Fix building ngIRCd with OpenSSL 1.1

At the moment, ngIRCd fails to build against OpenSSL 1.1 since the configure check probes for the SSL_library_init symbol which was removed, but probing for a different function availabe in both versions solves that problem: SSL_new(). And as SSL_library_init is no longer needed, the patch boils down to probing SSL_new to assert libssl is available, and disabling the SSL_library_init invokation from OpenSSL 1.1 on, see also another application[1] (NSCA-ng) that did pretty much the same. Patch was compile-tested on both Debian jessie (OpenSSL 1.0.2) and stretch (OpenSSL 1.1). [1] <https://www.nsca-ng.org/cgi-bin/repository/nsca-ng/commit/?id=8afc22031ff174f02caad4afc83fa5dff2c29f8a> (Patch by Christoph, commit message cherry-picked from the email thread on the mailing list by Alex. Thanks!)
ngircd · Dec 5, 2016 · daa88b7 · daa88b7
1 parent 2924b3d
commit daa88b7
Show file tree

Hide file tree

Showing 2 changed files with 4 additions and 2 deletions.
diff --git a/configure.ng b/configure.ng
@@ -418,8 +418,8 @@ AC_ARG_WITH(openssl,
 				LDFLAGS="-L$withval/lib $LDFLAGS"
 			fi
 			AC_CHECK_LIB(crypto, BIO_s_mem)
-			AC_CHECK_LIB(ssl, SSL_library_init)
-			AC_CHECK_FUNCS(SSL_library_init, x_ssl_openssl=yes,
+			AC_CHECK_LIB(ssl, SSL_new)
+			AC_CHECK_FUNCS(SSL_new, x_ssl_openssl=yes,
 				AC_MSG_ERROR([Can't enable openssl])
 			)
 		fi

diff --git a/src/ngircd/conn-ssl.c b/src/ngircd/conn-ssl.c
@@ -283,10 +283,12 @@ ConnSSL_InitLibrary( void )
 #ifdef HAVE_LIBSSL
 	SSL_CTX *newctx;
 
+#if OPENSSL_API_COMPAT < 0x10100000L
 	if (!ssl_ctx) {
 		SSL_library_init();
 		SSL_load_error_strings();
 	}
+#endif
 
 	if (!RAND_status()) {
 		Log(LOG_ERR, "OpenSSL PRNG not seeded: /dev/urandom missing?");