Gitiles
Code Review Sign In
192.168.1.100 / T108 / e958203796650e3959a43708d67534bf36f4c83b / . / external / subpack / net / freeradius3 / patches / 010-openssl-deprecated.patch
blob: aeaf4928e635c3b0828d5f09cad20d2d71e3c4eb [file] [log] [blame]
b.liue9582032025-04-17 19:18:16 +0800[diff] [blame^]1--- a/src/main/threads.c
2+++ b/src/main/threads.c
3@@ -298,6 +298,7 @@ static void ssl_locking_function(int mod
4 */
5 int tls_mutexes_init(void)
6 {
7+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
8 int i;
9
10 ssl_mutexes = rad_malloc(CRYPTO_num_locks() * sizeof(pthread_mutex_t));
11@@ -316,6 +317,7 @@ int tls_mutexes_init(void)
12 #ifdef HAVE_CRYPTO_SET_LOCKING_CALLBACK
13 CRYPTO_set_locking_callback(ssl_locking_function);
14 #endif
15+#endif
16
17 return 0;
18 }
19--- a/src/main/tls.c
20+++ b/src/main/tls.c
21@@ -55,6 +55,7 @@ USES_APPLE_DEPRECATED_API /* OpenSSL API
22 # include <openssl/evp.h>
23 # endif
24 # include <openssl/ssl.h>
25+# include <openssl/dh.h>
26
27 #define LOG_PREFIX "tls"
28
29@@ -2133,7 +2134,7 @@ int cbtls_verify(int ok, X509_STORE_CTX
30 int my_ok = ok;
31
32 ASN1_INTEGER *sn = NULL;
33- ASN1_TIME *asn_time = NULL;
34+ const ASN1_TIME *asn_time = NULL;
35 VALUE_PAIR **certs;
36 char **identity;
37 #ifdef HAVE_OPENSSL_OCSP_H
38@@ -2207,7 +2208,7 @@ int cbtls_verify(int ok, X509_STORE_CTX
39 * Get the Expiration Date
40 */
41 buf[0] = '\0';
42- asn_time = X509_get_notAfter(client_cert);
43+ asn_time = X509_get0_notAfter(client_cert);
44 if (certs && (lookup <= 1) && asn_time &&
45 (asn_time->length < (int) sizeof(buf))) {
46 memcpy(buf, (char*) asn_time->data, asn_time->length);
47@@ -2220,7 +2221,7 @@ int cbtls_verify(int ok, X509_STORE_CTX
48 * Get the Valid Since Date
49 */
50 buf[0] = '\0';
51- asn_time = X509_get_notBefore(client_cert);
52+ asn_time = X509_get0_notBefore(client_cert);
53 if (certs && (lookup <= 1) && asn_time &&
54 (asn_time->length < (int) sizeof(buf))) {
55 memcpy(buf, (char*) asn_time->data, asn_time->length);
56@@ -2690,10 +2691,12 @@ static int set_ecdh_curve(SSL_CTX *ctx,
57 */
58 int tls_global_init(bool spawn_flag, bool check)
59 {
60+#if OPENSSL_VERSION_NUMBER < 0x10100000L
61 SSL_load_error_strings(); /* readable error messages (examples show call before library_init) */
62 SSL_library_init(); /* initialize library */
63 OpenSSL_add_all_algorithms(); /* required for SHA2 in OpenSSL < 0.9.8o and 1.0.0.a */
64 CONF_modules_load_file(NULL, NULL, 0);
65+#endif
66
67 /*
68 * Initialize the index for the certificates.
69@@ -2769,6 +2772,7 @@ int tls_global_version_check(char const
70 */
71 void tls_global_cleanup(void)
72 {
73+#if OPENSSL_VERSION_NUMBER < 0x10100000L
74 #if OPENSSL_VERSION_NUMBER < 0x10000000L
75 ERR_remove_state(0);
76 #elif OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
77@@ -2781,6 +2785,7 @@ void tls_global_cleanup(void)
78 ERR_free_strings();
79 EVP_cleanup();
80 CRYPTO_cleanup_all_ex_data();
81+#endif
82 }
83
84
85--- a/src/main/version.c
86+++ b/src/main/version.c
87@@ -54,7 +54,7 @@ int ssl_check_consistency(void)
88 {
89 long ssl_linked;
90
91- ssl_linked = SSLeay();
92+ ssl_linked = OpenSSL_version_num();
93
94 /*
95 * Major and minor versions mismatch, that's bad.
96@@ -152,7 +152,7 @@ char const *ssl_version_num(void)
97 {
98 long ssl_linked;
99
100- ssl_linked = SSLeay();
101+ ssl_linked = OpenSSL_version_num();
102 return ssl_version_by_num((uint32_t)ssl_linked);
103 }
104
105@@ -188,10 +188,10 @@ char const *ssl_version(void)
106 {
107 static char buffer[256];
108
109- uint32_t v = SSLeay();
110+ uint32_t v = OpenSSL_version_num();
111
112 snprintf(buffer, sizeof(buffer), "%s 0x%.8x (%s)",
113- SSLeay_version(SSLEAY_VERSION), /* Not all builds include a useful version number */
114+ OpenSSL_version(OPENSSL_VERSION), /* Not all builds include a useful version number */
115 v,
116 ssl_version_by_num(v));
117