Replace EVP_PKEY_cmp with EVP_PKEY_eq

EVP_PKEY_cmp was made obsolete in OpenSSL. The main reason is that the return value is not coherent with other *_cmp functions. So it was replaced by EVP_PKEY_eq, which does the same. Rename to avoid a deprecation warning on newer OpenSSL releases. Signed-off-by: Frediano Ziglio <freddy77@gmail.com>
2025-12-31 19:45:43 +00:00 · 2022-05-18 12:57:06 +01:00 · 2022-05-18 12:57:06 +01:00 · 58d375e5ea
commit 58d375e5ea
parent 8a19611049
1 changed files with 4 additions and 0 deletions
--- a/common/ssl_verify.c
+++ b/common/ssl_verify.c
@ -72,7 +72,11 @@ static int verify_pubkey(X509* cert, const char *key, size_t key_size)
        goto finish;
    }

+#if OPENSSL_VERSION_NUMBER >= 0x30000000
+    ret = EVP_PKEY_eq(orig_pubkey, cert_pubkey);
+#else
    ret = EVP_PKEY_cmp(orig_pubkey, cert_pubkey);
+#endif

    if (ret == 1) {
        spice_debug("public keys match");