Fix some openssl 1.1.0 deprecated functions

replace OPENSSL_config with OPENSSL_init_crypto and ASN1_STRING_data
with ASN1_STRING_get0_data

Signed-off-by: James Bottomley <James.Bottomley@HansenPartnership.com>
diff --git a/src/idc.c b/src/idc.c
index 236cefd..6d87bd4 100644
--- a/src/idc.c
+++ b/src/idc.c
@@ -238,7 +238,11 @@
 
 	/* extract the idc from the signed PKCS7 'other' data */
 	str = p7->d.sign->contents->d.other->value.asn1_string;
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
 	idcbuf = buf = ASN1_STRING_data(str);
+#else
+	idcbuf = buf = ASN1_STRING_get0_data(str);
+#endif
 	idc = d2i_IDC(NULL, &buf, ASN1_STRING_length(str));
 
 	/* If we were passed a BIO, write the idc data, minus type and length,
@@ -289,7 +293,11 @@
 	}
 
 	/* check hash against the one we calculated from the image */
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
 	buf = ASN1_STRING_data(str);
+#else
+	buf = ASN1_STRING_get0_data(str);
+#endif
 	if (memcmp(buf, sha, sizeof(sha))) {
 		fprintf(stderr, "Hash doesn't match image\n");
 		fprintf(stderr, " got:       %s\n", sha256_str(buf));
diff --git a/src/sbattach.c b/src/sbattach.c
index a0c01b8..809e24c 100644
--- a/src/sbattach.c
+++ b/src/sbattach.c
@@ -233,7 +233,11 @@
 
 	ERR_load_crypto_strings();
 	OpenSSL_add_all_digests();
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
 	OPENSSL_config(NULL);
+#else
+	OPENSSL_init_crypto(OPENSSL_INIT_LOAD_CONFIG, NULL);
+#endif
 	/* here we may get highly unlikely failures or we'll get a
 	 * complaint about FIPS signatures (usually becuase the FIPS
 	 * module isn't present).  In either case ignore the errors
diff --git a/src/sbkeysync.c b/src/sbkeysync.c
index 7b17f40..1f37118 100644
--- a/src/sbkeysync.c
+++ b/src/sbkeysync.c
@@ -208,7 +208,11 @@
 		goto out;
 
 	key->id_len = ASN1_STRING_length(serial);
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
 	key->id = talloc_memdup(key, ASN1_STRING_data(serial), key->id_len);
+#else
+	key->id = talloc_memdup(key, ASN1_STRING_get0_data(serial), key->id_len);
+#endif
 
 	key->description = talloc_array(key, char, description_len);
 	X509_NAME_oneline(X509_get_subject_name(x509),
@@ -930,7 +934,11 @@
 	ERR_load_crypto_strings();
 	OpenSSL_add_all_digests();
 	OpenSSL_add_all_ciphers();
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
 	OPENSSL_config(NULL);
+#else
+	OPENSSL_init_crypto(OPENSSL_INIT_LOAD_CONFIG, NULL);
+#endif
 	/* here we may get highly unlikely failures or we'll get a
 	 * complaint about FIPS signatures (usually becuase the FIPS
 	 * module isn't present).  In either case ignore the errors
diff --git a/src/sbsign.c b/src/sbsign.c
index 92607a7..898fe66 100644
--- a/src/sbsign.c
+++ b/src/sbsign.c
@@ -234,7 +234,11 @@
 	ERR_load_BIO_strings();
 	OpenSSL_add_all_digests();
 	OpenSSL_add_all_ciphers();
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
 	OPENSSL_config(NULL);
+#else
+	OPENSSL_init_crypto(OPENSSL_INIT_LOAD_CONFIG, NULL);
+#endif
 	/* here we may get highly unlikely failures or we'll get a
 	 * complaint about FIPS signatures (usually becuase the FIPS
 	 * module isn't present).  In either case ignore the errors
diff --git a/src/sbvarsign.c b/src/sbvarsign.c
index 273fd0d..92475a2 100644
--- a/src/sbvarsign.c
+++ b/src/sbvarsign.c
@@ -513,7 +513,11 @@
 	OpenSSL_add_all_digests();
 	OpenSSL_add_all_ciphers();
 	ERR_load_crypto_strings();
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
 	OPENSSL_config(NULL);
+#else
+	OPENSSL_init_crypto(OPENSSL_INIT_LOAD_CONFIG, NULL);
+#endif
 	/* here we may get highly unlikely failures or we'll get a
 	 * complaint about FIPS signatures (usually becuase the FIPS
 	 * module isn't present).  In either case ignore the errors
diff --git a/src/sbverify.c b/src/sbverify.c
index 4dddecc..ac6705e 100644
--- a/src/sbverify.c
+++ b/src/sbverify.c
@@ -252,7 +252,11 @@
 
 	OpenSSL_add_all_digests();
 	ERR_load_crypto_strings();
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
 	OPENSSL_config(NULL);
+#else
+	OPENSSL_init_crypto(OPENSSL_INIT_LOAD_CONFIG, NULL);
+#endif
 	/* here we may get highly unlikely failures or we'll get a
 	 * complaint about FIPS signatures (usually becuase the FIPS
 	 * module isn't present).  In either case ignore the errors