From dcb5f3df82fcfec48aab356252067dc897fb98cf Mon Sep 17 00:00:00 2001
From: Alexey Sokolov <alexey+znc@asokolov.org>
Date: Sun, 14 Nov 2021 00:45:01 +0000
Subject: [PATCH] Fix build with libressl

It got another feature of openssl implemented, which broke this
---
 CMakeLists.txt                   | 14 ++++++++++++++
 include/znc/zncconfig.h.cmake.in |  1 +
 modules/schat.cpp                |  3 +--
 3 files changed, 16 insertions(+), 2 deletions(-)

diff --git a/CMakeLists.txt b/CMakeLists.txt
index 0913ff2691..1f77f5632b 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -82,6 +82,20 @@ endmacro()
 tristate_option(OPENSSL "Support SSL")
 if(WANT_OPENSSL)
 	find_package(OpenSSL ${TRISTATE_OPENSSL_REQUIRED})
+
+	if(OPENSSL_FOUND)
+		# SSL_SESSION was made opaque in OpenSSL 1.1.0;
+		# LibreSSL gained that function later too.
+		# TODO: maybe remove this check at some point, and stop supporting old
+		# libssl versions
+		function(check_SSL_SESSION_get0_cipher)
+			set(CMAKE_REQUIRED_LIBRARIES ${OPENSSL_LIBRARIES})
+			set(CMAKE_REQUIRED_INCLUDES ${OPENSSL_INCLUDE_DIR})
+			check_cxx_symbol_exists(SSL_SESSION_get0_cipher openssl/ssl.h
+				HAVE_SSL_SESSION_get0_cipher)
+		endfunction()
+		check_SSL_SESSION_get0_cipher()
+	endif()
 endif()
 set(HAVE_LIBSSL "${OPENSSL_FOUND}")
 
diff --git a/include/znc/zncconfig.h.cmake.in b/include/znc/zncconfig.h.cmake.in
index 5426b828af..7b07b99aec 100644
--- a/include/znc/zncconfig.h.cmake.in
+++ b/include/znc/zncconfig.h.cmake.in
@@ -31,6 +31,7 @@
 #define HAVE_PTHREAD 1
 #cmakedefine HAVE_THREADED_DNS 1
 #cmakedefine HAVE_LIBSSL 1
+#cmakedefine HAVE_SSL_SESSION_get0_cipher 1
 #cmakedefine HAVE_IPV6 1
 #cmakedefine HAVE_ZLIB 1
 #cmakedefine HAVE_I18N 1
diff --git a/modules/schat.cpp b/modules/schat.cpp
index aa7a338dcd..66e67e695c 100644
--- a/modules/schat.cpp
+++ b/modules/schat.cpp
@@ -25,8 +25,7 @@
 #include <znc/User.h>
 #include <znc/IRCNetwork.h>
 
-#if !defined(OPENSSL_VERSION_NUMBER) || defined(LIBRESSL_VERSION_NUMBER) || \
-    OPENSSL_VERSION_NUMBER < 0x10100007
+#ifndef HAVE_SSL_SESSION_get0_cipher
 /* SSL_SESSION was made opaque in OpenSSL 1.1.0, cipher accessor was added 2
 weeks before the public release.
 See openssl/openssl@e92813234318635639dba0168c7ef5568757449b. */