Avoid calling deprecated OpenSSL functions #82
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
As of OpenSSL 1.1 SSL_library_init() and SSL_load_error_strings() are deprecated. There are replacement initialization functions but they do not need to be called: "As of version 1.1.0 OpenSSL will automatically allocate all resources that it needs so no explicit initialisation is required." Wrap both calls in an OPENSSL_VERSION_NUMBER block.
|
FreeBSD change at https://reviews.freebsd.org/D40273 |
|
Fixes #81 |
|
I'm not sure what the support surface is for OpenBSM and I don't remember the exact version of OpenSSL BoringSSL and LibreSSL are based on, but given that all versions of OpenSSL prior to 1.1 are technically unsupported at this point, does it make sense to maybe delete the code entirely? |
|
So far I am aiming for minimal diffs, and plan to make another pass over everything later on including updates to use OpenSSL 3 APIs. In particular I don't want to delete |
freebsd-git
pushed a commit
to freebsd/freebsd-src
that referenced
this pull request
May 26, 2023
As of OpenSSL 1.1 SSL_library_init() and SSL_load_error_strings() are deprecated. There are replacement initialization functions but they do not need to be called: "As of version 1.1.0 OpenSSL will automatically allocate all resources that it needs so no explicit initialisation is required." Wrap both calls in an OPENSSL_VERSION_NUMBER block. Upstream pull request submitted at openbsm/openbsm#82 PR: 271615 Reviewed by: ngie Event: Kitchener-Waterloo Hackathon 202305 Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D40273
bsdjhb
pushed a commit
to CTSRD-CHERI/cheribsd
that referenced
this pull request
Aug 9, 2023
As of OpenSSL 1.1 SSL_library_init() and SSL_load_error_strings() are deprecated. There are replacement initialization functions but they do not need to be called: "As of version 1.1.0 OpenSSL will automatically allocate all resources that it needs so no explicit initialisation is required." Wrap both calls in an OPENSSL_VERSION_NUMBER block. Upstream pull request submitted at openbsm/openbsm#82 PR: 271615 Reviewed by: ngie Event: Kitchener-Waterloo Hackathon 202305 Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D40273
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
As of OpenSSL 1.1 SSL_library_init() and SSL_load_error_strings() are deprecated. There are replacement initialization functions but they do not need to be called: "As of version 1.1.0 OpenSSL will automatically allocate all resources that it needs so no explicit initialisation is required."
Wrap both calls in an OPENSSL_VERSION_NUMBER block.