Description: Fix OpenSSL 1.1 detection and access to now opaque structures.
 Amended 2024-08-06 by mirabilos <tg@debian.org> to use the right API.
Bug-Debian: https://bugs.debian.org/845035
Author: Axel Beckert <abe@debian.org>
Forwarded: http://lists.dillo.org/pipermail/dillo-dev/2017-September/011076.html

--- a/configure.ac
+++ b/configure.ac
@@ -286,7 +286,7 @@
 
   if test "x$ssl_ok" = "xyes"; then
     old_libs="$LIBS"
-    AC_CHECK_LIB(ssl, SSL_library_init, ssl_ok=yes, ssl_ok=no, -lcrypto)
+    AC_CHECK_LIB(ssl, SSL_new, ssl_ok=yes, ssl_ok=no, -lcrypto)
     LIBS="$old_libs"
   fi
 
--- a/dpi/https.c
+++ b/dpi/https.c
@@ -476,7 +476,8 @@ static int handle_certificate_problem(SS
       case X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT:
          /*Either self signed and untrusted*/
          /*Extract CN from certificate name information*/
-         if ((cn = strstr(remote_cert->name, "/CN=")) == NULL) {
+         X509_NAME_oneline(X509_get_subject_name(remote_cert), buf, (int)sizeof(buf));
+         if ((cn = strstr(buf, "/CN=")) == NULL) {
             strcpy(buf, "(no CN given)");
          } else {
             char *cn_end;
@@ -486,7 +487,7 @@ static int handle_certificate_problem(SS
             if ((cn_end = strstr(cn, "/")) == NULL )
                cn_end = cn + strlen(cn);
 
-            strncpy(buf, cn, (size_t) (cn_end - cn));
+            memmove(buf, cn, (size_t) (cn_end - cn));
             buf[cn_end - cn] = '\0';
          }
          msg = dStrconcat("The remote certificate is self-signed and "