From d69cd438773cdb5bd07c9c9da07991ef9952dfc3 Mon Sep 17 00:00:00 2001
From: Christoph Huber <c.huber@commend.com>
Date: Thu, 13 Aug 2020 10:51:25 +0200
Subject: [PATCH 1/2] openssl, tls: replace deprecated openssl 1.1.0 functions

---
 src/main/openssl.c    | 9 +++++++++
 src/tls/openssl/tls.c | 6 ++++++
 2 files changed, 15 insertions(+)

diff --git a/src/main/openssl.c b/src/main/openssl.c
index dfeb91ea9..9e2d5b95b 100644
--- a/src/main/openssl.c
+++ b/src/main/openssl.c
@@ -149,8 +149,15 @@ int openssl_init(void)
 	(void)signal(SIGPIPE, sigpipe_handler);
 #endif
 
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
+    int err;
+    err = OPENSSL_init_ssl(OPENSSL_INIT_SSL_DEFAULT, NULL);
+    if (!err)
+	    return !err;
+#else
 	SSL_library_init();
 	SSL_load_error_strings();
+#endif
 
 	return 0;
 }
@@ -158,7 +165,9 @@ int openssl_init(void)
 
 void openssl_close(void)
 {
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
 	ERR_free_strings();
+#endif
 #if defined (HAVE_PTHREAD) && (OPENSSL_VERSION_NUMBER < 0x10100000L)
 	lockv = mem_deref(lockv);
 #endif
diff --git a/src/tls/openssl/tls.c b/src/tls/openssl/tls.c
index 85e2fd411..432476e9e 100644
--- a/src/tls/openssl/tls.c
+++ b/src/tls/openssl/tls.c
@@ -291,9 +291,15 @@ int tls_set_selfsigned(struct tls *tls, const char *cn)
 	    !X509_set_subject_name(cert, subj))
 		goto out;
 
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
+    if (!X509_gmtime_adj(X509_getm_notBefore(cert), -3600*24*365) ||
+        !X509_gmtime_adj(X509_getm_notAfter(cert),   3600*24*365*10))
+        goto out;
+#else
 	if (!X509_gmtime_adj(X509_get_notBefore(cert), -3600*24*365) ||
 	    !X509_gmtime_adj(X509_get_notAfter(cert),   3600*24*365*10))
 		goto out;
+#endif
 
 	if (!X509_set_pubkey(cert, key))
 		goto out;

From 8f1f84ae008c5ac38912437502199d0c081f6320 Mon Sep 17 00:00:00 2001
From: Christoph Huber <c.huber@commend.com>
Date: Fri, 14 Aug 2020 10:09:45 +0200
Subject: [PATCH 2/2] openssl, tls: convert spaces to tabs

---
 src/main/openssl.c    | 8 ++++----
 src/tls/openssl/tls.c | 6 +++---
 2 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/src/main/openssl.c b/src/main/openssl.c
index 9e2d5b95b..96e3b5c68 100644
--- a/src/main/openssl.c
+++ b/src/main/openssl.c
@@ -150,10 +150,10 @@ int openssl_init(void)
 #endif
 
 #if OPENSSL_VERSION_NUMBER >= 0x10100000L
-    int err;
-    err = OPENSSL_init_ssl(OPENSSL_INIT_SSL_DEFAULT, NULL);
-    if (!err)
-	    return !err;
+	int err;
+	err = OPENSSL_init_ssl(OPENSSL_INIT_SSL_DEFAULT, NULL);
+	if (!err)
+		return !err;
 #else
 	SSL_library_init();
 	SSL_load_error_strings();
diff --git a/src/tls/openssl/tls.c b/src/tls/openssl/tls.c
index 432476e9e..785c49c8e 100644
--- a/src/tls/openssl/tls.c
+++ b/src/tls/openssl/tls.c
@@ -292,9 +292,9 @@ int tls_set_selfsigned(struct tls *tls, const char *cn)
 		goto out;
 
 #if OPENSSL_VERSION_NUMBER >= 0x10100000L
-    if (!X509_gmtime_adj(X509_getm_notBefore(cert), -3600*24*365) ||
-        !X509_gmtime_adj(X509_getm_notAfter(cert),   3600*24*365*10))
-        goto out;
+	if (!X509_gmtime_adj(X509_getm_notBefore(cert), -3600*24*365) ||
+	    !X509_gmtime_adj(X509_getm_notAfter(cert),   3600*24*365*10))
+		goto out;
 #else
 	if (!X509_gmtime_adj(X509_get_notBefore(cert), -3600*24*365) ||
 	    !X509_gmtime_adj(X509_get_notAfter(cert),   3600*24*365*10))