From 58678ff0ad3e8fe767f3f405970c921181062e6f Mon Sep 17 00:00:00 2001
From: Joris Vink <joris@coders.se>
Date: Mon, 28 Oct 2019 09:58:58 +0100
Subject: [PATCH] make sure this works with latest openssl

---
 src/keymgr.c | 21 ++++++++++++++++-----
 1 file changed, 16 insertions(+), 5 deletions(-)

diff --git a/src/keymgr.c b/src/keymgr.c
index 4f6c7ac..89fb8a8 100644
--- a/src/keymgr.c
+++ b/src/keymgr.c
@@ -142,7 +142,7 @@ struct acme_order {
 	char			*domain;
 };
 
-static char	*keymgr_bignum_base64(BIGNUM *);
+static char	*keymgr_bignum_base64(const BIGNUM *);
 
 static void	keymgr_acme_init(void);
 static void	keymgr_acme_sign(struct kore_msg *, const void *);
@@ -678,9 +678,11 @@ keymgr_ecdsa_sign(struct kore_msg *msg, const void *data, struct key *key)
 static void
 keymgr_acme_init(void)
 {
+	RSA		*rsa;
 	struct key	*key;
 	char		*e, *n;
 	int		needsreg;
+	const BIGNUM	*be, *bn;
 
 	if (acme_provider == NULL)
 		return;
@@ -703,9 +705,18 @@ keymgr_acme_init(void)
 		kore_log(LOG_INFO, "loaded existing ACME account key");
 	}
 
-	/* XXX - OpenSSL 1.1.x probably denies us doing this. */
-	e = keymgr_bignum_base64(key->pkey->pkey.rsa->e);
-	n = keymgr_bignum_base64(key->pkey->pkey.rsa->n);
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
+	rsa = EVP_PKEY_get0_RSA(key->pkey);
+	be = RSA_get0_e(rsa);
+	bn = RSA_get0_n(rsa);
+#else
+	rsa = key->pkey->pkey.rsa;
+	be = rsa->e;
+	bn = rsa->n;
+#endif
+
+	e = keymgr_bignum_base64(be);
+	n = keymgr_bignum_base64(bn);
 
 	kore_msg_send(KORE_WORKER_ACME, KORE_ACME_RSAKEY_E, e, strlen(e));
 	kore_msg_send(KORE_WORKER_ACME, KORE_ACME_RSAKEY_N, n, strlen(n));
@@ -970,7 +981,7 @@ keymgr_x509_ext(X509 *x509, int extnid, const char *fmt, ...)
 }
 
 static char *
-keymgr_bignum_base64(BIGNUM *bn)
+keymgr_bignum_base64(const BIGNUM *bn)
 {
 	int		len;
 	void		*buf;