From: kpcyrd <git@rxv.cc>
Date: Wed, 7 Aug 2024 11:50:58 +0000 (+0200)
Subject: Only include custom OpenSSL ABI checks for OpenSSL 1.1
X-Git-Tag: tor-0.4.9.2-alpha~16^2
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=55278de2021cb43a165170a2dad6d85f8d49fe79;p=thirdparty%2Ftor.git

Only include custom OpenSSL ABI checks for OpenSSL 1.1

OpenSSL has a [Policy on API compatibility in minor releases][1] saying:

[1]: https://openssl-library.org/policies/technical/api-compat/

> Only API additions are allowed in minor releases.

Minor releases are defined as 3.X.0. A change to 4.X.X would change the
libssl.so.3 SONAME to libssl.so.4 so the (possibly) incompatible library would
not get loaded in the first place.

This warning message is causing confusion between unrelated issues in the Arch
Linux bug tracker.
---

diff --git a/src/lib/crypt_ops/crypto_openssl_mgt.c b/src/lib/crypt_ops/crypto_openssl_mgt.c
index ca12a82518..39d1de9104 100644
--- a/src/lib/crypt_ops/crypto_openssl_mgt.c
+++ b/src/lib/crypt_ops/crypto_openssl_mgt.c
@@ -227,6 +227,7 @@ crypto_openssl_early_init(void)
 
     setup_openssl_threading();
 
+#ifdef OPENSSL_1_1_API
     unsigned long version_num = tor_OpenSSL_version_num();
     const char *version_str = crypto_openssl_get_version_str();
     if (version_num == OPENSSL_VERSION_NUMBER &&
@@ -248,6 +249,7 @@ crypto_openssl_early_init(void)
                (unsigned long)OPENSSL_VERSION_NUMBER, OPENSSL_VERSION_TEXT,
                version_num, version_str);
     }
+#endif /* defined(OPENSSL_1_1_API) */
 
     crypto_force_rand_ssleay();
 }