From cbc80a42d34baca5dfee8ade0c334921ebef8c3b Mon Sep 17 00:00:00 2001 From: Mark Andrews Date: Thu, 10 Aug 2017 10:16:26 +1000 Subject: [PATCH] 4676. [cleanup] Allow BIND to be built using OpenSSL 1.0.X with deprecated functions removed. [RT #45706] --- CHANGES | 3 +++ lib/dns/openssl_link.c | 20 ++++++++++++++++++-- 2 files changed, 21 insertions(+), 2 deletions(-) diff --git a/CHANGES b/CHANGES index c455ca9579..0b20a7479a 100644 --- a/CHANGES +++ b/CHANGES @@ -1,3 +1,6 @@ +4676. [cleanup] Allow BIND to be built using OpenSSL 1.0.X with + deprecated functions removed. [RT #45706] + 4675. [cleanup] Don't use C++ keyword class. [RT #45726] 4674. [func] "dig +sigchase", and related options "+topdown" and diff --git a/lib/dns/openssl_link.c b/lib/dns/openssl_link.c index 88e7921d46..c0578d3077 100644 --- a/lib/dns/openssl_link.c +++ b/lib/dns/openssl_link.c @@ -104,7 +104,7 @@ entropy_add(const void *buf, int num, double entropy) { } #endif -#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) +#if OPENSSL_VERSION_NUMBER >= 0x10000000L && OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) static void lock_callback(int mode, int type, const char *file, int line) { UNUSED(file); @@ -114,7 +114,9 @@ lock_callback(int mode, int type, const char *file, int line) { else UNLOCK(&locks[type]); } +#endif +#if OPENSSL_VERSION_NUMBER < 0x10000000L static unsigned long id_callback(void) { return ((unsigned long)isc_thread_self()); @@ -178,6 +180,14 @@ mem_realloc(void *ptr, size_t size FLARG) { #endif } +#if OPENSSL_VERSION_NUMBER >= 0x10000000L && OPENSSL_VERSION_NUMBER < 0x10100000L +static void +_set_thread_id(CRYPTO_THREADID *id) +{ + CRYPTO_THREADID_set_numeric(id, (unsigned long)pthread_self()); +} +#endif + isc_result_t dst__openssl_init(const char *engine) { isc_result_t result; @@ -203,7 +213,11 @@ dst__openssl_init(const char *engine) { if (result != ISC_R_SUCCESS) goto cleanup_mutexalloc; CRYPTO_set_locking_callback(lock_callback); +# if OPENSSL_VERSION_NUMBER >= 0x10000000L + CRYPTO_THREADID_set_callback(_set_thread_id); +# else CRYPTO_set_id_callback(id_callback); +# endif ERR_load_crypto_strings(); #endif @@ -324,7 +338,9 @@ dst__openssl_destroy(void) { CRYPTO_cleanup_all_ex_data(); #endif ERR_clear_error(); -#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) +#if OPENSSL_VERSION_NUMBER >= 0x10000000L && OPENSSL_VERSION_NUMBER < 0x10100000L + ERR_remove_thread_state(NULL); +#elif OPENSSL_VERSION_NUMBER < 0x10000000L || defined(LIBRESSL_VERSION_NUMBER) ERR_remove_state(0); #endif ERR_free_strings();