Archives/SSLproxy
2
0
Fork 0
mirror of https://github.com/sonertari/SSLproxy synced 2024-10-31 21:20:21 +00:00
Code Issues Packages Projects Releases Wiki Activity

Suppress deprecation warnings for engines with OpenSSL 3.x

Browse Source 
Engines are deprecated but should still work
This commit is contained in:
Soner Tari 2024-09-28 15:35:42 +03:00
parent 97e52bc95d
commit 1e726e0eac
1 changed files with 31 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

52
src/ssl.c
View File

@ -518,27 +518,6 @@ ssl_fini(void)
ssl_initialized = 0; ssl_initialized = 0;
} }
/*
* Look up an OpenSSL engine by ID or by full path and load it as default
* engine. This works globally, not on specific SSL_CTX or SSL instances.
* OpenSSL must already have been initialized when calling this function.
* Returns 0 on success, -1 on failure.
*/
#ifndef OPENSSL_NO_ENGINE
int
ssl_engine(const char *name) {
ENGINE *engine;
engine = ENGINE_by_id(name);
if (!engine)
return -1;
if (!ENGINE_set_default(engine, ENGINE_METHOD_ALL))
return -1;
return 0;
}
#endif /* !OPENSSL_NO_ENGINE */
/* /*
* Format raw SHA1 hash into newly allocated string, with or without colons. * Format raw SHA1 hash into newly allocated string, with or without colons.
*/ */
@ -2396,4 +2375,35 @@ continue_search:
return 1; return 1;
} }
/*
* Look up an OpenSSL engine by ID or by full path and load it as default
* engine. This works globally, not on specific SSL_CTX or SSL instances.
* OpenSSL must already have been initialized when calling this function.
* Returns 0 on success, -1 on failure.
*/
#ifndef OPENSSL_NO_ENGINE
int
ssl_engine(const char *name) {
ENGINE *engine;
// Engines are deprecated but should still work with OpenSSL 3.x, so we just suppress the deprecation warnings
// ATTENTION: We have moved this function to the bottom of file, so we can suppress the warnings for engine functions only
// https://docs.openssl.org/3.0/man7/migration_guide
// "If openssl is not built without engine support or deprecated API support, engines will still work.
// However, their applicability will be limited.
// New algorithms provided via engines will still work."
#if OPENSSL_VERSION_NUMBER >= 0x30000000L && !defined(LIBRESSL_VERSION_NUMBER)
#pragma GCC diagnostic ignored "-Wdeprecated-declarations"
#endif /* OPENSSL_VERSION_NUMBER >= 0x30000000L */
engine = ENGINE_by_id(name);
if (!engine)
return -1;
if (!ENGINE_set_default(engine, ENGINE_METHOD_ALL))
return -1;
return 0;
}
#endif /* !OPENSSL_NO_ENGINE */
/* vim: set noet ft=c: */ /* vim: set noet ft=c: */