auditdistd: Avoid calling deprecated OpenSSL functions

As of OpenSSL 1.1 SSL_library_init() and SSL_load_error_strings() are deprecated. There are replacement initialization functions but they do not need to be called: "As of version 1.1.0 OpenSSL will automatically allocate all resources that it needs so no explicit initialisation is required." Wrap both calls in an OPENSSL_VERSION_NUMBER block. Upstream pull request submitted at https://github.com/openbsm/openbsm/pull/82 PR: 271615 Reviewed by: ngie Event: Kitchener-Waterloo Hackathon 202305 Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D40273
2023-05-25 15:17:13 -04:00 · 2023-05-25 15:17:13 -04:00 · b01c10d25d
commit b01c10d25d
parent f5abdb0311
1 changed files with 4 additions and 0 deletions
--- a/contrib/openbsm/bin/auditdistd/proto_tls.c
+++ b/contrib/openbsm/bin/auditdistd/proto_tls.c
@ -371,8 +371,10 @@ tls_exec_client(const char *user, int startfd, const char *srcaddr,
 	if (proto_connect(saddr, daddr, timeout, &tcp) == -1)
 		exit(EX_TEMPFAIL);

+#if OPENSSL_VERSION_NUMBER < 0x10100000L
 	SSL_load_error_strings();
 	SSL_library_init();
+#endif

 	/*
 	 * TODO: On FreeBSD we could move this below sandbox() once libc and
@ -663,8 +665,10 @@ tls_exec_server(const char *user, int startfd, const char *privkey,
 	sockfd = startfd;
 	tcpfd = startfd + 1;

+#if OPENSSL_VERSION_NUMBER < 0x10100000L
 	SSL_load_error_strings();
 	SSL_library_init();
+#endif

 	sslctx = SSL_CTX_new(TLS_server_method());
 	if (sslctx == NULL)