From ffe940041cace5dd8d19f1de8c76dd8bb734d629 Mon Sep 17 00:00:00 2001 From: Gerhard Rieger Date: Sun, 2 Apr 2023 16:40:32 +0200 Subject: [PATCH] Guard OPENSSL_INIT_new() for LibreSSL --- CHANGES | 4 ++++ config.h.in | 5 ++++- configure.ac | 2 +- sslcls.c | 4 ++-- xio-openssl.c | 6 ++++-- 5 files changed, 15 insertions(+), 6 deletions(-) diff --git a/CHANGES b/CHANGES index 7f06f20..9f81cb0 100644 --- a/CHANGES +++ b/CHANGES @@ -157,6 +157,10 @@ Porting: Solaris derivatives no longer need librt for clock_gettime() Thanks to Andy Fiddaman to directing me to the patch. + LibreSSL does not have OPENSSL_INIT_new(). This function is now + guarded. Socat might build with LibreSSL. + Thanks to Orbea for reporting and helping. + Building: Failure during building documentation, e.g. due to missing Yodl packages, now does not let the build process fail. diff --git a/config.h.in b/config.h.in index be3cee9..5cbdbbd 100644 --- a/config.h.in +++ b/config.h.in @@ -454,7 +454,10 @@ #undef HAVE_OPENSSL_INIT_SSL /* Define if you have the SSL_library_init function */ -#undef HAVE_SSL_LIBRARY_INIT +#undef HAVE_SSL_library_init + +/* Define if you have the OPENSSL_INIT_new function */ +#undef HAVE_OPENSSL_INIT_new /* Define if you have the SSLv2 client and server method functions. not in new openssl */ #undef HAVE_SSLv2_client_method diff --git a/configure.ac b/configure.ac index c5aabd2..7c7b1f1 100644 --- a/configure.ac +++ b/configure.ac @@ -633,7 +633,7 @@ if test -n "$WITH_OPENSSL"; then fi fi -AC_CHECK_FUNCS(OPENSSL_init_ssl SSL_library_init) +AC_CHECK_FUNCS(OPENSSL_init_ssl SSL_library_init OPENSSL_INIT_new) #; sc_cv_have_SSL_library_init='yes'; AC_DEFINE(HAVE_SSL_library_init) #if test -n "$WITH_OPENSSL"; then diff --git a/sslcls.c b/sslcls.c index ce8e9c6..0bf430d 100644 --- a/sslcls.c +++ b/sslcls.c @@ -31,7 +31,7 @@ int sycOPENSSL_init_ssl(uint64_t opts, const OPENSSL_INIT_SETTINGS *settings) { } #endif -#if !HAVE_OPENSSL_INIT_SSL +#if !(defined(HAVE_OPENSSL_INIT_SSL) && defined(HAVE_OPENSSL_INIT_new)) void sycSSL_load_error_strings(void) { Debug("SSL_load_error_strings()"); SSL_load_error_strings(); @@ -39,7 +39,7 @@ void sycSSL_load_error_strings(void) { } #endif -#if !HAVE_OPENSSL_INIT_SSL +#if HAVE_SSL_library_init int sycSSL_library_init(void) { int result; Debug("SSL_library_init()"); diff --git a/xio-openssl.c b/xio-openssl.c index 8b78cf6..e7931b4 100644 --- a/xio-openssl.c +++ b/xio-openssl.c @@ -962,7 +962,7 @@ int openssl_delete_cert_info(); /* OpenSSL preparation */ -#if HAVE_OPENSSL_INIT_SSL +#if defined(HAVE_OPENSSL_INIT_SSL) && defined(HAVE_OPENSSL_INIT_new) { uint64_t opts = 0; OPENSSL_INIT_SETTINGS *settings; @@ -973,12 +973,14 @@ int sycOPENSSL_init_ssl(opts, settings); } #else +# if defined(HAVE_SSL_library_init) sycSSL_library_init(); +# endif OpenSSL_add_all_algorithms(); OpenSSL_add_all_ciphers(); OpenSSL_add_all_digests(); sycSSL_load_error_strings(); -#endif +#endif /* defined(HAVE_OPENSSL_INIT_SSL) && defined(HAVE OPENSSL_INIT_new) */ /*! actions_to_seed_PRNG();*/