Page MenuHomeFreeBSD

auditdistd: Avoid calling deprecated OpenSSL functions
ClosedPublic

Authored by emaste on May 25 2023, 7:47 PM.
Tags
None
Referenced Files
Unknown Object (File)
Sun, Mar 10, 7:15 PM
Unknown Object (File)
Sun, Mar 10, 7:15 PM
Unknown Object (File)
Thu, Mar 7, 9:20 PM
Unknown Object (File)
Thu, Mar 7, 2:51 PM
Unknown Object (File)
Jan 10 2024, 5:49 AM
Unknown Object (File)
Jan 10 2024, 5:49 AM
Unknown Object (File)
Jan 2 2024, 12:41 PM
Unknown Object (File)
Dec 20 2023, 4:34 AM
Subscribers

Details

Summary

As of OpenSSL 1.1 SSL_library_init() and SSL_load_error_strings() are deprecated. There are replacement initialization functions but they do not need to be called: "As of version 1.1.0 OpenSSL will automatically allocate all resources that it needs so no explicit initialisation is required."

Wrap both calls in an OPENSSL_VERSION_NUMBER block.

Upstream pull request submitted as https://github.com/openbsm/openbsm/pull/82

Diff Detail

Repository
rG FreeBSD src repository
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

emaste created this revision.
contrib/openbsm/bin/auditdistd/proto_tls.c
374–377

Why not just delete the code, given that all supported versions of FreeBSD come with 1.1.1?

668–671

Why not just delete the code, given that all supported versions of FreeBSD come with 1.1.1?

(Copied from the GitHub pull request) So far I am aiming for minimal diffs, and plan to make another pass over everything later on including updates to use OpenSSL 3 APIs. In particular I don't want to delete SSL_library_init(); if other pre-OpenSSL-1.1 code remains (I haven't checked whether or not it does, yet).

(Copied from the GitHub pull request) So far I am aiming for minimal diffs, and plan to make another pass over everything later on including updates to use OpenSSL 3 APIs. In particular I don't want to delete SSL_library_init(); if other pre-OpenSSL-1.1 code remains (I haven't checked whether or not it does, yet).

Sounds good -- thanks!

This revision is now accepted and ready to land.May 26 2023, 12:46 AM