Skip to content

ssl_verify_openssl: use official ASN1_STRING_ API#1003

Open
heitbaum wants to merge 1 commit intoOpenVPN:masterfrom
heitbaum:ssl
Open

ssl_verify_openssl: use official ASN1_STRING_ API#1003
heitbaum wants to merge 1 commit intoOpenVPN:masterfrom
heitbaum:ssl

Conversation

@heitbaum
Copy link
Contributor

@heitbaum heitbaum commented Mar 22, 2026
edited
Loading

ASN1_STRING are now opaque types in OpenSSL 4.x — the internal data and length fields are no longer directly accessible. Use the accessor API instead. Accessors have been available since OpenSSL 1.1.0

The ASN1_STRING_length accessor is already in use, but not consistently applied. Standardise on using ASN1_STRING_length and ASN1_STRING_get0_data which allows for successful build of OpenSSL 4.x

https://sourceforge.net/p/openvpn/mailman/message/59311895/

@heitbaum
ssl_verify_openssl: use official ASN1_STRING_ API
17b35e1 
ASN1_STRING are now opaque types in OpenSSL 4.x — the internal data and
length fields are no longer directly accessible. Use the accessor API
instead. Accessors have been available since OpenSSL 1.1.0

The ASN1_STRING_length accessor is already in use, but not consistently
applied. Standardise on using ASN1_STRING_length and ASN1_STRING_get0_data
which allows for successful build of OpenSSL 4.x

Signed-off-by: Rudi Heitbaum <rudi@heitbaum.com>
@heitbaum
Copy link
Contributor Author

heitbaum commented Mar 22, 2026

If this patch and 6606062 could be backported to 2.7 (allows for upcoming OpenSSL 4.x.)

@heitbaum heitbaum mentioned this pull request Mar 22, 2026
Draft
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@heitbaum