git.ipfire.org Git - thirdparty/openvpn.git/commit

author	Rosen Penev <rosenp@gmail.com>
	Wed, 24 Jul 2019 15:29:34 +0000 (17:29 +0200)
committer	Gert Doering <gert@greenie.muc.de>
	Fri, 16 Aug 2019 19:20:07 +0000 (21:20 +0200)
commit	8a01147ff77e4ae2e377744b89fbe4b6841b2bb0
tree	9bf5270d7b8a4b99ff0709585b182f0c061bc439	tree \| snapshot
parent	6d8380c78bf77766454b93b49ab2ebf713b0be48	commit \| diff

openssl: Fix compilation without deprecated OpenSSL 1.1 APIs

EVP_CIPHER_CTX_init and _cleanup were deprecated in 1.1 and both were
replaced with _reset.

EVP_CIPHER_CTX_free in OpenSSL 1.1 replaces the cleanup/free combo of
earlier OpenSSL version. And OpenSSL 1.0.2 already calls cleanup as part
of _free.

Therefore we can remove the _cleanup calls and use the OpenSSL 1.1. API
everywhere.

Also removed initialisation with OpenSSL 1.1 as it is no longer
needed and causes compilation errors when disabling deprecated APIs.

Same with SSL_CTX_set_ecdh_auto as it got removed.

Patch V3: Use EVP_CIPHER_CTX_reset instead of init/cleanup

Signed-off-by: Rosen Penev <rosenp@gmail.com>
Signed-off-by: Arne Schwabe <arne@rfc2549.org>
Acked-by: Rosen Penev <rosenp@gmail.com>
Acked-by: Steffan Karger <steffan.karger@fox-it.com>
Message-Id: <20190724152934.9884-1-arne@rfc2549.org>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg18700.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>

configure.ac		diff \| blob \| blame \| history
src/openvpn/crypto.c		diff \| blob \| blame \| history
src/openvpn/crypto_backend.h		diff \| blob \| blame \| history
src/openvpn/crypto_mbedtls.c		diff \| blob \| blame \| history
src/openvpn/crypto_openssl.c		diff \| blob \| blame \| history
src/openvpn/openssl_compat.h		diff \| blob \| blame \| history
src/openvpn/ssl_openssl.c		diff \| blob \| blame \| history