From patchwork Sun Sep 19 06:29:50 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Arne Schwabe X-Patchwork-Id: 1958 Return-Path: Delivered-To: patchwork@openvpn.net Delivered-To: patchwork@openvpn.net Received: from director8.mail.ord1d.rsapps.net ([172.31.255.6]) by backend30.mail.ord1d.rsapps.net with LMTP id 4EhuBNllR2GUHgAAIUCqbw (envelope-from ) for ; Sun, 19 Sep 2021 12:31:21 -0400 Received: from proxy20.mail.iad3b.rsapps.net ([172.31.255.6]) by director8.mail.ord1d.rsapps.net with LMTP id OFmnA9llR2G+EgAAfY0hYg (envelope-from ) for ; Sun, 19 Sep 2021 12:31:21 -0400 Received: from smtp34.gate.iad3b ([172.31.255.6]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) by proxy20.mail.iad3b.rsapps.net with LMTPS id oHfgOdhlR2HXCgAAcDxLoQ (envelope-from ) for ; Sun, 19 Sep 2021 12:31:20 -0400 X-Spam-Threshold: 95 X-Spam-Score: 0 X-Spam-Flag: NO X-Virus-Scanned: OK X-Orig-To: openvpnslackdevel@openvpn.net X-Originating-Ip: [216.105.38.7] Authentication-Results: smtp34.gate.iad3b.rsapps.net; iprev=pass policy.iprev="216.105.38.7"; spf=pass smtp.mailfrom="openvpn-devel-bounces@lists.sourceforge.net" smtp.helo="lists.sourceforge.net"; dkim=fail (signature verification failed) header.d=sourceforge.net; dkim=fail (signature verification failed) header.d=sf.net; dmarc=none (p=nil; dis=none) header.from=rfc2549.org X-Suspicious-Flag: YES X-Classification-ID: 051f9c26-1967-11ec-a204-5254005e8ddb-1-1 Received: from [216.105.38.7] ([216.105.38.7:44142] helo=lists.sourceforge.net) by smtp34.gate.iad3b.rsapps.net (envelope-from ) (ecelerity 4.2.38.62370 r(:)) with ESMTPS (cipher=DHE-RSA-AES256-GCM-SHA384) id FD/51-02284-8D567416; Sun, 19 Sep 2021 12:31:20 -0400 Received: from [127.0.0.1] (helo=sfs-ml-4.v29.lw.sourceforge.com) by sfs-ml-4.v29.lw.sourceforge.com with esmtp (Exim 4.90_1) (envelope-from ) id 1mRzi1-0000EX-G7; Sun, 19 Sep 2021 16:30:29 +0000 Received: from [172.30.20.202] (helo=mx.sourceforge.net) by sfs-ml-4.v29.lw.sourceforge.com with esmtps (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.90_1) (envelope-from ) id 1mRzht-0000DF-1t for openvpn-devel@lists.sourceforge.net; Sun, 19 Sep 2021 16:30:21 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=Content-Transfer-Encoding:MIME-Version:References: In-Reply-To:Message-Id:Date:Subject:To:From:Sender:Reply-To:Cc:Content-Type: Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender: Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=WmNgJtwB2p1HlFD5L3fwoHpOn+zxYhJE9e5XCrOaTFU=; b=ab+3mH7cIlQHgXVVZJuJXH5OES he/+BMrjuYhgbF5anXLssetUBlPLe8Zs1AlWqay55bDK+rPuThiGHohX/dmDsgPv2qoG+xeGuaULK 5hlOX2HfnQ5CBOHajnr39kjLDuJvZsK6jQ0VufHoSrj7w/6A3mk10e7e2aDlnzBjTHEk=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=Content-Transfer-Encoding:MIME-Version:References:In-Reply-To:Message-Id: Date:Subject:To:From:Sender:Reply-To:Cc:Content-Type:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=WmNgJtwB2p1HlFD5L3fwoHpOn+zxYhJE9e5XCrOaTFU=; b=BVdciqybJsQ6FogV4ht3/LlgC1 Gl8S70sO7QNzRbAnlr0J8BJbx7S5Pc7FLIGXuGpcA1t2VzXS6me8LCcXnbcYv/RaA/QkLLDzqzl8r 7BUw3ue3nSbC/r+6F3GYOgY5eUyUnBtNKaZ2GBG5dvkhvaF2YJzdrJBELk0VHPJVMwZA=; Received: from mail.blinkt.de ([192.26.174.232]) by sfi-mx-1.v28.lw.sourceforge.com with esmtps (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.92.3) id 1mRzhi-00Fy7Q-DE for openvpn-devel@lists.sourceforge.net; Sun, 19 Sep 2021 16:30:13 +0000 Received: from kamera.blinkt.de ([2001:638:502:390:20c:29ff:fec8:535c]) by mail.blinkt.de with smtp (Exim 4.94.2 (FreeBSD)) (envelope-from ) id 1mRzhU-0002YW-BA for openvpn-devel@lists.sourceforge.net; Sun, 19 Sep 2021 18:29:56 +0200 Received: (nullmailer pid 695552 invoked by uid 10006); Sun, 19 Sep 2021 16:29:56 -0000 From: Arne Schwabe To: openvpn-devel@lists.sourceforge.net Date: Sun, 19 Sep 2021 18:29:50 +0200 Message-Id: <20210919162956.695496-2-arne@rfc2549.org> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20210919162956.695496-1-arne@rfc2549.org> References: <20210919162956.695496-1-arne@rfc2549.org> MIME-Version: 1.0 X-Spam-Report: Spam detection software, running on the system "util-spamd-2.v13.lw.sourceforge.com", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Engine support is deprecated in OpenSSL 3.0. No longer use the deprecated API when running with OpenSSL 3.0 --- src/openvpn/crypto_openssl.c | 13 +++++++------ 1 file changed, 7 insertions(+), 6 delet [...] Content analysis details: (0.3 points, 6.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 0.0 SPF_NONE SPF: sender does not publish an SPF Record 0.2 HEADER_FROM_DIFFERENT_DOMAINS From and EnvelopeFrom 2nd level mail domains are different 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record X-Headers-End: 1mRzhi-00Fy7Q-DE Subject: [Openvpn-devel] [PATCH 2/8] [OSSL 3.0] Disable engine support for OpenSSL 3.0 X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox Engine support is deprecated in OpenSSL 3.0. No longer use the deprecated API when running with OpenSSL 3.0 --- src/openvpn/crypto_openssl.c | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) diff --git a/src/openvpn/crypto_openssl.c b/src/openvpn/crypto_openssl.c index f1b2d8b4a..34a564e46 100644 --- a/src/openvpn/crypto_openssl.c +++ b/src/openvpn/crypto_openssl.c @@ -67,7 +67,7 @@ #warning Some OpenSSL HMAC message digests now support key lengths greater than MAX_HMAC_KEY_LENGTH -- consider increasing MAX_HMAC_KEY_LENGTH #endif -#if HAVE_OPENSSL_ENGINE +#if HAVE_OPENSSL_ENGINE && OPENSSL_VERSION_NUMBER < 0x30000000L #include #include @@ -132,7 +132,7 @@ setup_engine(const char *engine) void crypto_init_lib_engine(const char *engine_name) { -#if HAVE_OPENSSL_ENGINE +#if HAVE_OPENSSL_ENGINE && OPENSSL_VERSION_NUMBER < 0x30000000L if (!engine_initialized) { ASSERT(engine_name); @@ -182,7 +182,7 @@ crypto_uninit_lib(void) fclose(fp); #endif -#if HAVE_OPENSSL_ENGINE +#if HAVE_OPENSSL_ENGINE && OPENSSL_VERSION_NUMBER < 0x30000000L if (engine_initialized) { ENGINE_cleanup(); @@ -368,7 +368,8 @@ show_available_digests(void) void show_available_engines(void) { -#if HAVE_OPENSSL_ENGINE /* Only defined for OpenSSL */ +#if HAVE_OPENSSL_ENGINE && OPENSSL_VERSION_NUMBER < 0x30000000L + /* Only defined for OpenSSL */ ENGINE *e; printf("OpenSSL Crypto Engines\n\n"); @@ -1151,7 +1152,7 @@ memcmp_constant_time(const void *a, const void *b, size_t size) return CRYPTO_memcmp(a, b, size); } -#if HAVE_OPENSSL_ENGINE +#if HAVE_OPENSSL_ENGINE && OPENSSL_VERSION_NUMBER < 0x30000000L static int ui_reader(UI *ui, UI_STRING *uis) { @@ -1175,7 +1176,7 @@ ui_reader(UI *ui, UI_STRING *uis) EVP_PKEY * engine_load_key(const char *file, SSL_CTX *ctx) { -#if HAVE_OPENSSL_ENGINE +#if HAVE_OPENSSL_ENGINE && OPENSSL_VERSION_NUMBER < 0x30000000L UI_METHOD *ui; EVP_PKEY *pkey;