1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
|
From c4c8aa5ba0ec6bf4c6d74c4807b66edfbd91be7c Mon Sep 17 00:00:00 2001
From: Rosen Penev <rosenp@gmail.com>
Date: Mon, 11 Jan 2021 01:51:58 -0800
Subject: [PATCH] fix compilation without deprecated OpenSSL APIs
(De)initialization is deprecated under OpenSSL 1.0 and above.
[TT: Some simplifications, and additional edits.]
Signed-off-by: Rosen Penev <rosenp@gmail.com>
---
libfetch/common.c | 12 ++++--------
src/apk.c | 26 +-------------------------
src/apk_openssl.h | 27 +++++++++++++++++++++++++++
3 files changed, 32 insertions(+), 33 deletions(-)
--- a/libfetch/common.c
+++ b/libfetch/common.c
@@ -499,15 +499,11 @@ static int fetch_ssl_setup_client_certif
int
fetch_ssl(conn_t *conn, const struct url *URL, int verbose)
{
- /* Init the SSL library and context */
- if (!SSL_library_init()){
- fprintf(stderr, "SSL library init failed\n");
- return (-1);
- }
-
- SSL_load_error_strings();
-
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
conn->ssl_meth = SSLv23_client_method();
+#else
+ conn->ssl_meth = TLS_client_method();
+#endif
conn->ssl_ctx = SSL_CTX_new(conn->ssl_meth);
SSL_CTX_set_mode(conn->ssl_ctx, SSL_MODE_AUTO_RETRY);
--- a/src/apk.c
+++ b/src/apk.c
@@ -20,11 +20,6 @@
#include <unistd.h>
#include <sys/stat.h>
-#include <openssl/crypto.h>
-#ifndef OPENSSL_NO_ENGINE
-#include <openssl/engine.h>
-#endif
-
#include <fetch.h>
#include "apk_defines.h"
@@ -385,25 +380,6 @@ static int parse_options(int argc, char
return 0;
}
-static void fini_openssl(void)
-{
- EVP_cleanup();
-#ifndef OPENSSL_NO_ENGINE
- ENGINE_cleanup();
-#endif
- CRYPTO_cleanup_all_ex_data();
-}
-
-static void init_openssl(void)
-{
- atexit(fini_openssl);
- OpenSSL_add_all_algorithms();
-#ifndef OPENSSL_NO_ENGINE
- ENGINE_load_builtin_engines();
- ENGINE_register_all_complete();
-#endif
-}
-
static void on_sigwinch(int s)
{
apk_reset_screen_width();
@@ -484,7 +460,7 @@ int main(int argc, char **argv)
apk_force |= applet->forced_force;
}
- init_openssl();
+ apk_openssl_init();
setup_automatic_flags();
fetchConnectionCacheInit(32, 4);
--- a/src/apk_openssl.h
+++ b/src/apk_openssl.h
@@ -11,7 +11,11 @@
#define APK_SSL_COMPAT_H
#include <openssl/opensslv.h>
+#include <openssl/crypto.h>
#include <openssl/evp.h>
+#ifndef OPENSSL_NO_ENGINE
+#include <openssl/engine.h>
+#endif
#if OPENSSL_VERSION_NUMBER < 0x1010000fL || (defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x2070000fL)
@@ -25,6 +29,29 @@ static inline void EVP_MD_CTX_free(EVP_M
return EVP_MD_CTX_destroy(mdctx);
}
+static inline void apk_openssl_cleanup(void)
+{
+ EVP_cleanup();
+#ifndef OPENSSL_NO_ENGINE
+ ENGINE_cleanup();
+#endif
+ CRYPTO_cleanup_all_ex_data();
+}
+
+static inline void apk_openssl_init(void)
+{
+ atexit(apk_openssl_cleanup);
+ OpenSSL_add_all_algorithms();
+#ifndef OPENSSL_NO_ENGINE
+ ENGINE_load_builtin_engines();
+ ENGINE_register_all_complete();
+#endif
+}
+
+#else
+
+static inline void apk_openssl_init(void) {}
+
#endif
#endif
|