diff options
author | manu <manu@pkgsrc.org> | 2020-04-16 14:03:28 +0000 |
---|---|---|
committer | manu <manu@pkgsrc.org> | 2020-04-16 14:03:28 +0000 |
commit | 5fefa2f54d36a6c242433673a101018b4b861683 (patch) | |
tree | ccd88bd7f429e6e8bffa4d52462c64abaf710695 /mail | |
parent | e14ad5b77de49c95773b6a8688c4a74b2fb4d9bc (diff) | |
download | pkgsrc-5fefa2f54d36a6c242433673a101018b4b861683.tar.gz |
Re-add imapproxy, with updated patches to build with OpenSSL 1.1.1
Diffstat (limited to 'mail')
-rw-r--r-- | mail/imapproxy/DESCR | 6 | ||||
-rw-r--r-- | mail/imapproxy/MESSAGE | 7 | ||||
-rw-r--r-- | mail/imapproxy/Makefile | 51 | ||||
-rw-r--r-- | mail/imapproxy/PLIST | 9 | ||||
-rw-r--r-- | mail/imapproxy/distinfo | 14 | ||||
-rwxr-xr-x | mail/imapproxy/files/imapproxy.sh | 18 | ||||
-rw-r--r-- | mail/imapproxy/patches/patch-aa | 26 | ||||
-rw-r--r-- | mail/imapproxy/patches/patch-ba | 14 | ||||
-rw-r--r-- | mail/imapproxy/patches/patch-bb | 14 | ||||
-rw-r--r-- | mail/imapproxy/patches/patch-bc | 20 | ||||
-rw-r--r-- | mail/imapproxy/patches/patch-include_imapproxy.h | 17 | ||||
-rw-r--r-- | mail/imapproxy/patches/patch-src_config.c | 19 | ||||
-rw-r--r-- | mail/imapproxy/patches/patch-src_imapcommon.c | 131 | ||||
-rw-r--r-- | mail/imapproxy/patches/patch-src_main.c | 66 |
14 files changed, 412 insertions, 0 deletions
diff --git a/mail/imapproxy/DESCR b/mail/imapproxy/DESCR new file mode 100644 index 00000000000..7b2b6760517 --- /dev/null +++ b/mail/imapproxy/DESCR @@ -0,0 +1,6 @@ +ImapProxy is a caching IMAP proxy daemon designed to be used with +Horde/IMP. The program forwards all traffic between the client and the +server, but keeps the connection to the server alive after the client logs +out. When the same user attempts to log in again, the proxy will use the +cached username/password pair to authenticate the client, and tie the new +client to the old server connection (which was kept alive). diff --git a/mail/imapproxy/MESSAGE b/mail/imapproxy/MESSAGE new file mode 100644 index 00000000000..34e3bb3610a --- /dev/null +++ b/mail/imapproxy/MESSAGE @@ -0,0 +1,7 @@ +=========================================================================== +$NetBSD: MESSAGE,v 1.3 2020/04/16 14:03:29 manu Exp $ + +imapproxy configuration file must be located at ${PREFIX}/etc/imapproxy.conf +A sample file is provided in ${PREFIX}/share/examples/imapproxy + +=========================================================================== diff --git a/mail/imapproxy/Makefile b/mail/imapproxy/Makefile new file mode 100644 index 00000000000..58d66f5a0ad --- /dev/null +++ b/mail/imapproxy/Makefile @@ -0,0 +1,51 @@ +# $NetBSD: Makefile,v 1.25 2020/04/16 14:03:29 manu Exp $ +# + +DISTNAME= squirrelmail-imap_proxy-1.2.7 +PKGNAME= imapproxy-1.2.7 +PKGREVISION= 6 +CATEGORIES= mail +MASTER_SITES= ${MASTER_SITE_SOURCEFORGE:=squirrelmail/} + +MAINTAINER= pkgsrc-users@NetBSD.org +HOMEPAGE= http://www.imapproxy.org/ +COMMENT= Simple connection caching IMAP proxy daemon + +GNU_CONFIGURE= YES + +CONFIGURE_ARGS+= --exec_prefix=${DESTDIR}${PREFIX} +BUILD_DEFS+= VARBASE +CFLAGS+= -DDEFAULT_CONFIG_FILE=\"${PREFIX}/etc/imapproxy.conf\" +CFLAGS+= -DDEFAULT_PID_FILE=\"${VARBASE}/run/imapproxy.pid\" +RCD_SCRIPTS= imapproxy + +IMAPPROXY_USER?= imapproxy +IMAPPROXY_GROUP?= imapproxy +IMAPPROXY_CHROOT?= ${VARBASE}/chroot/imapproxy +IMAPPROXY_DOC?= share/doc/imapproxy +IMAPPROXY_EXAMPLES?= share/examples/imapproxy + +PKG_GROUPS_VARS+= IMAPPROXY_GROUP +PKG_USERS_VARS+= IMAPPROXY_USER +PKG_GROUPS= ${IMAPPROXY_GROUP} +PKG_USERS= ${IMAPPROXY_USER}:${IMAPPROXY_GROUP} +PKG_GECOS.${IMAPPROXY_USER}= IMAP Proxy pseudo-user +PKG_HOME.${IMAPPROXY_USER}= ${IMAPPROXY_CHROOT} + +INSTALLATION_DIRS+= sbin +INSTALLATION_DIRS+= ${IMAPPROXY_DOC} +INSTALLATION_DIRS+= ${IMAPPROXY_EXAMPLES} + +MAKE_DIRS= ${VARBASE}/chroot +OWN_DIRS= ${VARBASE}/chroot/imapproxy + +post-install: +.for doc in COPYING ChangeLog README README.known_issues README.ssl + ${INSTALL_DATA} ${WRKSRC}/${doc} ${DESTDIR}${PREFIX}/${IMAPPROXY_DOC} +.endfor + ${INSTALL_DATA} ${WRKSRC}/scripts/imapproxy.conf \ + ${DESTDIR}${PREFIX}/${IMAPPROXY_EXAMPLES} + +.include "../../mk/curses.buildlink3.mk" +.include "../../security/openssl/buildlink3.mk" +.include "../../mk/bsd.pkg.mk" diff --git a/mail/imapproxy/PLIST b/mail/imapproxy/PLIST new file mode 100644 index 00000000000..12ceffe1504 --- /dev/null +++ b/mail/imapproxy/PLIST @@ -0,0 +1,9 @@ +@comment $NetBSD: PLIST,v 1.6 2020/04/16 14:03:29 manu Exp $ +sbin/in.imapproxyd +sbin/pimpstat +share/doc/imapproxy/COPYING +share/doc/imapproxy/ChangeLog +share/doc/imapproxy/README +share/doc/imapproxy/README.known_issues +share/doc/imapproxy/README.ssl +share/examples/imapproxy/imapproxy.conf diff --git a/mail/imapproxy/distinfo b/mail/imapproxy/distinfo new file mode 100644 index 00000000000..4e23a15434d --- /dev/null +++ b/mail/imapproxy/distinfo @@ -0,0 +1,14 @@ +$NetBSD: distinfo,v 1.13 2020/04/16 14:03:29 manu Exp $ + +SHA1 (squirrelmail-imap_proxy-1.2.7.tar.gz) = b2e324383ae8a2cdb3b5bd0340a2e2174941bd65 +RMD160 (squirrelmail-imap_proxy-1.2.7.tar.gz) = 87f3b9ab367e9da2a3f532e6de867004abbe75cf +SHA512 (squirrelmail-imap_proxy-1.2.7.tar.gz) = 355816e26eb9fa273b2b4e6cf0c2f55b85d0568291095913a4b05dd73a428a173c2a5b327c4ef296ca74ca500250b22fa2ae44d7d44613624641954fc9603507 +Size (squirrelmail-imap_proxy-1.2.7.tar.gz) = 136209 bytes +SHA1 (patch-aa) = ee753ff90c68549067ef28d9ed8c10ffeb1982e4 +SHA1 (patch-ba) = 8f3d8adbac5a147cc143d7737d56a83401736a9d +SHA1 (patch-bb) = 348768062f5f9e314223fb7d385f749646ed04be +SHA1 (patch-bc) = c3daf40715af721a0c4ff1b1071a892c94b59ce5 +SHA1 (patch-include_imapproxy.h) = 9e2326ece220e48c3baa2949b13d21448405e741 +SHA1 (patch-src_config.c) = 84ac9bde7cf64add665adb0f4d658ef856a91ae0 +SHA1 (patch-src_imapcommon.c) = a8d95e87cd6f3857e69abe17dc71a683f196d98d +SHA1 (patch-src_main.c) = e0795df7e7312cfb285cc65bbabdecd3553c7e65 diff --git a/mail/imapproxy/files/imapproxy.sh b/mail/imapproxy/files/imapproxy.sh new file mode 100755 index 00000000000..d9f6257894e --- /dev/null +++ b/mail/imapproxy/files/imapproxy.sh @@ -0,0 +1,18 @@ +#!@RCD_SCRIPTS_SHELL@ +# +# $NetBSD: imapproxy.sh,v 1.4 2020/04/16 14:03:29 manu Exp $ +# + +# PROVIDE: imapproxy +# REQUIRE: DAEMON +# BEFORE: LOGIN + +$_rc_subr_loaded . /etc/rc.subr + +name="imapproxy" +rcvar=$name +command="@PREFIX@/sbin/in.imapproxyd" +required_files="@PKG_SYSCONFDIR@/imapproxy.conf" + +load_rc_config $name +run_rc_command "$1" diff --git a/mail/imapproxy/patches/patch-aa b/mail/imapproxy/patches/patch-aa new file mode 100644 index 00000000000..175d5c5550e --- /dev/null +++ b/mail/imapproxy/patches/patch-aa @@ -0,0 +1,26 @@ +$NetBSD: patch-aa,v 1.6 2020/04/16 14:03:29 manu Exp $ + +--- Makefile.in.orig 2010-07-25 09:11:36.000000000 +0000 ++++ Makefile.in +@@ -70,7 +70,7 @@ $(XYD_BIN): $(XYD_OBJ) + $(CC) -o $@ $(XYD_OBJ) $(LDFLAGS) $(XYD_LIB) + + $(TAT_BIN): $(TAT_OBJ) +- $(CC) -o $@ $(TAT_OBJ) $(TAT_LIB) ++ $(CC) -o $@ $(TAT_OBJ) $(LDFLAGS) $(TAT_LIB) + + clean: + rm -f ./src/core $(XYD_OBJ) $(TAT_OBJ) $(XYD_BIN) $(TAT_BIN) +@@ -79,9 +79,9 @@ distclean: clean + rm -f config.cache config.log config.h Makefile + + install: $(XYD_BIN) $(TAT_BIN) +- mkdir -p $(EBIN) +- $(INSTALL) -o bin -g bin -m 0755 $(XYD_BIN) $(EBIN) +- $(INSTALL) -o bin -g bin -m 0755 $(TAT_BIN) $(EBIN) ++ ${BSD_INSTALL_PROGRAM_DIR} $(EBIN) ++ ${BSD_INSTALL_PROGRAM} $(XYD_BIN) $(EBIN) ++ ${BSD_INSTALL_PROGRAM} $(TAT_BIN) $(EBIN) + + install-init: + $(INSTALL) -o root -g sys -m 0755 ./scripts/imapproxy.init $(ETC)/init.d/imapproxy diff --git a/mail/imapproxy/patches/patch-ba b/mail/imapproxy/patches/patch-ba new file mode 100644 index 00000000000..101d92ab94e --- /dev/null +++ b/mail/imapproxy/patches/patch-ba @@ -0,0 +1,14 @@ +$NetBSD: patch-ba,v 1.3 2020/04/16 14:03:29 manu Exp $ +--- configure.in.orig 2010-03-21 22:20:57.000000000 +0100 ++++ configure.in 2010-03-21 22:21:05.000000000 +0100 +@@ -120,9 +120,9 @@ + dnl Check for curses + save_LIBS="$LIBS" + LIB_CURSES="" + AC_CHECK_LIB(curses, initscr, LIB_CURSES="-lcurses", [ curses_found=no ]) +-if test "$curses_found" == no; then ++if test "$curses_found" = no; then + AC_CHECK_LIB(ncurses, initscr, LIB_CURSES="-lncurses", + AC_ERROR([Can't compile without curses!!!])) + fi + diff --git a/mail/imapproxy/patches/patch-bb b/mail/imapproxy/patches/patch-bb new file mode 100644 index 00000000000..6ce71e1d514 --- /dev/null +++ b/mail/imapproxy/patches/patch-bb @@ -0,0 +1,14 @@ +$NetBSD: patch-bb,v 1.3 2020/04/16 14:03:29 manu Exp $ +--- configure.orig 2010-03-21 22:20:49.000000000 +0100 ++++ configure 2010-03-21 22:21:13.000000000 +0100 +@@ -3418,9 +3418,9 @@ + else + curses_found=no + fi + +-if test "$curses_found" == no; then ++if test "$curses_found" = no; then + echo "$as_me:$LINENO: checking for initscr in -lncurses" >&5 + echo $ECHO_N "checking for initscr in -lncurses... $ECHO_C" >&6 + if test "${ac_cv_lib_ncurses_initscr+set}" = set; then + echo $ECHO_N "(cached) $ECHO_C" >&6 diff --git a/mail/imapproxy/patches/patch-bc b/mail/imapproxy/patches/patch-bc new file mode 100644 index 00000000000..a5a5bc34022 --- /dev/null +++ b/mail/imapproxy/patches/patch-bc @@ -0,0 +1,20 @@ +$NetBSD: patch-bc,v 1.3 2020/04/16 14:03:29 manu Exp $ +--- include/imapproxy.h.orig 2010-03-22 07:40:36.000000000 +0100 ++++ include/imapproxy.h 2010-03-22 08:46:47.000000000 +0100 +@@ -171,14 +171,14 @@ + */ + #define PGM "in.imapproxyd" + #define IMAP_UNTAGGED_OK "* OK " /* untagged OK response */ + #define IMAP_TAGGED_OK "1 OK " /* tagged OK response */ +-#define BUFSIZE 4096 /* default buffer size */ ++#define BUFSIZE 8192 /* default buffer size */ + #define MAX_CONN_BACKLOG 5 /* tcp connection backlog */ + #define MAXTAGLEN 256 /* max IMAP tag length */ + #define MAXMAILBOXNAME 512 /* max mailbox name length */ + #define MAXUSERNAMELEN 64 /* max username length */ +-#define MAXPASSWDLEN 64 /* max passwd length */ ++#define MAXPASSWDLEN 8192 /* max passwd length */ + #define POLL_TIMEOUT_MINUTES 30 /* Poll timeout in minutes */ + #define POLL_TIMEOUT (POLL_TIMEOUT_MINUTES * 60000) + #define SELECT_BUF_SIZE BUFSIZE /* max length of a SELECT */ + /* string we can cache */ diff --git a/mail/imapproxy/patches/patch-include_imapproxy.h b/mail/imapproxy/patches/patch-include_imapproxy.h new file mode 100644 index 00000000000..dd74160a3c0 --- /dev/null +++ b/mail/imapproxy/patches/patch-include_imapproxy.h @@ -0,0 +1,17 @@ +$NetBSD: patch-include_imapproxy.h,v 1.3 2020/04/16 14:03:29 manu Exp $ + +SASL PLAIN Support. Patch submitted upstream +http://sourceforge.net/tracker/?func=detail&aid=3610674&group_id=311&atid=300311 + +--- include/imapproxy.h.orig 2013-04-15 11:57:37.000000000 +0200 ++++ include/imapproxy.h 2013-04-15 11:58:33.000000000 +0200 +@@ -311,8 +311,9 @@ + unsigned char support_unselect; /* unselect support flag */ + unsigned char support_starttls; /* starttls support flag */ + unsigned char login_disabled; /* login disabled flag */ + char *chroot_directory; /* chroot(2) into this dir */ ++ char *auth_sasl_mech; /* SASL mechanism */ + }; + + + /* diff --git a/mail/imapproxy/patches/patch-src_config.c b/mail/imapproxy/patches/patch-src_config.c new file mode 100644 index 00000000000..f6b64164143 --- /dev/null +++ b/mail/imapproxy/patches/patch-src_config.c @@ -0,0 +1,19 @@ +$NetBSD: patch-src_config.c,v 1.3 2020/04/16 14:03:29 manu Exp $ + +SASL PLAIN Support. Patch submitted upstream +http://sourceforge.net/tracker/?func=detail&aid=3610674&group_id=311&atid=300311 + +--- src/config.c.orig 2010-02-20 18:16:58.000000000 +0100 ++++ src/config.c 2013-04-15 12:00:50.000000000 +0200 +@@ -452,8 +452,11 @@ + &PC_Struct.force_tls, index ); + + ADD_TO_TABLE( "enable_admin_commands", SetBooleanValue, + &PC_Struct.enable_admin_commands, index ); ++ ++ ADD_TO_TABLE( "auth_sasl_mech", SetStringValue, ++ &PC_Struct.auth_sasl_mech, index ); + + ConfigTable[index].Keyword[0] = '\0'; + + FP = fopen( ConfigFile, "r" ); diff --git a/mail/imapproxy/patches/patch-src_imapcommon.c b/mail/imapproxy/patches/patch-src_imapcommon.c new file mode 100644 index 00000000000..767ccd2e810 --- /dev/null +++ b/mail/imapproxy/patches/patch-src_imapcommon.c @@ -0,0 +1,131 @@ +$NetBSD: patch-src_imapcommon.c,v 1.3 2020/04/16 14:03:29 manu Exp $ + +Build fixes for OpenSSL 1.1.1 + +SASL PLAIN Support. Patch submitted upstream +http://sourceforge.net/tracker/?func=detail&aid=3610674&group_id=311&atid=300311 + +--- src/imapcommon.c.orig 2010-07-26 09:08:47.000000000 +0200 ++++ src/imapcommon.c 2020-04-16 15:49:08.132245848 +0200 +@@ -397,18 +397,19 @@ + ITD_Struct Server; + int rc; + unsigned int Expiration; + +- EVP_MD_CTX mdctx; ++ EVP_MD_CTX *mdctx = EVP_MD_CTX_new(); + int md_len; + + Expiration = PC_Struct.cache_expiration_time; + memset( &Server, 0, sizeof Server ); + + /* need to md5 the passwd regardless, so do that now */ +- EVP_DigestInit(&mdctx, EVP_md5()); +- EVP_DigestUpdate(&mdctx, Password, strlen(Password)); +- EVP_DigestFinal(&mdctx, md5pw, &md_len); ++ EVP_DigestInit(mdctx, EVP_md5()); ++ EVP_DigestUpdate(mdctx, Password, strlen(Password)); ++ EVP_DigestFinal(mdctx, md5pw, &md_len); ++ EVP_MD_CTX_free(mdctx); + + /* see if we have a reusable connection available */ + ICC_Active = NULL; + HashIndex = Hash( Username, HASH_TABLE_SIZE ); +@@ -689,13 +690,96 @@ + } + #endif /* HAVE_LIBSSL */ + + ++ /* ++ * If configured to do so, use SASL PLAIN instead of IMAP LOGIN ++ */ ++ if ( PC_Struct.auth_sasl_mech && ++ !strcmp( PC_Struct.auth_sasl_mech, "plain" ) ) ++ { ++ /* ++ * Build SASL AUTH PLAIN string: ++ * username\0username\0password ++ */ ++ char *ptr_username; ++ unsigned int username_size; ++ char *ptr_password; ++ unsigned int password_size; ++ unsigned int total_size; ++ unsigned int AuthBufIndex; ++ char AuthBuf[BUFSIZE]; ++ char EncodedAuthBuf[BUFSIZE]; ++ ++ /* ++ * Strip quotes From username ++ */ ++ ptr_username = Username; ++ username_size = strlen( Username ); ++ if ( *ptr_username == '"' && *(ptr_username + username_size - 1) == '"' ) ++ { ++ ++ptr_username; ++ username_size = username_size - 2; ++ } ++ ++ /* ++ * Same with password ++ */ ++ ptr_password = Password; ++ password_size = strlen( Password ); ++ if ( *ptr_password == '"' && *(ptr_password + password_size - 1) == '"' ) ++ { ++ ++ptr_password; ++ password_size = password_size - 2; ++ } ++ ++ /* ++ * Make sure output buffer is big enough ( +3 for three \0 ) ++ */ ++ total_size = username_size + username_size + password_size + 3; ++ if ( total_size > sizeof(AuthBuf) ) { ++ syslog( LOG_INFO, ++ "LOGIN: '%s' (%s:%s) failed: PLAIN AUTH needs %d/%d bytes", ++ Username, ClientAddr, portstr, total_size, sizeof(AuthBuf)); ++ goto fail; ++ } ++ ++ /* ++ * Prepare the buffer ++ */ ++ AuthBufIndex = 0; ++ ++ memcpy( AuthBuf + AuthBufIndex, ptr_username, username_size ); ++ AuthBufIndex += username_size; ++ AuthBuf[AuthBufIndex++] = '\0'; ++ ++ memcpy( AuthBuf + AuthBufIndex, ptr_username, username_size ); ++ AuthBufIndex += username_size; ++ AuthBuf[AuthBufIndex++] = '\0'; ++ ++ memcpy( AuthBuf + AuthBufIndex, ptr_password, password_size ); ++ AuthBufIndex += password_size; ++ AuthBuf[AuthBufIndex++] = '\0'; ++ ++ EVP_EncodeBlock( EncodedAuthBuf, AuthBuf, AuthBufIndex ); ++ ++ snprintf( SendBuf, BufLen, "A0001 AUTHENTICATE PLAIN %s\r\n", EncodedAuthBuf ); ++ ++ /* syslog( LOG_INFO, "sending auth plain '%s'", EncodedAuthBuf ); */ ++ ++ if ( IMAP_Write( Server.conn, SendBuf, strlen(SendBuf) ) == -1 ) ++ { ++ syslog( LOG_INFO, ++ "LOGIN: '%s' (%s:%s) failed: IMAP_Write() failed attempting to send AUTHENTICATE command to IMAP server: %s", ++ Username, ClientAddr, portstr, strerror( errno ) ); ++ goto fail; ++ } ++ } + /* + * Send the login command off to the IMAP server. Have to treat a literal + * password different. + */ +- if ( LiteralPasswd ) ++ else if ( LiteralPasswd ) + { + snprintf( SendBuf, BufLen, "A0001 LOGIN %s {%d}\r\n", + Username, strlen( Password ) ); + if ( IMAP_Write( Server.conn, SendBuf, strlen(SendBuf) ) == -1 ) diff --git a/mail/imapproxy/patches/patch-src_main.c b/mail/imapproxy/patches/patch-src_main.c new file mode 100644 index 00000000000..46bd51e4e24 --- /dev/null +++ b/mail/imapproxy/patches/patch-src_main.c @@ -0,0 +1,66 @@ +$NetBSD: patch-src_main.c,v 1.3 2020/04/16 14:03:29 manu Exp $ + +From upstream: +Negotiate highest TLS protocol possible, with TLSv1.0 being the minium. + +Local patch: +Fixes to build with OpenSSL 1.1.1 + +--- src/main.c.orig 2010-07-26 09:21:19.000000000 +0200 ++++ src/main.c 2020-04-16 15:44:18.020665162 +0200 +@@ -470,26 +470,36 @@ + + /* Set up OpenSSL thread protection */ + ssl_thread_setup(fn); + ++ + /* Need to seed PRNG, too! */ ++# ifndef OPENSSL_NO_EGD + if ( RAND_egd( ( RAND_file_name( f_randfile, sizeof( f_randfile ) ) == f_randfile ) ? f_randfile : "/.rnd" ) ) ++#endif + { + /* Not an EGD, so read and write it. */ + if ( RAND_load_file( f_randfile, -1 ) ) + RAND_write_file( f_randfile ); + } + + SSL_load_error_strings(); +- tls_ctx = SSL_CTX_new( TLSv1_client_method() ); ++ ++ /* ++ * Despite its name, SSLv23_client_method() negociates highest ++ * version possible, which includes TLSv1.0, TLSv1.1, and TLSv1.2. ++ * SSLv2 and SSLv3 are disabled using SSL_OP_NO_SSLv2 and ++ * SSL_OP_NO_SSLv3 below. ++ */ ++ tls_ctx = SSL_CTX_new( SSLv23_client_method() ); + if ( tls_ctx == NULL ) +- { ++ { + syslog(LOG_ERR, "%s: Failed to create new SSL_CTX. Exiting.", fn); + exit( 1 ); + } +- +- /* Work around all known bugs */ +- SSL_CTX_set_options( tls_ctx, SSL_OP_ALL ); ++ ++ /* Work around all known bugs, disable SSLv2 and SSLv3 */ ++ SSL_CTX_set_options( tls_ctx, SSL_OP_ALL | SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3 ); + + if ( ! SSL_CTX_load_verify_locations( tls_ctx, + PC_Struct.tls_ca_file, + PC_Struct.tls_ca_path ) || +@@ -1380,11 +1390,11 @@ + ok = 0; + verify_error = X509_V_ERR_CERT_CHAIN_TOO_LONG; + } + } +- switch (ctx->error) { ++ switch (X509_STORE_CTX_get_error(ctx)) { + case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT: +- X509_NAME_oneline(X509_get_issuer_name(ctx->current_cert), buf, sizeof(buf)); ++ X509_NAME_oneline(X509_get_issuer_name(X509_STORE_CTX_get_current_cert(ctx)), buf, sizeof(buf)); + syslog(LOG_NOTICE, "issuer= %s", buf); + break; + case X509_V_ERR_CERT_NOT_YET_VALID: + case X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD: |