LibreSSL: Fix TLS initialization/deinitialization

Due to a missing guard for old OpenSSL code, SSL_library_init() was not
called, which is required for LibreSSL. Likewise for cleanup.

Signed-off-by: Christian Neukirchen <chneukirchen@gmail.com>

diff --git a/src/crypto/tls_openssl.c b/src/crypto/tls_openssl.c
index 23ac64b48cd9ba373678cd5373d6c2d15ae7f810..b07931e2dd74ee41108868b1dc7fa89a904817d0 100644 (file)
--- a/src/crypto/tls_openssl.c
+++ b/src/crypto/tls_openssl.c
@@ -919,7 +919,7 @@ void * tls_init(const struct tls_config *conf)
                }
 #endif /* OPENSSL_FIPS */
 #endif /* CONFIG_FIPS */
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
                SSL_load_error_strings();
                SSL_library_init();
 #ifndef OPENSSL_NO_SHA256
@@ -1043,7 +1043,7 @@ void tls_deinit(void *ssl_ctx)
 
        tls_openssl_ref_count--;
        if (tls_openssl_ref_count == 0) {
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
 #ifndef OPENSSL_NO_ENGINE
                ENGINE_cleanup();
 #endif /* OPENSSL_NO_ENGINE */
@@ -2334,7 +2334,7 @@ static int tls_connection_client_cert(struct tls_connection *conn,
                return 0;
 
 #ifdef PKCS12_FUNCS
-#if OPENSSL_VERSION_NUMBER < 0x10002000L
+#if OPENSSL_VERSION_NUMBER < 0x10002000L || defined(LIBRESSL_VERSION_NUMBER)
        /*
         * Clear previously set extra chain certificates, if any, from PKCS#12
         * processing in tls_parse_pkcs12() to allow OpenSSL to build a new