git: 01aee8c92d93 - main - libfetch: do not call deprecated OpenSSL functions
Date: Thu, 25 May 2023 16:22:06 UTC
The branch main has been updated by emaste: URL: https://cgit.FreeBSD.org/src/commit/?id=01aee8c92d936470c44821736e0d9e11ed7ce812 commit 01aee8c92d936470c44821736e0d9e11ed7ce812 Author: Ed Maste <emaste@FreeBSD.org> AuthorDate: 2023-05-25 15:24:48 +0000 Commit: Ed Maste <emaste@FreeBSD.org> CommitDate: 2023-05-25 16:20:15 +0000 libfetch: do not call deprecated OpenSSL functions As of OpenSSL 1.1 SSL_library_init() and SSL_load_error_strings() are deprecated. There are replacement initialization functions but they do not need to be called: "As of version 1.1.0 OpenSSL will automatically allocate all resources that it needs so no explicit initialisation is required." Wrap both calls in an OPENSSL_VERSION_NUMBER block. PR: 271615 Reviewed by: Pierre Pronchery <pierre@freebsdfoundation.org> Event: Kitchener-Waterloo Hackathon 202305 Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D40265 --- lib/libfetch/common.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/lib/libfetch/common.c b/lib/libfetch/common.c index 7bf487b0db1d..f2122d7f45c9 100644 --- a/lib/libfetch/common.c +++ b/lib/libfetch/common.c @@ -1204,6 +1204,7 @@ fetch_ssl(conn_t *conn, const struct url *URL, int verbose) X509_NAME *name; char *str; +#if OPENSSL_VERSION_NUMBER < 0x10100000L /* Init the SSL library and context */ if (!SSL_library_init()){ fprintf(stderr, "SSL library init failed\n"); @@ -1211,6 +1212,7 @@ fetch_ssl(conn_t *conn, const struct url *URL, int verbose) } SSL_load_error_strings(); +#endif conn->ssl_meth = SSLv23_client_method(); conn->ssl_ctx = SSL_CTX_new(conn->ssl_meth);