fix changed dh structure in openssl 3. Change include order so that we can set compatibility symbols in the generated code

macros/ax_nagios_get_ssl

@@ -296,7 +296,7 @@ if test x$SSL_TYPE != xNONE; then
 				echo "*** Generating DH Parameters for SSL/TLS ***"
 				# OpenSSL 3 removes dhparam -C
 				# check version and use our own parser if needed
-				nagios_ssl_major_version=`$sslbin version | awk '{print $2}' | cut -d. -f1`
+				nagios_ssl_major_version=`$sslbin version | cut -d' ' -f2 | cut -d. -f1`
 
 				if test "x$nagios_ssl_major_version" = "x3"; then
 					$CC src/print_c_code.c -o src/print_c_code

src/nrpe.c

@@ -35,16 +35,18 @@
  ****************************************************************************/
 
 #include "config.h"
-#include "common.h"
-#include "nrpe.h"
-#include "utils.h"
-#include "acl.h"
 
 #ifdef HAVE_SSL
 # ifdef USE_SSL_DH
 #  include "../include/dh.h"
 # endif
 #endif
+
+#include "common.h"
+#include "nrpe.h"
+#include "utils.h"
+#include "acl.h"
+
 #ifndef HAVE_ASPRINTF
 extern int asprintf(char **ptr, const char *format, ...);
 #endif

src/print_c_code.c

@@ -131,7 +131,7 @@ int main() {
 	// Print the first part of the C code:
 
 	printf("#ifndef HEADER_DH_H\n"
-		"#define OPENSSL_API_COMPAT 10101\n"
+		"#define OPENSSL_API_COMPAT 10002\n"
 		"#define OPENSSL_NO_DEPRECATED\n"
 		"#include <openssl/dh.h>\n"
 		"#endif\n"
@@ -163,9 +163,12 @@ int main() {
 		"\tDH *dh;\n"
 		"\n"
 		"\tif ((dh=DH_new()) == NULL) return(NULL);\n"
-		"\tdh->p=BN_bin2bn(dh2048_p,sizeof(dh2048_p),NULL);\n"
-		"\tdh->g=BN_bin2bn(dh2048_g,sizeof(dh2048_g),NULL);\n"
-		"\tif ((dh->p == NULL) || (dh->g == NULL))\n"
+		"\tBIGNUM *p=BN_bin2bn(dh2048_p,sizeof(dh2048_p),NULL);\n"
+		"\tBIGNUM *g=BN_bin2bn(dh2048_g,sizeof(dh2048_g),NULL);\n"
+		"\tif ((p == NULL) || (g == NULL))\n"
+		"\t\t{ DH_free(dh); return(NULL); }\n"
+		"\tint result = DH_set0_pqg(dh, p, NULL, g);\n"
+		"\tif (result == 0)"
 		"\t\t{ DH_free(dh); return(NULL); }\n"
 		"\treturn(dh);\n"
 		"}\n");