external/subpack/net/vsftpd/patches/010-openssl-deprecated.patch

From 0ea55455703eb69d7617968424e4bede59f39b83 Mon Sep 17 00:00:00 2001
From: Rosen Penev <rosenp@gmail.com>
Date: Fri, 23 Nov 2018 18:03:32 -0800
Subject: [PATCH] ssl: Fix compile without Deprecated APIs and no ECC support

Signed-off-by: Rosen Penev <rosenp@gmail.com>
---
 ssl.c | 11 +++++++++++
 1 file changed, 11 insertions(+)

--- a/ssl.c
+++ b/ssl.c
@@ -28,6 +28,9 @@
 #include <openssl/err.h>
 #include <openssl/rand.h>
 #include <openssl/bio.h>
+#ifndef OPENSSL_NO_EC
+#include <openssl/ec.h>
+#endif
 #include <errno.h>
 #include <limits.h>
 
@@ -59,8 +62,12 @@ ssl_init(struct vsf_session* p_sess)
     SSL_CTX* p_ctx;
     long options;
     int verify_option = 0;
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
     SSL_library_init();
     p_ctx = SSL_CTX_new(SSLv23_server_method());
+#else
+    p_ctx = SSL_CTX_new(TLS_server_method());
+#endif
     if (p_ctx == NULL)
     {
       die("SSL: could not allocate SSL context");
@@ -120,6 +127,7 @@ ssl_init(struct vsf_session* p_sess)
     {
       die("SSL: RNG is not seeded");
     }
+#ifndef OPENSSL_NO_EC
     {
       EC_KEY* key = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1);
       if (key == NULL)
@@ -129,6 +137,7 @@ ssl_init(struct vsf_session* p_sess)
       SSL_CTX_set_tmp_ecdh(p_ctx, key);
       EC_KEY_free(key);
     }
+#endif
     if (tunable_ssl_request_cert)
     {
       verify_option |= SSL_VERIFY_PEER;
@@ -660,7 +669,9 @@ ssl_cert_digest(SSL* p_ssl, struct vsf_s
 static char*
 get_ssl_error()
 {
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
   SSL_load_error_strings();
+#endif
   return ERR_error_string(ERR_get_error(), NULL);
 }