X-Git-Url: https://code.citadel.org/?a=blobdiff_plain;f=citadel%2Fmodules%2Fcrypto%2Fserv_crypto.c;h=77b5b1914fefad0b59023dd0c611ee73807e2159;hb=7a9b0685e406cc83597171cc39d008c7e5459ca8;hp=5830da909d63475dc5373a65e256d3478be3674c;hpb=2003ef349df0e34850c9c5163ae98a8fe63d2898;p=citadel.git

diff --git a/citadel/modules/crypto/serv_crypto.c b/citadel/modules/crypto/serv_crypto.c
index 5830da909..77b5b1914 100644
--- a/citadel/modules/crypto/serv_crypto.c
+++ b/citadel/modules/crypto/serv_crypto.c
@@ -22,16 +22,7 @@
 #include <openssl/rand.h>
 #endif
 
-#if TIME_WITH_SYS_TIME
-# include <sys/time.h>
-# include <time.h>
-#else
-# if HAVE_SYS_TIME_H
-#  include <sys/time.h>
-# else
-#  include <time.h>
-# endif
-#endif
+#include <time.h>
 
 #ifdef HAVE_PTHREAD_H
 #include <pthread.h>
@@ -79,7 +70,7 @@ void generate_key(char *keyfilename)
 	unsigned long e = RSA_F4;
 	FILE *fp;
 
-	if (access(file_crpt_file_key, R_OK) == 0) {
+	if (access(keyfilename, R_OK) == 0) {
 		return;
 	}
 
@@ -101,7 +92,7 @@ void generate_key(char *keyfilename)
 	// write the key file
 	fp = fopen(keyfilename, "w");
 	if (fp != NULL) {
-		chmod(file_crpt_file_key, 0600);
+		chmod(keyfilename, 0600);
 		if (PEM_write_RSAPrivateKey(fp,	/* the file */
 					rsa,	/* the key */
 					NULL,	/* no enc */
@@ -111,7 +102,7 @@ void generate_key(char *keyfilename)
 					NULL	/* no callbk */
 		) != 1) {
 			syslog(LOG_ERR, "crypto: cannot write key: %s", ERR_reason_error_string(ERR_get_error()));
-			unlink(file_crpt_file_key);
+			unlink(keyfilename);
 		}
 		fclose(fp);
 	}
@@ -123,8 +114,6 @@ free_all:
 }
 
 
-
-
 void init_ssl(void)
 {
 	const SSL_METHOD *ssl_method;
@@ -277,10 +266,9 @@ void init_ssl(void)
 
 			if (req) {
 				if (cer = X509_new(), cer != NULL) {
-
 					ASN1_INTEGER_set(X509_get_serialNumber(cer), 0);
-					X509_set_issuer_name(cer, req->req_info->subject);
-					X509_set_subject_name(cer, req->req_info->subject);
+					X509_set_issuer_name(cer, X509_REQ_get_subject_name(req));
+					X509_set_subject_name(cer, X509_REQ_get_subject_name(req));
 					X509_gmtime_adj(X509_get_notBefore(cer),0);
 					X509_gmtime_adj(X509_get_notAfter(cer),(long)60*60*24*SIGN_DAYS);
 					req_pkey = X509_REQ_get_pubkey(req);
@@ -605,7 +593,7 @@ void CtdlStartTLS(char *ok_response, char *nosup_response, char *error_response)
 		CC->ssl = NULL;
 		return;
 	}
-	BIO_set_close(CC->ssl->rbio, BIO_NOCLOSE);
+	// BIO_set_close(CC->ssl->rbio, BIO_NOCLOSE); not needed anymore in openssl 1.1 ?
 	bits = SSL_CIPHER_get_bits(SSL_get_current_cipher(CC->ssl), &alg_bits);
 	syslog(LOG_INFO, "crypto: SSL/TLS using %s on %s (%d of %d bits)",
 		SSL_CIPHER_get_name(SSL_get_current_cipher(CC->ssl)),