From 8d2d59e914ffc2c6b43234cdfe3cc798746538fe Mon Sep 17 00:00:00 2001 From: Dmitry Podgorny Date: Wed, 12 Jul 2017 01:58:30 +0300 Subject: [PATCH] tls/openssl: add OpenSSL-1.1.0 support (#109) OpenSSL-1.1.0 marks cleanup functions as deprecated and changes initialization function. It implements implicit de-initialization. Reported by @zygmund2000. --- src/tls_openssl.c | 18 ++++++++++++++++-- 1 file changed, 16 insertions(+), 2 deletions(-) diff --git a/src/tls_openssl.c b/src/tls_openssl.c index f320908..3578839 100644 --- a/src/tls_openssl.c +++ b/src/tls_openssl.c @@ -51,20 +51,34 @@ static void _tls_log_error(xmpp_ctx_t *ctx); void tls_initialize(void) { +#if OPENSSL_VERSION_NUMBER < 0x10100000L SSL_library_init(); SSL_load_error_strings(); +#else + OPENSSL_init_ssl(OPENSSL_INIT_LOAD_SSL_STRINGS, NULL); +#endif } void tls_shutdown(void) { + /* + * FIXME: Don't free global tables, program or other libraries may use + * openssl after libstrophe finalization. Maybe better leak some fixed + * memory rather than cause random crashes of the main program. + */ +#if OPENSSL_VERSION_NUMBER < 0x10100000L ERR_free_strings(); EVP_cleanup(); CRYPTO_cleanup_all_ex_data(); -#if OPENSSL_VERSION_NUMBER >= 0x10200000 +#if OPENSSL_VERSION_NUMBER >= 0x10002000L SSL_COMP_free_compression_methods(); #endif +#if OPENSSL_VERSION_NUMBER < 0x10000000L ERR_remove_state(0); - return; +#else + ERR_remove_thread_state(NULL); +#endif +#endif } int tls_error(tls_t *tls)