ComputerSurge/bind9
3
0
Fork 0
Code Pull Requests 1 Activity

Use OpenSSL version macro instead of function check

Browse Source 
Unless being configured with the `no-deprecated` option, OpenSSL 3.0.0
still has the deprecated APIs present and will throw warnings during
compilation, when using them.

Make sure that the old APIs are being used only with the older versions
of OpenSSL.
This commit is contained in:
Aram Sargsyan
2021-10-06 14:18:49 +00:00
parent e18777c758
commit 965bdd9894
1 changed files with 3 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
lib/isc/tls.c
View File

@@ -480,7 +480,7 @@ isc_tlsctx_load_dhparams(isc_tlsctx_t *ctx, const char *dhparams_file) {
REQUIRE(dhparams_file != NULL);
REQUIRE(*dhparams_file != '\0');
#ifdef SSL_CTX_set_tmp_dh
#if OPENSSL_VERSION_NUMBER < 0x30000000L
/* OpenSSL < 3.0 */
DH *dh = NULL;
FILE *paramfile;
@@ -509,7 +509,7 @@ isc_tlsctx_load_dhparams(isc_tlsctx_t *ctx, const char *dhparams_file) {
DH_free(dh);
#else
/* OpenSSL >= 3.0: SSL_CTX_set_tmp_dh() is deprecated in OpenSSL 3.0 */
/* OpenSSL >= 3.0: low level DH APIs are deprecated in OpenSSL 3.0 */
EVP_PKEY *dh = NULL;
BIO *bio = NULL;
@@ -534,7 +534,7 @@ isc_tlsctx_load_dhparams(isc_tlsctx_t *ctx, const char *dhparams_file) {
* SSL context at this point. */
BIO_free(bio);
#endif
#endif /* OPENSSL_VERSION_NUMBER < 0x30000000L */
return (true);
}