diff options
author | Ed Maste <emaste@FreeBSD.org> | 2023-05-25 19:17:13 +0000 |
---|---|---|
committer | Ed Maste <emaste@FreeBSD.org> | 2023-05-26 13:15:25 +0000 |
commit | b01c10d25d06047e45c3d5dc6a4e757a9b35ab78 (patch) | |
tree | 11a71cf177d785c85ea5eca4ebb3953ec9229d9b /contrib | |
parent | f5abdb03119a7e6608f0cfee0e7a28c94b9b0ca1 (diff) | |
download | src-b01c10d25d06047e45c3d5dc6a4e757a9b35ab78.tar.gz src-b01c10d25d06047e45c3d5dc6a4e757a9b35ab78.zip |
auditdistd: Avoid calling deprecated OpenSSL functions
As of OpenSSL 1.1 SSL_library_init() and SSL_load_error_strings() are
deprecated. There are replacement initialization functions but they do
not need to be called: "As of version 1.1.0 OpenSSL will automatically
allocate all resources that it needs so no explicit initialisation is
required."
Wrap both calls in an OPENSSL_VERSION_NUMBER block.
Upstream pull request submitted at
https://github.com/openbsm/openbsm/pull/82
PR: 271615
Reviewed by: ngie
Event: Kitchener-Waterloo Hackathon 202305
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D40273
Diffstat (limited to 'contrib')
-rw-r--r-- | contrib/openbsm/bin/auditdistd/proto_tls.c | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/contrib/openbsm/bin/auditdistd/proto_tls.c b/contrib/openbsm/bin/auditdistd/proto_tls.c index 31673084d5b5..4de2bbd9f9fa 100644 --- a/contrib/openbsm/bin/auditdistd/proto_tls.c +++ b/contrib/openbsm/bin/auditdistd/proto_tls.c @@ -371,8 +371,10 @@ tls_exec_client(const char *user, int startfd, const char *srcaddr, if (proto_connect(saddr, daddr, timeout, &tcp) == -1) exit(EX_TEMPFAIL); +#if OPENSSL_VERSION_NUMBER < 0x10100000L SSL_load_error_strings(); SSL_library_init(); +#endif /* * TODO: On FreeBSD we could move this below sandbox() once libc and @@ -663,8 +665,10 @@ tls_exec_server(const char *user, int startfd, const char *privkey, sockfd = startfd; tcpfd = startfd + 1; +#if OPENSSL_VERSION_NUMBER < 0x10100000L SSL_load_error_strings(); SSL_library_init(); +#endif sslctx = SSL_CTX_new(TLS_server_method()); if (sslctx == NULL) |