Index | Thread | Search

From:
Stuart Henderson <stu@spacehopper.org>
Subject:
Re: sylpheed: use ASN1_STRING_get0_data()
To:
Theo Buehler <tb@theobuehler.org>
Cc:
ports@openbsd.org, amit.obsd@gmail.com
Date:
Wed, 28 Jan 2026 14:38:53 +0000

Download raw body.

Thread 
On 2026/01/28 12:38, Theo Buehler wrote:
> ASN1_STRING_data() has been deprecated since OpenSSL 1.1.0 in favor of
> ASN1_STRING_get0_data() with better const semantics. It was removed from
> OpenSSL and LibreSSL will soon do the same. I'll send the simple patch
> below upstream as well.

ok.

upstream development seems to be at a very relaxed place, but seems
to not actually be abandoned yet - "I will continue to develop Sylpheed"
at https://www.sraoss.jp/pipermail/sylpheed/2025-September/007300.html

> Index: Makefile
> ===================================================================
> RCS file: /cvs/ports/mail/sylpheed/Makefile,v
> diff -u -p -r1.131 Makefile
> --- Makefile	19 Dec 2025 13:42:07 -0000	1.131
> +++ Makefile	28 Jan 2026 11:32:58 -0000
> @@ -1,7 +1,7 @@
>  COMMENT =		lightweight and user-friendly e-mail client
>  
>  DISTNAME =		sylpheed-3.7.0
> -REVISION =		8
> +REVISION =		9
>  
>  SHARED_LIBS += 	 	sylph-0                   4.1 # 4.0
>  SHARED_LIBS += 		sylpheed-plugin-0         4.0 # 4.0
> Index: patches/patch-libsylph_ssl_hostname_validation_c
> ===================================================================
> RCS file: patches/patch-libsylph_ssl_hostname_validation_c
> diff -N patches/patch-libsylph_ssl_hostname_validation_c
> --- /dev/null	1 Jan 1970 00:00:00 -0000
> +++ patches/patch-libsylph_ssl_hostname_validation_c	28 Jan 2026 11:33:38 -0000
> @@ -0,0 +1,32 @@
> +Use ASN1_STRING_get0_data() instead of the deprecated ASN1_STRING_data()
> +
> +Index: libsylph/ssl_hostname_validation.c
> +--- libsylph/ssl_hostname_validation.c.orig
> ++++ libsylph/ssl_hostname_validation.c
> +@@ -167,7 +167,7 @@ static SSLHostnameValidationResult matches_common_name
> + 	int common_name_loc = -1;
> + 	X509_NAME_ENTRY *common_name_entry = NULL;
> + 	ASN1_STRING *common_name_asn1 = NULL;
> +-	char *common_name_str = NULL;
> ++	const char *common_name_str = NULL;
> + 
> + 	// Find the position of the CN field in the Subject field of the certificate
> + 	common_name_loc = X509_NAME_get_index_by_NID(X509_get_subject_name((X509 *) server_cert), NID_commonName, -1);
> +@@ -186,7 +186,7 @@ static SSLHostnameValidationResult matches_common_name
> + 	if (common_name_asn1 == NULL) {
> + 		return SSL_HOSTNAME_ERROR;
> + 	}			
> +-	common_name_str = (char *) ASN1_STRING_data(common_name_asn1);
> ++	common_name_str = (const char *) ASN1_STRING_get0_data(common_name_asn1);
> + 
> + 	debug_print("matches_common_name: %s\n", common_name_str);
> + 
> +@@ -227,7 +227,7 @@ static SSLHostnameValidationResult matches_subject_alt
> + 
> + 		if (current_name->type == GEN_DNS) {
> + 			// Current name is a DNS name, let's check it
> +-			char *dns_name = (char *) ASN1_STRING_data(current_name->d.dNSName);
> ++			const char *dns_name = (const char *) ASN1_STRING_get0_data(current_name->d.dNSName);
> + 
> + 			debug_print("matches_subject_alternative_name: %s\n", dns_name);
> + 
>