diff options
| author | Rosen Penev <rosenp@gmail.com> | 2021-01-11 01:51:58 -0800 |
|---|---|---|
| committer | Timo Teräs <timo.teras@iki.fi> | 2021-01-27 09:13:07 +0200 |
| commit | c4c8aa5ba0ec6bf4c6d74c4807b66edfbd91be7c (patch) | |
| tree | b41da7bce64475790173cfd80366bb272a2f30ec | |
| parent | bcbcbfc1fc9514db7a9ecddec5029b8d89fde5ed (diff) | |
| download | apk-tools-c4c8aa5ba0ec6bf4c6d74c4807b66edfbd91be7c.tar.gz apk-tools-c4c8aa5ba0ec6bf4c6d74c4807b66edfbd91be7c.tar.bz2 apk-tools-c4c8aa5ba0ec6bf4c6d74c4807b66edfbd91be7c.tar.xz apk-tools-c4c8aa5ba0ec6bf4c6d74c4807b66edfbd91be7c.zip | |
fix compilation without deprecated OpenSSL APIs
(De)initialization is deprecated under OpenSSL 1.0 and above.
[TT: Some simplifications, and additional edits.]
Signed-off-by: Rosen Penev <rosenp@gmail.com>
| -rw-r--r-- | libfetch/common.c | 12 | ||||
| -rw-r--r-- | src/apk.c | 26 | ||||
| -rw-r--r-- | src/apk_openssl.h | 27 |
3 files changed, 32 insertions, 33 deletions
diff --git a/libfetch/common.c b/libfetch/common.c index e91b0c6..bcba889 100644 --- a/libfetch/common.c +++ b/libfetch/common.c @@ -499,15 +499,11 @@ static int fetch_ssl_setup_client_certificate(SSL_CTX *ctx, int verbose) int fetch_ssl(conn_t *conn, const struct url *URL, int verbose) { - /* Init the SSL library and context */ - if (!SSL_library_init()){ - fprintf(stderr, "SSL library init failed\n"); - return (-1); - } - - SSL_load_error_strings(); - +#if OPENSSL_VERSION_NUMBER < 0x10100000L conn->ssl_meth = SSLv23_client_method(); +#else + conn->ssl_meth = TLS_client_method(); +#endif conn->ssl_ctx = SSL_CTX_new(conn->ssl_meth); SSL_CTX_set_mode(conn->ssl_ctx, SSL_MODE_AUTO_RETRY); @@ -20,11 +20,6 @@ #include <unistd.h> #include <sys/stat.h> -#include <openssl/crypto.h> -#ifndef OPENSSL_NO_ENGINE -#include <openssl/engine.h> -#endif - #include <fetch.h> #include "apk_defines.h" @@ -358,25 +353,6 @@ static int parse_options(int argc, char **argv, struct apk_applet *applet, void return 0; } -static void fini_openssl(void) -{ - EVP_cleanup(); -#ifndef OPENSSL_NO_ENGINE - ENGINE_cleanup(); -#endif - CRYPTO_cleanup_all_ex_data(); -} - -static void init_openssl(void) -{ - atexit(fini_openssl); - OpenSSL_add_all_algorithms(); -#ifndef OPENSSL_NO_ENGINE - ENGINE_load_builtin_engines(); - ENGINE_register_all_complete(); -#endif -} - static void setup_automatic_flags(struct apk_ctx *ac) { const char *tmp; @@ -449,7 +425,7 @@ int main(int argc, char **argv) ctx.force |= applet->forced_force; } - init_openssl(); + apk_openssl_init(); setup_automatic_flags(&ctx); fetchConnectionCacheInit(32, 4); diff --git a/src/apk_openssl.h b/src/apk_openssl.h index 4ee6da2..c0abdf2 100644 --- a/src/apk_openssl.h +++ b/src/apk_openssl.h @@ -11,7 +11,11 @@ #define APK_SSL_COMPAT_H #include <openssl/opensslv.h> +#include <openssl/crypto.h> #include <openssl/evp.h> +#ifndef OPENSSL_NO_ENGINE +#include <openssl/engine.h> +#endif #if OPENSSL_VERSION_NUMBER < 0x1010000fL || (defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x2070000fL) @@ -25,6 +29,29 @@ static inline void EVP_MD_CTX_free(EVP_MD_CTX *mdctx) return EVP_MD_CTX_destroy(mdctx); } +static inline void apk_openssl_cleanup(void) +{ + EVP_cleanup(); +#ifndef OPENSSL_NO_ENGINE + ENGINE_cleanup(); +#endif + CRYPTO_cleanup_all_ex_data(); +} + +static inline void apk_openssl_init(void) +{ + atexit(apk_openssl_cleanup); + OpenSSL_add_all_algorithms(); +#ifndef OPENSSL_NO_ENGINE + ENGINE_load_builtin_engines(); + ENGINE_register_all_complete(); +#endif +} + +#else + +static inline void apk_openssl_init(void) {} + #endif #endif |