From ea719010491a577f12aa9019ec1fb14d9107107a Mon Sep 17 00:00:00 2001
From: "psyc://psyced.org/~lynX" <ircs://psyced.org/youbroketheinternet>
Date: Wed, 10 Aug 2016 15:45:02 +0000
Subject: [PATCH] openssl upgrade fix provided by Shokara Kou, thank you

---
 src/pkg-tls.c  | 39 +++++++++++++++++++++++----------------
 src/version.sh |  2 +-
 2 files changed, 24 insertions(+), 17 deletions(-)

diff --git a/src/pkg-tls.c b/src/pkg-tls.c
index 8e79133..976335a 100644
--- a/src/pkg-tls.c
+++ b/src/pkg-tls.c
@@ -153,7 +153,8 @@ tls_verify_callback(int preverify_ok, X509_STORE_CTX *ctx)
         char buf[512];
         printf("%s tls_verify_callback(%d, ...)\n", time_stamp(), preverify_ok);
 
-        X509_NAME_oneline(X509_get_issuer_name(ctx->current_cert), buf, sizeof buf);
+        X509_NAME_oneline(X509_get_issuer_name(X509_STORE_CTX_get_current_cert(ctx)),
+			  buf, sizeof buf);
         printf("depth %d: %s\n", X509_STORE_CTX_get_error_depth(ctx), buf);
     }
 #if 0
@@ -1270,11 +1271,11 @@ f_tls_check_certificate(svalue_t *sp)
                     break;
                 }
                 /* extension name */
-                len = OBJ_obj2txt(buf, sizeof buf, ext->object, 1);
+                len = OBJ_obj2txt(buf, sizeof buf, X509_EXTENSION_get_object(ext), 1);
 		if (len > sizeof buf) len = sizeof buf;
                 put_c_n_string(&(extensions->item[3 * i]), (char *)buf, len);
 
-                len = OBJ_obj2txt(buf, sizeof buf, ext->object, 0);
+                len = OBJ_obj2txt(buf, sizeof buf, X509_EXTENSION_get_object(ext), 0);
 		if (len > sizeof buf) len = sizeof buf;
                 put_c_n_string(&(extensions->item[3 * i + 1]), (char *)buf, len);
 
@@ -1573,16 +1574,18 @@ f_tls_query_connection_info (svalue_t *sp)
         vector_t * rc;
         rc = allocate_array(TLS_INFO_MAX);
 #ifdef HAS_OPENSSL
+	SSL_SESSION *sess = SSL_get_session(ip->tls_session);
+	unsigned int sess_id_len;
         put_c_string(&(rc->item[TLS_CIPHER])
                     , SSL_get_cipher(ip->tls_session));
-        put_number(&(rc->item[TLS_COMP]), ip->tls_session->session->compress_meth);
+        put_number(&(rc->item[TLS_COMP]), SSL_SESSION_get_compress_id(sess));
         put_number(&(rc->item[TLS_KX]), 0);
         put_number(&(rc->item[TLS_MAC]), 0);
         put_c_string(&(rc->item[TLS_PROT])
                     , SSL_get_version(ip->tls_session));
 	/* warning: this session id is binary .. maybe fix it someday */
 	put_c_n_string(&(rc->item[TLS_SESSION])
-		    , (char*) ip->tls_session->session->session_id, ip->tls_session->session->session_id_length);
+		    , (char*) SSL_SESSION_get_id(sess, &sess_id_len), sess_id_len);
 #elif defined(HAS_GNUTLS)
         put_number(&(rc->item[TLS_CIPHER])
                   , gnutls_cipher_get(ip->tls_session));
@@ -1751,7 +1754,7 @@ v_hash(svalue_t *sp, int num_arg)
     errorf("GnuTLS does not provide the hash API.\n");
     /* NOTREACHED */
 #else
-    EVP_MD_CTX ctx;
+    EVP_MD_CTX *ctx;
     const EVP_MD *md = NULL;
     char *tmp;
     string_t *digest;
@@ -1808,16 +1811,18 @@ v_hash(svalue_t *sp, int num_arg)
 
     memsafe(tmp = xalloc(hashlen), hashlen, "hash result");
 
-    EVP_DigestInit(&ctx, md);
-    EVP_DigestUpdate(&ctx, (unsigned char *)get_txt(sp->u.str), 
+    ctx = EVP_MD_CTX_new();
+
+    EVP_DigestInit(ctx, md);
+    EVP_DigestUpdate(ctx, (unsigned char *)get_txt(sp->u.str), 
 		     mstrsize(sp->u.str));
-    EVP_DigestFinal(&ctx, (unsigned char*)tmp, &len);
+    EVP_DigestFinal(ctx, (unsigned char*)tmp, &len);
 
     while (--iterations > 0)
     {
-        EVP_DigestInit(&ctx, md);
-        EVP_DigestUpdate(&ctx, tmp, len);
-	EVP_DigestFinal(&ctx, (unsigned char*)tmp, &len);
+        EVP_DigestInit(ctx, md);
+        EVP_DigestUpdate(ctx, tmp, len);
+	EVP_DigestFinal(ctx, (unsigned char*)tmp, &len);
     }
 
     memsafe(digest = alloc_mstring(2 * len), 2 & len, "hex hash result");
@@ -1855,7 +1860,7 @@ f_hmac(svalue_t *sp)
     errorf("OpenSSL wasn't configured to provide the hmac() method.");
     /* NOTREACHED */
 #else
-    HMAC_CTX ctx;
+    HMAC_CTX *ctx;
     const EVP_MD *md = NULL;
     char *tmp;
     string_t *digest;
@@ -1895,9 +1900,11 @@ f_hmac(svalue_t *sp)
 
     memsafe(tmp = xalloc(hashlen), hashlen, "hash result");
 
-    HMAC_Init(&ctx, get_txt(sp[-1].u.str), mstrsize(sp[-1].u.str), md);
-    HMAC_Update(&ctx, (unsigned char*)get_txt(sp->u.str), mstrsize(sp->u.str));
-    HMAC_Final(&ctx, (unsigned char*)tmp, &len);
+    ctx = HMAC_CTX_new();
+
+    HMAC_Init(ctx, get_txt(sp[-1].u.str), mstrsize(sp[-1].u.str), md);
+    HMAC_Update(ctx, (unsigned char*)get_txt(sp->u.str), mstrsize(sp->u.str));
+    HMAC_Final(ctx, (unsigned char*)tmp, &len);
 
     memsafe(digest = alloc_mstring(2 * hashlen)
            , 2 & hashlen, "hmac result");
diff --git a/src/version.sh b/src/version.sh
index ea7bc0b..dc5aed4 100644
--- a/src/version.sh
+++ b/src/version.sh
@@ -17,7 +17,7 @@ version_longtype="stable"
 # A timestamp, to be used by bumpversion and other scripts.
 # It can be used, for example, to 'touch' this file on every build, thus
 # forcing revision control systems to add it on every checkin automatically.
-version_stamp="Wed Mar  1 18:42:11 CET 2017"
+version_stamp="Mon Nov 21 10:43:28 AM CET 2022"
 
 # Okay, LDMUD is using 3.x.x so to avoid conflicts let's just use 4.x.x
 version_major=4