From 08981f8d752ad23e21887b42944783e843b2e281 Mon Sep 17 00:00:00 2001
From: Azat Khuzhin <azat@libevent.org>
Date: Sun, 5 Jan 2020 19:02:22 +0300
Subject: [PATCH] Fix compilation without OPENSSL_API_COMPAT

Use the following for openssl 1.1+:
- X509_getm_notBefore over X509_get_notBefore
- X509_getm_notAfter  over X509_get_notAfter
- use OPENSSL_VERSION_NUMBER over SSLeay()
- add missing headers

Refs: openssl/openssl@0b7347effee5
---
 openssl-compat.h   | 3 +++
 sample/becat.c     | 7 +++++--
 test/regress_ssl.c | 8 ++++----
 3 files changed, 12 insertions(+), 6 deletions(-)

diff --git a/openssl-compat.h b/openssl-compat.h
index 5d91ac64..a23e3425 100644
--- a/openssl-compat.h
+++ b/openssl-compat.h
@@ -34,6 +34,9 @@ static inline BIO_METHOD *BIO_meth_new(int type, const char *name)
 
 #define TLS_method SSLv23_method
 
+#define X509_getm_notBefore X509_get_notBefore
+#define X509_getm_notAfter X509_get_notAfter
+
 #endif /* (OPENSSL_VERSION_NUMBER < 0x10100000L) || \
 	(defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x20700000L) */
 
diff --git a/sample/becat.c b/sample/becat.c
index bc453db4..ade77c27 100644
--- a/sample/becat.c
+++ b/sample/becat.c
@@ -14,6 +14,9 @@
 
 #include <event2/bufferevent_ssl.h>
 #include <openssl/ssl.h>
+#include <openssl/rsa.h>
+#include <openssl/bn.h>
+#include <openssl/x509.h>
 #include <openssl/err.h>
 #include "openssl-compat.h"
 
@@ -201,9 +204,9 @@ static int ssl_load_cert(struct ssl_context *ssl)
 
 	ASN1_INTEGER_set(X509_get_serialNumber(ssl->cert), 1);
 
-	X509_gmtime_adj(X509_get_notBefore(ssl->cert), 0);
+	X509_gmtime_adj(X509_getm_notBefore(ssl->cert), 0);
 	/** 1 year lifetime */
-	X509_gmtime_adj(X509_get_notAfter(ssl->cert),
+	X509_gmtime_adj(X509_getm_notAfter(ssl->cert),
 		(long)time(NULL) + 365 * 86400);
 
 	X509_set_pubkey(ssl->cert, ssl->pkey);
diff --git a/test/regress_ssl.c b/test/regress_ssl.c
index 68c28114..4b91f11d 100644
--- a/test/regress_ssl.c
+++ b/test/regress_ssl.c
@@ -148,9 +148,9 @@ ssl_getcert(EVP_PKEY *key)
 	X509_set_issuer_name(x509, name);
 	X509_NAME_free(name);
 
-	X509_time_adj(X509_get_notBefore(x509), 0, &now);
+	X509_time_adj(X509_getm_notBefore(x509), 0, &now);
 	now += 3600;
-	X509_time_adj(X509_get_notAfter(x509), 0, &now);
+	X509_time_adj(X509_getm_notAfter(x509), 0, &now);
 	X509_set_pubkey(x509, key);
 	tt_assert(0 != X509_sign(x509, key, EVP_sha1()));
 
@@ -469,8 +469,8 @@ regress_bufferevent_openssl(void *arg)
 	type = (enum regress_openssl_type)data->setup_data;
 
 	if (type & REGRESS_OPENSSL_RENEGOTIATE) {
-		if (SSLeay() >= 0x10001000 &&
-		    SSLeay() <  0x1000104f) {
+		if (OPENSSL_VERSION_NUMBER >= 0x10001000 &&
+		    OPENSSL_VERSION_NUMBER <  0x1000104f) {
 			/* 1.0.1 up to 1.0.1c has a bug where TLS1.1 and 1.2
 			 * can't renegotiate with themselves. Disable. */
 			disable_tls_11_and_12 = 1;
-- 
2.40.0