]> git.ipfire.org Git - thirdparty/postfix.git/commitdiff
projects / thirdparty / postfix.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 32f2117)
Bitrot: auto-initialization of OpenSSL 1.1.0
authorViktor Dukhovni <postfix-users@dukhovni.org>
Mon, 15 Feb 2016 06:13:06 +0000 (01:13 -0500)
committerViktor Dukhovni <postfix-users@dukhovni.org>
Thu, 26 May 2016 04:43:54 +0000 (00:43 -0400)
The functions SSL_library_init(), SSL_load_error_strings() and
OpenSSL_add_ssl_algorithms() are deprecated in OpenSSL 1.1.0.

Instead the library auto-initializes.  Though it is possible to
call OPENSSL_init_crypto() and OPENSSL_init_ssl() for explicit
control over initialization, for now there is no apparent reason
to do so.  This may change, so explicit initialization might yet
become necessary.

postfix/src/tls/tls_client.c patch | blob | blame | history
postfix/src/tls/tls_server.c patch | blob | blame | history

diff --git a/postfix/src/tls/tls_client.c b/postfix/src/tls/tls_client.c
index 2695cb31e2820c3eff1cd5298eb772828d001123..878ed31567fa773524a878f518a2fca614d37731 100644 (file)
--- a/postfix/src/tls/tls_client.c
+++ b/postfix/src/tls/tls_client.c
@@ -314,6 +314,7 @@ TLS_APPL_STATE *tls_client_init(const TLS_CLIENT_INIT_PROPS *props)
      */
     tls_check_version();
 
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
     /*
      * Initialize the OpenSSL library by the book! To start with, we must
      * initialize the algorithms. We want cleartext error messages instead of
@@ -321,6 +322,7 @@ TLS_APPL_STATE *tls_client_init(const TLS_CLIENT_INIT_PROPS *props)
      */
     SSL_load_error_strings();
     OpenSSL_add_ssl_algorithms();
+#endif
 
     /*
      * Create an application data index for SSL objects, so that we can
diff --git a/postfix/src/tls/tls_server.c b/postfix/src/tls/tls_server.c
index 773f8defdb9cb9ee2368148665225c0930df6889..f0bd2e93d6ca7b2f9a177ee49fb2525f265d2206 100644 (file)
--- a/postfix/src/tls/tls_server.c
+++ b/postfix/src/tls/tls_server.c
@@ -328,6 +328,7 @@ TLS_APPL_STATE *tls_server_init(const TLS_SERVER_INIT_PROPS *props)
      */
     tls_check_version();
 
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
     /*
      * Initialize the OpenSSL library by the book! To start with, we must
      * initialize the algorithms. We want cleartext error messages instead of
@@ -335,6 +336,7 @@ TLS_APPL_STATE *tls_server_init(const TLS_SERVER_INIT_PROPS *props)
      */
     SSL_load_error_strings();
     OpenSSL_add_ssl_algorithms();
+#endif
 
     /*
      * First validate the protocols. If these are invalid, we can't continue.
Mirror of https://github.com/vdukhovni/postfix.git