[1/2] openssl-1.1 update fixes

Message ID 149184657884.81255.5265454899843415583.stgit@lebasque.1015granger.net
State Accepted
Headers show

Commit Message

Chuck Lever April 10, 2017, 5:49 p.m.
From: Ian Kent <ikent@redhat.com>

Changing OpenSSL to version 1.1 changes the API in some cases.
The two functions excluded here do nothing and have been deprecated
or removed in OpenSSL 1.1.

Signed-off-by: Ian Kent <ikent@redhat.com>
---
 src/libnsdb/connsec.c |    4 ++++
 1 file changed, 4 insertions(+)

Comments

Ian Kent April 11, 2017, 8:54 a.m. | #1
On Mon, 2017-04-10 at 13:49 -0400, Chuck Lever wrote:
> From: Ian Kent <ikent@redhat.com>
> 
> Changing OpenSSL to version 1.1 changes the API in some cases.
> The two functions excluded here do nothing and have been deprecated
> or removed in OpenSSL 1.1.
> 
> Signed-off-by: Ian Kent <ikent@redhat.com>

Indeed yes, sorry, I meant to post this here myself but got side tracked.

> ---
>  src/libnsdb/connsec.c |    4 ++++
>  1 file changed, 4 insertions(+)
> 
> diff --git a/src/libnsdb/connsec.c b/src/libnsdb/connsec.c
> index bb81eee..8bbf306 100644
> --- a/src/libnsdb/connsec.c
> +++ b/src/libnsdb/connsec.c
> @@ -44,7 +44,9 @@ nsdb_connsec_crypto_startup(void)
>  {
>  	xlog(D_CALL, "%s", __func__);
>  
> +#if OPENSSL_VERSION_NUMBER < 0x10100000L
>  	CRYPTO_malloc_init();
> +#endif
>  	ERR_load_crypto_strings();
>  	OpenSSL_add_all_algorithms();
>  	ENGINE_load_builtin_engines();
> @@ -62,7 +64,9 @@ nsdb_connsec_crypto_shutdown(void)
>  	EVP_cleanup();
>  	ENGINE_cleanup();
>  	CRYPTO_cleanup_all_ex_data();
> +#if OPENSSL_VERSION_NUMBER < 0x10100000L
>  	ERR_remove_thread_state(NULL);
> +#endif
>  	ERR_free_strings();
>  }
>  
> 
> 
> _______________________________________________
> fedfs-utils-devel mailing list
> fedfs-utils-devel@oss.oracle.com
> https://oss.oracle.com/mailman/listinfo/fedfs-utils-devel
Chuck Lever April 11, 2017, 2:17 p.m. | #2
> On Apr 11, 2017, at 4:54 AM, Ian Kent <raven@themaw.net> wrote:
> 
> On Mon, 2017-04-10 at 13:49 -0400, Chuck Lever wrote:
>> From: Ian Kent <ikent@redhat.com>
>> 
>> Changing OpenSSL to version 1.1 changes the API in some cases.
>> The two functions excluded here do nothing and have been deprecated
>> or removed in OpenSSL 1.1.
>> 
>> Signed-off-by: Ian Kent <ikent@redhat.com>
> 
> Indeed yes, sorry, I meant to post this here myself but got side tracked.

No problem! I just pulled this patch from the fedoraproject notification.

Where does the OPENSSL_VERSION_NUMBER macro get defined?


>> ---
>>  src/libnsdb/connsec.c |    4 ++++
>>  1 file changed, 4 insertions(+)
>> 
>> diff --git a/src/libnsdb/connsec.c b/src/libnsdb/connsec.c
>> index bb81eee..8bbf306 100644
>> --- a/src/libnsdb/connsec.c
>> +++ b/src/libnsdb/connsec.c
>> @@ -44,7 +44,9 @@ nsdb_connsec_crypto_startup(void)
>>  {
>>  	xlog(D_CALL, "%s", __func__);
>>  
>> +#if OPENSSL_VERSION_NUMBER < 0x10100000L
>>  	CRYPTO_malloc_init();
>> +#endif
>>  	ERR_load_crypto_strings();
>>  	OpenSSL_add_all_algorithms();
>>  	ENGINE_load_builtin_engines();
>> @@ -62,7 +64,9 @@ nsdb_connsec_crypto_shutdown(void)
>>  	EVP_cleanup();
>>  	ENGINE_cleanup();
>>  	CRYPTO_cleanup_all_ex_data();
>> +#if OPENSSL_VERSION_NUMBER < 0x10100000L
>>  	ERR_remove_thread_state(NULL);
>> +#endif
>>  	ERR_free_strings();
>>  }
>>  
>> 
>> 
>> _______________________________________________
>> fedfs-utils-devel mailing list
>> fedfs-utils-devel@oss.oracle.com
>> https://oss.oracle.com/mailman/listinfo/fedfs-utils-devel
> 
> _______________________________________________
> fedfs-utils-devel mailing list
> fedfs-utils-devel@oss.oracle.com
> https://oss.oracle.com/mailman/listinfo/fedfs-utils-devel

--
Chuck Lever
Ian Kent April 15, 2017, 12:08 a.m. | #3
On Tue, 2017-04-11 at 10:17 -0400, Chuck Lever wrote:
> > On Apr 11, 2017, at 4:54 AM, Ian Kent <raven@themaw.net> wrote:
> > 
> > On Mon, 2017-04-10 at 13:49 -0400, Chuck Lever wrote:
> > > From: Ian Kent <ikent@redhat.com>
> > > 
> > > Changing OpenSSL to version 1.1 changes the API in some cases.
> > > The two functions excluded here do nothing and have been deprecated
> > > or removed in OpenSSL 1.1.
> > > 
> > > Signed-off-by: Ian Kent <ikent@redhat.com>
> > 
> > Indeed yes, sorry, I meant to post this here myself but got side tracked.
> 
> No problem! I just pulled this patch from the fedoraproject notification.
> 
> Where does the OPENSSL_VERSION_NUMBER macro get defined?

It's defined in one of the OpenSSL header files.
That's why I thought using it, and nothing else, was simplest and best to fix
the problem.

> 
> 
> > > ---
> > >  src/libnsdb/connsec.c |    4 ++++
> > >  1 file changed, 4 insertions(+)
> > > 
> > > diff --git a/src/libnsdb/connsec.c b/src/libnsdb/connsec.c
> > > index bb81eee..8bbf306 100644
> > > --- a/src/libnsdb/connsec.c
> > > +++ b/src/libnsdb/connsec.c
> > > @@ -44,7 +44,9 @@ nsdb_connsec_crypto_startup(void)
> > >  {
> > >  	xlog(D_CALL, "%s", __func__);
> > >  
> > > +#if OPENSSL_VERSION_NUMBER < 0x10100000L
> > >  	CRYPTO_malloc_init();
> > > +#endif
> > >  	ERR_load_crypto_strings();
> > >  	OpenSSL_add_all_algorithms();
> > >  	ENGINE_load_builtin_engines();
> > > @@ -62,7 +64,9 @@ nsdb_connsec_crypto_shutdown(void)
> > >  	EVP_cleanup();
> > >  	ENGINE_cleanup();
> > >  	CRYPTO_cleanup_all_ex_data();
> > > +#if OPENSSL_VERSION_NUMBER < 0x10100000L
> > >  	ERR_remove_thread_state(NULL);
> > > +#endif
> > >  	ERR_free_strings();
> > >  }
> > >  
> > > 
> > > 
> > > _______________________________________________
> > > fedfs-utils-devel mailing list
> > > fedfs-utils-devel@oss.oracle.com
> > > https://oss.oracle.com/mailman/listinfo/fedfs-utils-devel
> > 
> > _______________________________________________
> > fedfs-utils-devel mailing list
> > fedfs-utils-devel@oss.oracle.com
> > https://oss.oracle.com/mailman/listinfo/fedfs-utils-devel
> 
> --
> Chuck Lever
> 
> 
> 
> 
> _______________________________________________
> fedfs-utils-devel mailing list
> fedfs-utils-devel@oss.oracle.com
> https://oss.oracle.com/mailman/listinfo/fedfs-utils-devel

Patch

diff --git a/src/libnsdb/connsec.c b/src/libnsdb/connsec.c
index bb81eee..8bbf306 100644
--- a/src/libnsdb/connsec.c
+++ b/src/libnsdb/connsec.c
@@ -44,7 +44,9 @@  nsdb_connsec_crypto_startup(void)
 {
 	xlog(D_CALL, "%s", __func__);
 
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
 	CRYPTO_malloc_init();
+#endif
 	ERR_load_crypto_strings();
 	OpenSSL_add_all_algorithms();
 	ENGINE_load_builtin_engines();
@@ -62,7 +64,9 @@  nsdb_connsec_crypto_shutdown(void)
 	EVP_cleanup();
 	ENGINE_cleanup();
 	CRYPTO_cleanup_all_ex_data();
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
 	ERR_remove_thread_state(NULL);
+#endif
 	ERR_free_strings();
 }