mirror of
https://github.com/freebsd/freebsd-src
synced 2024-10-07 00:50:50 +00:00
rpc.tls[serv|clnt]d.c: Clean up code for OpenSSL3
There were several function calls that are deprecated for OpenSSL1.1.1. These have been removed. There was also a function call deprecated for OpenSSL3 and that one has been #ifdef'd on OPENSSL_VERSION_NUMBER. Reviewed by: emaste, ngie Differential Revision: https://reviews.freebsd.org/D40275
This commit is contained in:
parent
fe590ffe40
commit
88ea962879
|
@ -299,7 +299,6 @@ main(int argc, char **argv)
|
|||
rpctls_syscall(RPCTLS_SYSC_CLSHUTDOWN, "");
|
||||
|
||||
SSL_CTX_free(rpctls_ctx);
|
||||
EVP_cleanup();
|
||||
return (0);
|
||||
}
|
||||
|
||||
|
@ -480,17 +479,12 @@ rpctls_setupcl_ssl(void)
|
|||
size_t len, rlen;
|
||||
int ret;
|
||||
|
||||
SSL_library_init();
|
||||
SSL_load_error_strings();
|
||||
OpenSSL_add_all_algorithms();
|
||||
|
||||
ctx = SSL_CTX_new(TLS_client_method());
|
||||
if (ctx == NULL) {
|
||||
rpctls_verbose_out("rpctls_setupcl_ssl: SSL_CTX_new "
|
||||
"failed\n");
|
||||
return (NULL);
|
||||
}
|
||||
SSL_CTX_set_ecdh_auto(ctx, 1);
|
||||
|
||||
if (rpctls_ciphers != NULL) {
|
||||
/*
|
||||
|
@ -686,7 +680,11 @@ rpctls_connect(SSL_CTX *ctx, int s, char *certname, u_int certlen, X509 **certp)
|
|||
return (NULL);
|
||||
}
|
||||
|
||||
#if OPENSSL_VERSION_NUMBER >= 0x30000000
|
||||
cert = SSL_get1_peer_certificate(ssl);
|
||||
#else
|
||||
cert = SSL_get_peer_certificate(ssl);
|
||||
#endif
|
||||
if (cert == NULL) {
|
||||
rpctls_verbose_out("rpctls_connect: get peer"
|
||||
" certificate failed\n");
|
||||
|
|
|
@ -416,7 +416,6 @@ main(int argc, char **argv)
|
|||
rpctls_svc_run();
|
||||
|
||||
SSL_CTX_free(rpctls_ctx);
|
||||
EVP_cleanup();
|
||||
return (0);
|
||||
}
|
||||
|
||||
|
@ -652,16 +651,11 @@ rpctls_setup_ssl(const char *certdir)
|
|||
size_t len, rlen;
|
||||
int ret;
|
||||
|
||||
SSL_library_init();
|
||||
SSL_load_error_strings();
|
||||
OpenSSL_add_all_algorithms();
|
||||
|
||||
ctx = SSL_CTX_new(TLS_server_method());
|
||||
if (ctx == NULL) {
|
||||
rpctls_verbose_out("rpctls_setup_ssl: SSL_CTX_new failed\n");
|
||||
return (NULL);
|
||||
}
|
||||
SSL_CTX_set_ecdh_auto(ctx, 1);
|
||||
|
||||
if (rpctls_ciphers != NULL) {
|
||||
/*
|
||||
|
@ -811,7 +805,11 @@ rpctls_server(SSL_CTX *ctx, int s, uint32_t *flags, uint32_t *uidp,
|
|||
SSL_get_cipher(ssl));
|
||||
}
|
||||
if (rpctls_do_mutual) {
|
||||
#if OPENSSL_VERSION_NUMBER >= 0x30000000
|
||||
cert = SSL_get1_peer_certificate(ssl);
|
||||
#else
|
||||
cert = SSL_get_peer_certificate(ssl);
|
||||
#endif
|
||||
if (cert != NULL) {
|
||||
if (!rpctls_verbose) {
|
||||
gethostret = rpctls_gethost(s, sad, hostnam,
|
||||
|
|
Loading…
Reference in a new issue