Fix autoca build with OpenSSL 1.1.0

[openldap] / servers / slapd / overlays / autoca.c

diff --git a/servers/slapd/overlays/autoca.c b/servers/slapd/overlays/autoca.c
index a72e798a01bce0a1e9b0de8774d6c6865b424fb5..bcd62898a27a80abef39d8dc4bbd15af69a55a95 100644 (file)
--- a/servers/slapd/overlays/autoca.c
+++ b/servers/slapd/overlays/autoca.c
@@ -37,6 +37,15 @@
 #include <openssl/x509v3.h>
 #include <openssl/evp.h>
 
+/* Starting with OpenSSL 1.1.0, rsa.h is no longer included in
+ * x509.h, so we need to explicitly include it for the
+ * call to EVP_PKEY_CTX_set_rsa_keygen_bits
+ */
+
+#if OPENSSL_VERSION_NUMBER >= 0x10100000
+#include <openssl/rsa.h>
+#endif
+
 /* This overlay implements a certificate authority that can generate
  * certificates automatically for any entry in the directory.
  * On startup it generates a self-signed CA cert for the directory's