This prevents a direct leak in OPENSSL_init_crypto (called from
OPENSSL_init_ssl).
Add shim version of OPENSSL_cleanup because it is missing in LibreSSL on
OpenBSD.
(cherry picked from commit
89f4f8f0c89a5243ba9fa343d492b15fd97e4df0)
/* Define to 1 if you have the <net/route.h> header file. */
#undef HAVE_NET_ROUTE_H
+/* Define to 1 if you have the `OPENSSL_cleanup' function. */
+#undef HAVE_OPENSSL_CLEANUP
+
/* define if OpenSSL supports Ed25519 */
#undef HAVE_OPENSSL_ED25519
# Check for functions added in OpenSSL or LibreSSL
#
-AC_CHECK_FUNCS([OPENSSL_init_ssl OPENSSL_init_crypto])
+AC_CHECK_FUNCS([OPENSSL_init_ssl OPENSSL_init_crypto OPENSSL_cleanup])
AC_CHECK_FUNCS([CRYPTO_zalloc])
AC_CHECK_FUNCS([EVP_CIPHER_CTX_new EVP_CIPHER_CTX_free])
AC_CHECK_FUNCS([EVP_MD_CTX_new EVP_MD_CTX_free EVP_MD_CTX_reset])
return (1);
}
#endif
+
+#if !HAVE_OPENSSL_CLEANUP
+void
+OPENSSL_cleanup(void) {
+ return;
+}
+#endif
#endif
+#if !HAVE_OPENSSL_CLEANUP
+void
+OPENSSL_cleanup(void);
+#endif
+
#if !HAVE_TLS_SERVER_METHOD
#define TLS_server_method SSLv23_server_method
#endif
#include <openssl/bn.h>
#include <openssl/conf.h>
+#include <openssl/crypto.h>
#include <openssl/err.h>
#include <openssl/opensslv.h>
#include <openssl/rand.h>
REQUIRE(atomic_load(&init_done));
REQUIRE(!atomic_load(&shut_done));
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
-
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
+ OPENSSL_cleanup();
+#else
CONF_modules_unload(1);
OBJ_cleanup();
EVP_cleanup();
projects / thirdparty / bind9.git / commitdiff
