external/subpack/libs/getdns/patches/001-openssl-deprecated.patch - T108 - Gitiles

 --- a/src/openssl/tls.c
 +++ b/src/openssl/tls.c
 @@ -872,7 +872,7 @@ _getdns_tls_x509* _getdns_tls_connection
  	if (!conn || !conn->ssl)
  		return NULL;

 -	return _getdns_tls_x509_new(mfs, SSL_get_peer_certificate(conn->ssl));
 +	return _getdns_tls_x509_new(mfs, SSL_get1_peer_certificate(conn->ssl));
  }

  getdns_return_t _getdns_tls_connection_is_session_reused(_getdns_tls_connection* conn)
 @@ -990,7 +990,7 @@ getdns_return_t _getdns_tls_connection_c
  #if defined(USE_DANESSL)
  	{
  		getdns_return_t res = GETDNS_RETURN_GOOD;
 -		X509* peer_cert = SSL_get_peer_certificate(conn->ssl);
 +		X509* peer_cert = SSL_get1_peer_certificate(conn->ssl);
  		if (peer_cert) {
  			if (conn->auth_name[0] &&
  			    X509_check_host(peer_cert,
	--- a/src/openssl/tls.c
	+++ b/src/openssl/tls.c
	@@ -872,7 +872,7 @@ _getdns_tls_x509* _getdns_tls_connection
	if (!conn \|\| !conn->ssl)
	return NULL;

	- return _getdns_tls_x509_new(mfs, SSL_get_peer_certificate(conn->ssl));
	+ return _getdns_tls_x509_new(mfs, SSL_get1_peer_certificate(conn->ssl));
	}

	getdns_return_t _getdns_tls_connection_is_session_reused(_getdns_tls_connection* conn)
	@@ -990,7 +990,7 @@ getdns_return_t _getdns_tls_connection_c
	#if defined(USE_DANESSL)
	{
	getdns_return_t res = GETDNS_RETURN_GOOD;
	- X509* peer_cert = SSL_get_peer_certificate(conn->ssl);
	+ X509* peer_cert = SSL_get1_peer_certificate(conn->ssl);
	if (peer_cert) {
	if (conn->auth_name[0] &&
	X509_check_host(peer_cert,