make sure this works with latest openssl

src/keymgr.c

@@ -142,7 +142,7 @@ struct acme_order {
 	char			*domain;
 };
 
-static char	*keymgr_bignum_base64(BIGNUM *);
+static char	*keymgr_bignum_base64(const BIGNUM *);
 
 static void	keymgr_acme_init(void);
 static void	keymgr_acme_sign(struct kore_msg *, const void *);
@@ -678,9 +678,11 @@ keymgr_ecdsa_sign(struct kore_msg *msg, const void *data, struct key *key)
 static void
 keymgr_acme_init(void)
 {
+	RSA		*rsa;
 	struct key	*key;
 	char		*e, *n;
 	int		needsreg;
+	const BIGNUM	*be, *bn;
 
 	if (acme_provider == NULL)
 		return;
@@ -703,9 +705,18 @@ keymgr_acme_init(void)
 		kore_log(LOG_INFO, "loaded existing ACME account key");
 	}
 
-	/* XXX - OpenSSL 1.1.x probably denies us doing this. */
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
-	e = keymgr_bignum_base64(key->pkey->pkey.rsa->e);
+	rsa = EVP_PKEY_get0_RSA(key->pkey);
-	n = keymgr_bignum_base64(key->pkey->pkey.rsa->n);
+	be = RSA_get0_e(rsa);
+	bn = RSA_get0_n(rsa);
+#else
+	rsa = key->pkey->pkey.rsa;
+	be = rsa->e;
+	bn = rsa->n;
+#endif
+
+	e = keymgr_bignum_base64(be);
+	n = keymgr_bignum_base64(bn);
 
 	kore_msg_send(KORE_WORKER_ACME, KORE_ACME_RSAKEY_E, e, strlen(e));
 	kore_msg_send(KORE_WORKER_ACME, KORE_ACME_RSAKEY_N, n, strlen(n));
@@ -970,7 +981,7 @@ keymgr_x509_ext(X509 *x509, int extnid, const char *fmt, ...)
 }
 
 static char *
-keymgr_bignum_base64(BIGNUM *bn)
+keymgr_bignum_base64(const BIGNUM *bn)
 {
 	int		len;
 	void		*buf;