Page MenuHomeFreeBSD
Differential D40273

auditdistd: Avoid calling deprecated OpenSSL functions
ClosedPublic
Actions

Authored by emaste on May 25 2023, 7:47 PM.
Tags
None
Referenced Files
F107592965: D40273.id122438.diff
Thu, Jan 16, 8:54 AM
F107583426: D40273.diff
Thu, Jan 16, 5:50 AM
Unknown Object (File)
Nov 30 2024, 3:43 AM
Unknown Object (File)
Nov 27 2024, 3:52 AM
Unknown Object (File)
Nov 27 2024, 3:52 AM
Unknown Object (File)
Nov 27 2024, 3:34 AM
Unknown Object (File)
Oct 30 2024, 7:02 AM
Unknown Object (File)
Oct 30 2024, 6:45 AM
View All 58 Files
Subscribers
imp

Details

Reviewers
csjp
ngie
khorben_defora.org
Commits
rGb01c10d25d06: auditdistd: Avoid calling deprecated OpenSSL functions
Summary

As of OpenSSL 1.1 SSL_library_init() and SSL_load_error_strings() are deprecated. There are replacement initialization functions but they do not need to be called: "As of version 1.1.0 OpenSSL will automatically allocate all resources that it needs so no explicit initialisation is required."

Wrap both calls in an OPENSSL_VERSION_NUMBER block.

Upstream pull request submitted as https://github.com/openbsm/openbsm/pull/82

Diff Detail

Lint
Lint Skipped
Unit
Tests Skipped

Event Timeline

emaste requested review of this revision.May 25 2023, 7:47 PM
emaste created this revision.
ngie added inline comments.May 25 2023, 11:12 PM
contrib/openbsm/bin/auditdistd/proto_tls.c
374–377

Why not just delete the code, given that all supported versions of FreeBSD come with 1.1.1?

668–671

Why not just delete the code, given that all supported versions of FreeBSD come with 1.1.1?

emaste added a comment.May 25 2023, 11:45 PM

(Copied from the GitHub pull request) So far I am aiming for minimal diffs, and plan to make another pass over everything later on including updates to use OpenSSL 3 APIs. In particular I don't want to delete SSL_library_init(); if other pre-OpenSSL-1.1 code remains (I haven't checked whether or not it does, yet).

ngie accepted this revision.May 26 2023, 12:46 AM
In D40273#917094, @emaste wrote:

(Copied from the GitHub pull request) So far I am aiming for minimal diffs, and plan to make another pass over everything later on including updates to use OpenSSL 3 APIs. In particular I don't want to delete SSL_library_init(); if other pre-OpenSSL-1.1 code remains (I haven't checked whether or not it does, yet).

Sounds good -- thanks!

This revision is now accepted and ready to land.May 26 2023, 12:46 AM
Closed by commit rGb01c10d25d06: auditdistd: Avoid calling deprecated OpenSSL functions (authored by emaste). · Explain WhyMay 26 2023, 1:22 PM
This revision was automatically updated to reflect the committed changes.
emaste added a commit: rGb01c10d25d06: auditdistd: Avoid calling deprecated OpenSSL functions.
Herald added a subscriber: imp. · View Herald TranscriptMay 26 2023, 1:22 PM

Revision Contents
Changeset List

PathSize
contrib/
openbsm/
bin/
auditdistd/
4 lines

Diff 122438

View Options

contrib/openbsm/bin/auditdistd/proto_tls.c

Loading...