git: b01c10d25d06 - main - auditdistd: Avoid calling deprecated OpenSSL functions

From: Ed Maste <emaste_at_FreeBSD.org>
Date: Fri, 26 May 2023 13:21:52 UTC
The branch main has been updated by emaste:

URL: https://cgit.FreeBSD.org/src/commit/?id=b01c10d25d06047e45c3d5dc6a4e757a9b35ab78

commit b01c10d25d06047e45c3d5dc6a4e757a9b35ab78
Author:     Ed Maste <emaste@FreeBSD.org>
AuthorDate: 2023-05-25 19:17:13 +0000
Commit:     Ed Maste <emaste@FreeBSD.org>
CommitDate: 2023-05-26 13:15:25 +0000

    auditdistd: Avoid calling deprecated OpenSSL functions
    
    As of OpenSSL 1.1 SSL_library_init() and SSL_load_error_strings() are
    deprecated.  There are replacement initialization functions but they do
    not need to be called: "As of version 1.1.0 OpenSSL will automatically
    allocate all resources that it needs so no explicit initialisation is
    required."
    
    Wrap both calls in an OPENSSL_VERSION_NUMBER block.
    
    Upstream pull request submitted at
    https://github.com/openbsm/openbsm/pull/82
    
    PR:             271615
    Reviewed by:    ngie
    Event:          Kitchener-Waterloo Hackathon 202305
    Sponsored by:   The FreeBSD Foundation
    Differential Revision: https://reviews.freebsd.org/D40273
---
 contrib/openbsm/bin/auditdistd/proto_tls.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/contrib/openbsm/bin/auditdistd/proto_tls.c b/contrib/openbsm/bin/auditdistd/proto_tls.c
index 31673084d5b5..4de2bbd9f9fa 100644
--- a/contrib/openbsm/bin/auditdistd/proto_tls.c
+++ b/contrib/openbsm/bin/auditdistd/proto_tls.c
@@ -371,8 +371,10 @@ tls_exec_client(const char *user, int startfd, const char *srcaddr,
 	if (proto_connect(saddr, daddr, timeout, &tcp) == -1)
 		exit(EX_TEMPFAIL);
 
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
 	SSL_load_error_strings();
 	SSL_library_init();
+#endif
 
 	/*
 	 * TODO: On FreeBSD we could move this below sandbox() once libc and
@@ -663,8 +665,10 @@ tls_exec_server(const char *user, int startfd, const char *privkey,
 	sockfd = startfd;
 	tcpfd = startfd + 1;
 
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
 	SSL_load_error_strings();
 	SSL_library_init();
+#endif
 
 	sslctx = SSL_CTX_new(TLS_server_method());
 	if (sslctx == NULL)