auditdistd: Avoid calling deprecated OpenSSL functions
As of OpenSSL 1.1 SSL_library_init() and SSL_load_error_strings() are deprecated. There are replacement initialization functions but they do not need to be called: "As of version 1.1.0 OpenSSL will automatically allocate all resources that it needs so no explicit initialisation is required." Wrap both calls in an OPENSSL_VERSION_NUMBER block. Upstream pull request submitted at https://github.com/openbsm/openbsm/pull/82 PR: 271615 Reviewed by: ngie Event: Kitchener-Waterloo Hackathon 202305 Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D40273
This commit is contained in:
parent
f5abdb0311
commit
b01c10d25d
@ -371,8 +371,10 @@ tls_exec_client(const char *user, int startfd, const char *srcaddr,
|
|||||||
if (proto_connect(saddr, daddr, timeout, &tcp) == -1)
|
if (proto_connect(saddr, daddr, timeout, &tcp) == -1)
|
||||||
exit(EX_TEMPFAIL);
|
exit(EX_TEMPFAIL);
|
||||||
|
|
||||||
|
#if OPENSSL_VERSION_NUMBER < 0x10100000L
|
||||||
SSL_load_error_strings();
|
SSL_load_error_strings();
|
||||||
SSL_library_init();
|
SSL_library_init();
|
||||||
|
#endif
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* TODO: On FreeBSD we could move this below sandbox() once libc and
|
* TODO: On FreeBSD we could move this below sandbox() once libc and
|
||||||
@ -663,8 +665,10 @@ tls_exec_server(const char *user, int startfd, const char *privkey,
|
|||||||
sockfd = startfd;
|
sockfd = startfd;
|
||||||
tcpfd = startfd + 1;
|
tcpfd = startfd + 1;
|
||||||
|
|
||||||
|
#if OPENSSL_VERSION_NUMBER < 0x10100000L
|
||||||
SSL_load_error_strings();
|
SSL_load_error_strings();
|
||||||
SSL_library_init();
|
SSL_library_init();
|
||||||
|
#endif
|
||||||
|
|
||||||
sslctx = SSL_CTX_new(TLS_server_method());
|
sslctx = SSL_CTX_new(TLS_server_method());
|
||||||
if (sslctx == NULL)
|
if (sslctx == NULL)
|
||||||
|
Loading…
Reference in New Issue
Block a user