utils/apk/patches/010-openssl-deprecated.patch

   1 From c4c8aa5ba0ec6bf4c6d74c4807b66edfbd91be7c Mon Sep 17 00:00:00 2001
   2 From: Rosen Penev <rosenp@gmail.com>
   3 Date: Mon, 11 Jan 2021 01:51:58 -0800
   4 Subject: [PATCH] fix compilation without deprecated OpenSSL APIs
   5
   6 (De)initialization is deprecated under OpenSSL 1.0 and above.
   7
   8 [TT: Some simplifications, and additional edits.]
   9
  10 Signed-off-by: Rosen Penev <rosenp@gmail.com>
  11 ---
  12  libfetch/common.c | 12 ++++--------
  13  src/apk.c         | 26 +-------------------------
  14  src/apk_openssl.h | 27 +++++++++++++++++++++++++++
  15  3 files changed, 32 insertions(+), 33 deletions(-)
  16
  17 --- a/libfetch/common.c
  18 +++ b/libfetch/common.c
  19 @@ -583,15 +583,11 @@ static int fetch_ssl_setup_client_certif
  20  int
  21  fetch_ssl(conn_t *conn, const struct url *URL, int verbose)
  22  {
  23 -       /* Init the SSL library and context */
  24 -       if (!SSL_library_init()){
  25 -               fprintf(stderr, "SSL library init failed\n");
  26 -               return (-1);
  27 -       }
  28 -
  29 -       SSL_load_error_strings();
  30 -
  31 +#if OPENSSL_VERSION_NUMBER < 0x10100000L
  32         conn->ssl_meth = SSLv23_client_method();
  33 +#else
  34 +       conn->ssl_meth = TLS_client_method();
  35 +#endif
  36         conn->ssl_ctx = SSL_CTX_new(conn->ssl_meth);
  37         SSL_CTX_set_mode(conn->ssl_ctx, SSL_MODE_AUTO_RETRY);
  38
  39 --- a/src/apk.c
  40 +++ b/src/apk.c
  41 @@ -20,11 +20,6 @@
  42  #include <unistd.h>
  43  #include <sys/stat.h>
  44
  45 -#include <openssl/crypto.h>
  46 -#ifndef OPENSSL_NO_ENGINE
  47 -#include <openssl/engine.h>
  48 -#endif
  49 -
  50  #include <fetch.h>
  51
  52  #include "apk_defines.h"
  53 @@ -423,25 +418,6 @@ static int parse_options(int argc, char
  54         return 0;
  55  }
  56
  57 -static void fini_openssl(void)
  58 -{
  59 -       EVP_cleanup();
  60 -#ifndef OPENSSL_NO_ENGINE
  61 -       ENGINE_cleanup();
  62 -#endif
  63 -       CRYPTO_cleanup_all_ex_data();
  64 -}
  65 -
  66 -static void init_openssl(void)
  67 -{
  68 -       atexit(fini_openssl);
  69 -       OpenSSL_add_all_algorithms();
  70 -#ifndef OPENSSL_NO_ENGINE
  71 -       ENGINE_load_builtin_engines();
  72 -       ENGINE_register_all_complete();
  73 -#endif
  74 -}
  75 -
  76  static void on_sigwinch(int s)
  77  {
  78         apk_reset_screen_width();
  79 @@ -534,7 +510,7 @@ int main(int argc, char **argv)
  80                 apk_force |= applet->forced_force;
  81         }
  82
  83 -       init_openssl();
  84 +       apk_openssl_init();
  85         setup_automatic_flags();
  86         fetchTimeout = 60;
  87         fetchRedirectMethod = fetch_redirect;
  88 --- a/src/apk_openssl.h
  89 +++ b/src/apk_openssl.h
  90 @@ -11,7 +11,11 @@
  91  #define APK_SSL_COMPAT_H
  92
  93  #include <openssl/opensslv.h>
  94 +#include <openssl/crypto.h>
  95  #include <openssl/evp.h>
  96 +#ifndef OPENSSL_NO_ENGINE
  97 +#include <openssl/engine.h>
  98 +#endif
  99
 100  #if OPENSSL_VERSION_NUMBER < 0x1010000fL || (defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x2070000fL)
 101
 102 @@ -25,6 +29,29 @@ static inline void EVP_MD_CTX_free(EVP_M
 103         return EVP_MD_CTX_destroy(mdctx);
 104  }
 105
 106 +static inline void apk_openssl_cleanup(void)
 107 +{
 108 +       EVP_cleanup();
 109 +#ifndef OPENSSL_NO_ENGINE
 110 +       ENGINE_cleanup();
 111 +#endif
 112 +       CRYPTO_cleanup_all_ex_data();
 113 +}
 114 +
 115 +static inline void apk_openssl_init(void)
 116 +{
 117 +       atexit(apk_openssl_cleanup);
 118 +       OpenSSL_add_all_algorithms();
 119 +#ifndef OPENSSL_NO_ENGINE
 120 +       ENGINE_load_builtin_engines();
 121 +       ENGINE_register_all_complete();
 122 +#endif
 123 +}
 124 +
 125 +#else
 126 +
 127 +static inline void apk_openssl_init(void) {}
 128 +
 129  #endif
 130
 131  #endif