Differential D40341

unbound: avoid calling deprecated OpenSSL function
ClosedPublic
Actions

Authored by emaste on May 30 2023, 9:42 PM.

Tags

None

Referenced Files

	Unknown Object (File)
	Nov 30 2025, 7:16 AM

	Unknown Object (File)
	Nov 22 2025, 5:10 PM

	Unknown Object (File)
	Nov 22 2025, 1:27 PM

	Unknown Object (File)
	Nov 20 2025, 6:25 AM

	Unknown Object (File)
	Nov 19 2025, 12:59 PM

	Unknown Object (File)
	Nov 14 2025, 10:17 PM

	Unknown Object (File)
	Nov 10 2025, 1:59 AM

	Unknown Object (File)
	Nov 4 2025, 9:45 PM

Subscribers

Details

Reviewers

des
khorben
ngie

Commits

rGdc103686348d: unbound: avoid calling deprecated OpenSSL function

Summary

SSL_CTX_set_ecdh_auto is deprecated and has no effect (for reference see https://github.com/openssl/openssl/commit/2ecb9f2d18614fb7b7b42830a358b7163ed43221).

As unbound's config.h is manually maintained just turn off HAVE_DECL_SSL_CTX_SET_ECDH_AUTO so that it won't be called.

Diff Detail

Repository

rG FreeBSD src repository

Lint

Lint Not Applicable

Unit

Tests Not Applicable

Event Timeline

emaste requested review of this revision.May 30 2023, 9:42 PM

emaste created this revision.

emaste added a reviewer: ngie.

Sounds good to me! From https://www.openssl.org/docs/man3.1/man3/SSL_CTX_set_ecdh_auto.html :

SSL_CTX_set_ecdh_auto() and SSL_set_ecdh_auto() are deprecated and have no effect.

Oddly enough this function doesn't appear to be documented on 1.1..

This revision is now accepted and ready to land.May 30 2023, 11:10 PM

Closed by commit rGdc103686348d: unbound: avoid calling deprecated OpenSSL function (authored by emaste). · Explain WhyMay 30 2023, 11:56 PM

This revision was automatically updated to reflect the committed changes.

emaste added a commit: rGdc103686348d: unbound: avoid calling deprecated OpenSSL function.

Herald added a subscriber: imp. · View Herald TranscriptMay 30 2023, 11:56 PM

Revision Contents
Changeset List

Path

Size

usr.sbin/

unbound/

2 lines

Diff 122638

usr.sbin/unbound/config.h

Loading...