From a9f883cbc28b865d312918368772627cf9610a2f Mon Sep 17 00:00:00 2001
From: Mark Andrews <marka@isc.org>
Date: Tue, 16 Mar 2021 21:58:55 +0000
Subject: [PATCH] Stop using deprecated calls in lib/isc/tls.c

from Rosen Penev @neheb
---
 lib/isc/tls.c | 10 ++++++++++
 1 file changed, 10 insertions(+)

--- a/lib/isc/tls.c
+++ b/lib/isc/tls.c
@@ -12,10 +12,12 @@
 #include <inttypes.h>
 #include <nghttp2/nghttp2.h>
 
+#include <openssl/bn.h>
 #include <openssl/conf.h>
 #include <openssl/err.h>
 #include <openssl/opensslv.h>
 #include <openssl/rand.h>
+#include <openssl/rsa.h>
 
 #include <isc/atomic.h>
 #include <isc/log.h>
@@ -274,11 +276,19 @@ isc_tlsctx_createserver(const char *keyf
 		rsa = NULL;
 		ASN1_INTEGER_set(X509_get_serialNumber(cert), 1);
 
+#if OPENSSL_VERSION_NUMBER < 0x10101000L
 		X509_gmtime_adj(X509_get_notBefore(cert), 0);
+#else
+		X509_gmtime_adj(X509_getm_notBefore(cert), 0);
+#endif
 		/*
 		 * We set the vailidy for 10 years.
 		 */
+#if OPENSSL_VERSION_NUMBER < 0x10101000L
 		X509_gmtime_adj(X509_get_notAfter(cert), 3650 * 24 * 3600);
+#else
+		X509_gmtime_adj(X509_getm_notAfter(cert), 3650 * 24 * 3600);
+#endif
 
 		X509_set_pubkey(cert, pkey);