auditdistd: Avoid calling deprecated OpenSSL functions
As of OpenSSL 1.1 SSL_library_init() and SSL_load_error_strings() are deprecated. There are replacement initialization functions but they do not need to be called: "As of version 1.1.0 OpenSSL will automatically allocate all resources that it needs so no explicit initialisation is required." Wrap both calls in an OPENSSL_VERSION_NUMBER block. Upstream pull request submitted at https://github.com/openbsm/openbsm/pull/82 PR: 271615 Reviewed by: ngie Event: Kitchener-Waterloo Hackathon 202305 Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D40273
This commit is contained in:
parent
f5abdb0311
commit
b01c10d25d
@ -371,8 +371,10 @@ tls_exec_client(const char *user, int startfd, const char *srcaddr,
|
||||
if (proto_connect(saddr, daddr, timeout, &tcp) == -1)
|
||||
exit(EX_TEMPFAIL);
|
||||
|
||||
#if OPENSSL_VERSION_NUMBER < 0x10100000L
|
||||
SSL_load_error_strings();
|
||||
SSL_library_init();
|
||||
#endif
|
||||
|
||||
/*
|
||||
* TODO: On FreeBSD we could move this below sandbox() once libc and
|
||||
@ -663,8 +665,10 @@ tls_exec_server(const char *user, int startfd, const char *privkey,
|
||||
sockfd = startfd;
|
||||
tcpfd = startfd + 1;
|
||||
|
||||
#if OPENSSL_VERSION_NUMBER < 0x10100000L
|
||||
SSL_load_error_strings();
|
||||
SSL_library_init();
|
||||
#endif
|
||||
|
||||
sslctx = SSL_CTX_new(TLS_server_method());
|
||||
if (sslctx == NULL)
|
||||
|
Loading…
Reference in New Issue
Block a user