Commit c4c8aa5b authored by Rosen Penev's avatar Rosen Penev Committed by Timo Teräs

fix compilation without deprecated OpenSSL APIs

(De)initialization is deprecated under OpenSSL 1.0 and above.

[TT: Some simplifications, and additional edits.]
Signed-off-by: Rosen Penev's avatarRosen Penev <rosenp@gmail.com>
parent bcbcbfc1
Pipeline #69672 passed with stage
in 30 seconds
......@@ -499,15 +499,11 @@ static int fetch_ssl_setup_client_certificate(SSL_CTX *ctx, int verbose)
int
fetch_ssl(conn_t *conn, const struct url *URL, int verbose)
{
/* Init the SSL library and context */
if (!SSL_library_init()){
fprintf(stderr, "SSL library init failed\n");
return (-1);
}
SSL_load_error_strings();
#if OPENSSL_VERSION_NUMBER < 0x10100000L
conn->ssl_meth = SSLv23_client_method();
#else
conn->ssl_meth = TLS_client_method();
#endif
conn->ssl_ctx = SSL_CTX_new(conn->ssl_meth);
SSL_CTX_set_mode(conn->ssl_ctx, SSL_MODE_AUTO_RETRY);
......
......@@ -20,11 +20,6 @@
#include <unistd.h>
#include <sys/stat.h>
#include <openssl/crypto.h>
#ifndef OPENSSL_NO_ENGINE
#include <openssl/engine.h>
#endif
#include <fetch.h>
#include "apk_defines.h"
......@@ -358,25 +353,6 @@ static int parse_options(int argc, char **argv, struct apk_applet *applet, void
return 0;
}
static void fini_openssl(void)
{
EVP_cleanup();
#ifndef OPENSSL_NO_ENGINE
ENGINE_cleanup();
#endif
CRYPTO_cleanup_all_ex_data();
}
static void init_openssl(void)
{
atexit(fini_openssl);
OpenSSL_add_all_algorithms();
#ifndef OPENSSL_NO_ENGINE
ENGINE_load_builtin_engines();
ENGINE_register_all_complete();
#endif
}
static void setup_automatic_flags(struct apk_ctx *ac)
{
const char *tmp;
......@@ -449,7 +425,7 @@ int main(int argc, char **argv)
ctx.force |= applet->forced_force;
}
init_openssl();
apk_openssl_init();
setup_automatic_flags(&ctx);
fetchConnectionCacheInit(32, 4);
......
......@@ -11,7 +11,11 @@
#define APK_SSL_COMPAT_H
#include <openssl/opensslv.h>
#include <openssl/crypto.h>
#include <openssl/evp.h>
#ifndef OPENSSL_NO_ENGINE
#include <openssl/engine.h>
#endif
#if OPENSSL_VERSION_NUMBER < 0x1010000fL || (defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x2070000fL)
......@@ -25,6 +29,29 @@ static inline void EVP_MD_CTX_free(EVP_MD_CTX *mdctx)
return EVP_MD_CTX_destroy(mdctx);
}
static inline void apk_openssl_cleanup(void)
{
EVP_cleanup();
#ifndef OPENSSL_NO_ENGINE
ENGINE_cleanup();
#endif
CRYPTO_cleanup_all_ex_data();
}
static inline void apk_openssl_init(void)
{
atexit(apk_openssl_cleanup);
OpenSSL_add_all_algorithms();
#ifndef OPENSSL_NO_ENGINE
ENGINE_load_builtin_engines();
ENGINE_register_all_complete();
#endif
}
#else
static inline void apk_openssl_init(void) {}
#endif
#endif
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment