SSL: X509 was made opaque in OpenSSL 1.1.0.

To increment reference counters we now use newly introduced X509_up_ref() function.
author: Sergey Kandaurov <pluknet@nginx.com> 2016-03-31 23:38:37 +0300
committer: Sergey Kandaurov <pluknet@nginx.com> 2016-03-31 23:38:37 +0300
commit: d8fbce1deb24a174f327786684f862cc39b5ac0a (patch)
tree: 7769ed8538586a676786f8ac3e609fb477b6e080 /src
parent: 66feb8c6f01a682e93f11e2c80c59bf425d70af9 (diff)
download: nginx-d8fbce1deb24a174f327786684f862cc39b5ac0a.tar.gz
nginx-d8fbce1deb24a174f327786684f862cc39b5ac0a.zip
1 files changed, 4 insertions, 0 deletions
diff --git a/src/event/ngx_event_openssl_stapling.c b/src/event/ngx_event_openssl_stapling.c
index 3f2351c56..5322b1b12 100644
--- a/src/event/ngx_event_openssl_stapling.c
+++ b/src/event/ngx_event_openssl_stapling.c
@@ -285,7 +285,11 @@ ngx_ssl_stapling_issuer(ngx_conf_t *cf, ngx_ssl_t *ssl)
     for (i = 0; i < n; i++) {
         issuer = sk_X509_value(chain, i);
         if (X509_check_issued(issuer, cert) == X509_V_OK) {
+#if OPENSSL_VERSION_NUMBER >= 0x10100001L
+            X509_up_ref(issuer);
+#else
             CRYPTO_add(&issuer->references, 1, CRYPTO_LOCK_X509);
+#endif
 
             ngx_log_debug1(NGX_LOG_DEBUG_EVENT, ssl->log, 0,
                            "SSL get issuer: found %p in extra certs", issuer);
author	Sergey Kandaurov <pluknet@nginx.com>	2016-03-31 23:38:37 +0300
committer	Sergey Kandaurov <pluknet@nginx.com>	2016-03-31 23:38:37 +0300
commit	d8fbce1deb24a174f327786684f862cc39b5ac0a (patch)
tree	7769ed8538586a676786f8ac3e609fb477b6e080 /src
parent	66feb8c6f01a682e93f11e2c80c59bf425d70af9 (diff)
download	nginx-d8fbce1deb24a174f327786684f862cc39b5ac0a.tar.gz nginx-d8fbce1deb24a174f327786684f862cc39b5ac0a.zip