bug 4706 - OpenSSL 1.0 compatibility

1 files changed, 14 insertions, 2 deletions

diff --git a/cpp/src/IceSSL/Instance.cpp b/cpp/src/IceSSL/Instance.cpp
index 48060b2324c..cefe5f27be8 100644
--- a/cpp/src/IceSSL/Instance.cpp
+++ b/cpp/src/IceSSL/Instance.cpp
@@ -199,6 +199,12 @@ IceSSL::Instance::Instance(const CommunicatorPtr& communicator) :
         SSL_library_init();
 
         //
+        // This is necessary to allow programs that use OpenSSL 0.9.x to
+        // load private key files generated by OpenSSL 1.x.
+        //
+        OpenSSL_add_all_algorithms();
+
+        //
         // Initialize the PRNG.
         //
 #ifdef WINDOWS
@@ -291,7 +297,7 @@ IceSSL::Instance::~Instance()
     if(--instanceCount == 0)
     {
         //
-        // NOTE: We can't destroy the locks here: threads wich might have called openssl methods
+        // NOTE: We can't destroy the locks here: threads which might have called openssl methods
         // might access openssl locks upon termination (from DllMain/THREAD_DETACHED). Instead, 
         // we release the locks in the ~Init() static destructor. See bug #4156.
         //
@@ -1058,7 +1064,13 @@ IceSSL::Instance::traceConnection(SSL* ssl, bool incoming)
 {
     Trace out(_logger, _securityTraceCategory);
     out << "SSL summary for " << (incoming ? "incoming" : "outgoing") << " connection\n";
-    SSL_CIPHER* cipher = SSL_get_current_cipher(ssl);
+#if OPENSSL_VERSION_NUMBER >= 0x10000000L
+    const SSL_CIPHER *cipher;
+#else
+    SSL_CIPHER *cipher;
+#endif
+
+    cipher = SSL_get_current_cipher(ssl);
     if(!cipher)
     {
         out << "unknown cipher\n";