From e8cb012adac713c1c0440a9468fcb917b96c67dd Mon Sep 17 00:00:00 2001
From: Witold Filipczyk <witekfl@poczta.onet.pl>
Date: Fri, 6 Dec 2019 18:50:31 +0100
Subject: [PATCH] [ssl] Allow older versions of openssl. Refs #37

---
 configure.ac             | 3 +++
 src/network/ssl/socket.c | 5 +++++
 src/network/ssl/ssl.c    | 4 ++++
 3 files changed, 12 insertions(+)

diff --git a/configure.ac b/configure.ac
index d550a6d4..a284e564 100644
--- a/configure.ac
+++ b/configure.ac
@@ -1125,6 +1125,9 @@ else
 		EL_CONFIG(CONFIG_OPENSSL, [OpenSSL])
 		chosen_ssl_library="OpenSSL"
 
+		AC_CHECK_FUNCS(RAND_bytes)
+		AC_CHECK_FUNCS(ASN1_STRING_get0_data)
+
 		CFLAGS="$CFLAGS_X"
 		AC_SUBST(OPENSSL_CFLAGS)
 	fi
diff --git a/src/network/ssl/socket.c b/src/network/ssl/socket.c
index f79488d3..a68a01c8 100644
--- a/src/network/ssl/socket.c
+++ b/src/network/ssl/socket.c
@@ -247,7 +247,12 @@ static int
 match_uri_host_ip(const unsigned char *uri_host,
 		  ASN1_OCTET_STRING *cert_host_asn1)
 {
+#ifdef HAVE_ASN1_STRING_GET0_DATA
 	const unsigned char *cert_host_addr = ASN1_STRING_get0_data(cert_host_asn1);
+#else
+	const unsigned char *cert_host_addr = ASN1_STRING_data(cert_host_asn1);
+#endif
+
 	struct in_addr uri_host_in;
 #ifdef CONFIG_IPV6
 	struct in6_addr uri_host_in6;
diff --git a/src/network/ssl/ssl.c b/src/network/ssl/ssl.c
index 8a807972..450add82 100644
--- a/src/network/ssl/ssl.c
+++ b/src/network/ssl/ssl.c
@@ -470,7 +470,11 @@ void
 random_nonce(unsigned char buf[], size_t size)
 {
 #ifdef USE_OPENSSL
+#ifdef HAVE_RAND_BYTES
 	RAND_bytes(buf, size);
+#else
+	RAND_pseudo_bytes(buf, size);
+#endif
 #elif defined(CONFIG_GNUTLS)
 	gcry_create_nonce(buf, size);
 #else