git: be6ed6b2779a - stable/13 - libfetch: do not call deprecated OpenSSL functions
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Wed, 11 Feb 2026 20:42:06 UTC
The branch stable/13 has been updated by des:
URL: https://cgit.FreeBSD.org/src/commit/?id=be6ed6b2779a883e2583763634db4fff9077ddbc
commit be6ed6b2779a883e2583763634db4fff9077ddbc
Author: Ed Maste <emaste@FreeBSD.org>
AuthorDate: 2023-05-25 15:24:48 +0000
Commit: Dag-Erling Smørgrav <des@FreeBSD.org>
CommitDate: 2026-02-11 13:53:17 +0000
libfetch: do not call deprecated OpenSSL functions
As of OpenSSL 1.1 SSL_library_init() and SSL_load_error_strings() are
deprecated. There are replacement initialization functions but they do
not need to be called: "As of version 1.1.0 OpenSSL will automatically
allocate all resources that it needs so no explicit initialisation is
required."
Wrap both calls in an OPENSSL_VERSION_NUMBER block.
PR: 271615
Reviewed by: Pierre Pronchery <pierre@freebsdfoundation.org>
Event: Kitchener-Waterloo Hackathon 202305
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D40265
(cherry picked from commit 01aee8c92d936470c44821736e0d9e11ed7ce812)
---
lib/libfetch/common.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/lib/libfetch/common.c b/lib/libfetch/common.c
index 766aa2200f26..3a7aba160206 100644
--- a/lib/libfetch/common.c
+++ b/lib/libfetch/common.c
@@ -1196,6 +1196,7 @@ fetch_ssl(conn_t *conn, const struct url *URL, int verbose)
X509_NAME *name;
char *str;
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
/* Init the SSL library and context */
if (!SSL_library_init()){
fprintf(stderr, "SSL library init failed\n");
@@ -1203,6 +1204,7 @@ fetch_ssl(conn_t *conn, const struct url *URL, int verbose)
}
SSL_load_error_strings();
+#endif
conn->ssl_meth = SSLv23_client_method();
conn->ssl_ctx = SSL_CTX_new(conn->ssl_meth);