Skip to content

openssl: switch to modern init for LibreSSL 2.7.0+#11611

Closed
vszakats wants to merge 1 commit intocurl:masterfrom
vszakats:libressl-init-fix
Closed

openssl: switch to modern init for LibreSSL 2.7.0+#11611
vszakats wants to merge 1 commit intocurl:masterfrom
vszakats:libressl-init-fix

Conversation

@vszakats
Copy link
Member

@vszakats vszakats commented Aug 7, 2023
edited
Loading

LibreSSL 2.7.0 (2018-03-21) introduced automatic initialization, OPENSSL_init_ssl() function and deprecated the old, manual init method, as seen in OpenSSL 1.1.0. Switch to the modern method when available.

Ref: https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-2.7.0-relnotes.txt

Closes #11611

@vszakats
openssl: switch to modern init for LibreSSL 2.7.0+
ffe4caa 
LibreSSL 2.7.0 (2018-03-21) introduced automatic initialization,
`OPENSSL_init_ssl()` function and deprecated the old, manual init
method, as seen in OpenSSL 1.1.0. Switch to the modern method when
available.

Ref: https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-2.7.0-relnotes.txt

Closes #xxxxx
@github-actions github-actions bot added the TLS label Aug 7, 2023
@vszakats
Copy link
Member Author

vszakats commented Aug 7, 2023
edited
Loading

Looking to do the same in ossl_cleanup(), where the situation is murkier:

https://man.openbsd.org/OpenBSD-6.3/EVP_cleanup.3 - deprecated
https://man.openbsd.org/OpenBSD-6.3/ENGINE_cleanup.3 - not loading engines, so seems unnecessary
https://man.openbsd.org/OpenBSD-6.3/ERR_free_strings.3 - available, not a no-op
https://man.openbsd.org/OpenBSD-6.3/ERR_remove_thread_state.3 - available, not a no-op
https://man.openbsd.org/OpenBSD-6.3/ERR_remove_state.3 - deprecated
https://man.openbsd.org/OpenBSD-6.3/CONF_modules_free.3 - not loading CONF modules, so seems unnecessary
SSL_COMP_free_compression_methods - doesn't exist in LibreSSL

@vszakats vszakats closed this in bec0c5b Aug 7, 2023
@vszakats vszakats deleted the libressl-init-fix branch August 7, 2023 23:57
ptitSeb pushed a commit to wasix-org/curl that referenced this pull request Sep 25, 2023
@vszakats @ptitSeb
openssl: switch to modern init for LibreSSL 2.7.0+
0ce2957 
LibreSSL 2.7.0 (2018-03-21) introduced automatic initialization,
`OPENSSL_init_ssl()` function and deprecated the old, manual init
method, as seen in OpenSSL 1.1.0. Switch to the modern method when
available.

Ref: https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-2.7.0-relnotes.txt

Reviewed-by: Daniel Stenberg
Closes curl#11611
@vszakats vszakats mentioned this pull request Dec 15, 2023
Closed
@vszakats vszakats mentioned this pull request Dec 15, 2023
Closed
vszakats added a commit to vszakats/curl that referenced this pull request Dec 15, 2023
@vszakats
openssl: re-match LibreSSL deinit with its init
1c273b2 
Earlier we bumped LibreSSL to use modern initialization, but did not
touch deinitialization [1]. Fix it in this patch.

Regression from bec0c5b curl#11611

[1] curl#11611 (comment)

Reported-by: Mike Hommey
Fixes curl#12525
Closes curl#12526
vszakats added a commit that referenced this pull request Dec 15, 2023
@vszakats
openssl: re-match LibreSSL deinit with init
9f2d229 
Earlier we switched to use modern initialization with LibreSSL v2.7.0
and up, but did not touch deinitialization [1]. Fix it in this patch.

Regression from bec0c5b #11611

[1] #11611 (comment)

Reported-by: Mike Hommey
Reviewed-by: Daniel Stenberg
Fixes #12525
Closes #12526
@jay jay mentioned this pull request Feb 5, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@bagder bagder bagder approved these changes

Assignees

No one assigned

Labels

build TLS

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@vszakats @bagder