New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
CS9 OpenSSL deprecated functions warnings and thread safety #37523
Comments
assign core |
New categories assigned: core @Dr15Jones,@smuzaffar,@makortel you have been requested to review this Pull request/Issue and eventually sign? Thanks |
A new Issue was created by @smuzaffar Malik Shahzad Muzaffar. @Dr15Jones, @perrotta, @dpiparo, @makortel, @smuzaffar, @qliphy can you please review it and eventually sign/assign? Thanks. cms-bot commands are listed here |
One option would be to add following kind of utility function to some package (currently unclear to me what would be the best place when taking into account dependencies) // openssl_init.h
namespace cms {
void openssl_init();
}
// openssl_init.cc
#include <mutex>
namespace cms {
void openssl_init() {
static std::once_flag flag;
std::call_once(flag, []() {
#if OPENSSL_API_COMPAT < 0x10100000L
OpenSSL_add_all_digests();
#else
OPENSSL_init_crypto();
#endif
});
}
} |
Given the dependency, maybe just a whole new package? The wrapper for the XML parser is also in its own package and that package doesn't contain much. |
How about Utilities/OpenSSL package and we also move newly added openssl unit tests in this package? |
Sounds good to me. |
For CS9 IBs (where we have OpenSSL 3.0) we have many warnings like [a]. I opened a PR #37490 to fix it. I think we can fix allof these by using
EVP_Digest*
function. But I just noticed that the following code is not thread safeSpecially call to
OpenSSL_add_all_digests() or OPENSSL_init_crypto()
which should be call once . @makortel any idea how to achieve it properly?[a]
The text was updated successfully, but these errors were encountered: