LILiK
/
openwrt-packages-dist
5
0
Fork 0
Code Issues 0 Pull Requests 0 Projects 0 Releases 0 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
26873 Commits
1 Branch
46 MiB
 
 
 
 
 
 
Tree: 6a46eda931
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '6a46eda931'
${ noResults }
openwrt-packages-dist/utils/apk/patches/010-openssl-deprecated.patch

131 lines
2.9 KiB
Raw Blame History

From c4c8aa5ba0ec6bf4c6d74c4807b66edfbd91be7c Mon Sep 17 00:00:00 2001
From: Rosen Penev <rosenp@gmail.com>
Date: Mon, 11 Jan 2021 01:51:58 -0800
Subject: [PATCH] fix compilation without deprecated OpenSSL APIs
(De)initialization is deprecated under OpenSSL 1.0 and above.
[TT: Some simplifications, and additional edits.]
Signed-off-by: Rosen Penev <rosenp@gmail.com>
---
libfetch/common.c | 12 ++++--------
src/apk.c | 26 +-------------------------
src/apk_openssl.h | 27 +++++++++++++++++++++++++++
3 files changed, 32 insertions(+), 33 deletions(-)
--- a/libfetch/common.c
+++ b/libfetch/common.c
@@ -499,15 +499,11 @@ static int fetch_ssl_setup_client_certif
int
fetch_ssl(conn_t *conn, const struct url *URL, int verbose)
{
- /* Init the SSL library and context */
- if (!SSL_library_init()){
- fprintf(stderr, "SSL library init failed\n");
- return (-1);
- }
-
- SSL_load_error_strings();
-
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
conn->ssl_meth = SSLv23_client_method();
+#else
+ conn->ssl_meth = TLS_client_method();
+#endif
conn->ssl_ctx = SSL_CTX_new(conn->ssl_meth);
SSL_CTX_set_mode(conn->ssl_ctx, SSL_MODE_AUTO_RETRY);
--- a/src/apk.c
+++ b/src/apk.c
@@ -20,11 +20,6 @@
#include <unistd.h>
#include <sys/stat.h>
-#include <openssl/crypto.h>
-#ifndef OPENSSL_NO_ENGINE
-#include <openssl/engine.h>
-#endif
-
#include <fetch.h>
#include "apk_defines.h"
@@ -385,25 +380,6 @@ static int parse_options(int argc, char
return 0;
}
-static void fini_openssl(void)
-{
- EVP_cleanup();
-#ifndef OPENSSL_NO_ENGINE
- ENGINE_cleanup();
-#endif
- CRYPTO_cleanup_all_ex_data();
-}
-
-static void init_openssl(void)
-{
- atexit(fini_openssl);
- OpenSSL_add_all_algorithms();
-#ifndef OPENSSL_NO_ENGINE
- ENGINE_load_builtin_engines();
- ENGINE_register_all_complete();
-#endif
-}
-
static void on_sigwinch(int s)
{
apk_reset_screen_width();
@@ -484,7 +460,7 @@ int main(int argc, char **argv)
apk_force |= applet->forced_force;
}
- init_openssl();
+ apk_openssl_init();
setup_automatic_flags();
fetchConnectionCacheInit(32, 4);
--- a/src/apk_openssl.h
+++ b/src/apk_openssl.h
@@ -11,7 +11,11 @@
#define APK_SSL_COMPAT_H
#include <openssl/opensslv.h>
+#include <openssl/crypto.h>
#include <openssl/evp.h>
+#ifndef OPENSSL_NO_ENGINE
+#include <openssl/engine.h>
+#endif
#if OPENSSL_VERSION_NUMBER < 0x1010000fL || (defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x2070000fL)
@@ -25,6 +29,29 @@ static inline void EVP_MD_CTX_free(EVP_M
return EVP_MD_CTX_destroy(mdctx);
}
+static inline void apk_openssl_cleanup(void)
+{
+ EVP_cleanup();
+#ifndef OPENSSL_NO_ENGINE
+ ENGINE_cleanup();
+#endif
+ CRYPTO_cleanup_all_ex_data();
+}
+
+static inline void apk_openssl_init(void)
+{
+ atexit(apk_openssl_cleanup);
+ OpenSSL_add_all_algorithms();
+#ifndef OPENSSL_NO_ENGINE
+ ENGINE_load_builtin_engines();
+ ENGINE_register_all_complete();
+#endif
+}
+
+#else
+
+static inline void apk_openssl_init(void) {}
+
#endif
#endif