 
+#if (OPENSSL_VERSION_NUMBER >= 0x10100000L) && !defined(LIBRESSL_VERSION_NUMBER)
+#ifndef X509_get_notBefore
+#define X509_get_notBefore(x) X509_get0_notBefore(x)
+#endif
+#ifndef X509_get_notAfter
+#define X509_get_notAfter(x) X509_get0_notAfter(x)
+#endif
+#ifndef ASN1_STRING_data
+#define ASN1_STRING_data(x) ASN1_STRING_get0_data(x)
+#endif
+#endif
+
 /* $OpenBSD: tls_verify.c,v 1.14 2015/09/29 10:17:04 deraadt Exp $ */
 /*
  * Copyright (c) 2014 Jeremie Courreges-Anglas <jca@openbsd.org>
@@ -173,13 +185,13 @@ rspamd_tls_check_subject_altname (X509 *cert, const char *name)
 		}
 
 		if (type == GEN_DNS) {
-			unsigned char *data;
+			const char *data;
 			int format, len;
 
 			format = ASN1_STRING_type (altname->d.dNSName);
 
 			if (format == V_ASN1_IA5STRING) {
-				data = ASN1_STRING_data (altname->d.dNSName);
+				data = (const char *)ASN1_STRING_data (altname->d.dNSName);
 				len = ASN1_STRING_length (altname->d.dNSName);
 
 				if (len < 0 || len != (gint)strlen (data)) {
@@ -204,11 +216,11 @@ rspamd_tls_check_subject_altname (X509 *cert, const char *name)
 			}
 		}
 		else if (type == GEN_IPADD) {
-			unsigned char *data;
+			const char *data;
 			int datalen;
 
 			datalen = ASN1_STRING_length (altname->d.iPAddress);
-			data = ASN1_STRING_data (altname->d.iPAddress);
+			data = (const char *)ASN1_STRING_data (altname->d.iPAddress);
 
 			if (datalen < 0) {
 				ret = FALSE;