[Minor] Use OSSL_PROVIDER_load on RHEL based distros

diff --git a/config.h.in b/config.h.in
index 9aff9078309d51851b3ad447a3ec799e98f62e8c..0ed2cd6b2de5268a249fcd8b90229a16d59e5ae7 100644 (file)
--- a/config.h.in
+++ b/config.h.in
@@ -116,6 +116,7 @@
 #cmakedefine WITH_FASTTEXT       1
 #cmakedefine BACKWARD_ENABLE     1
 #cmakedefine HAVE_BUILTIN_CPU_SUPPORTS 1
+#cmakedefine RSPAMD_LEGACY_SSL_PROVIDER 1
 
 #cmakedefine DISABLE_PTHREAD_MUTEX 1
 

diff --git a/rpm/rspamd.spec b/rpm/rspamd.spec
index 0727d2430638b7ce613d297543cfba6deedac7c2..663fa092913997eb083e1f075d3cb16c80aab190 100644 (file)
--- a/rpm/rspamd.spec
+++ b/rpm/rspamd.spec
@@ -137,6 +137,7 @@ rm -f %{_builddir}/luajit-build/lib/*.so || true
         -DWANT_SYSTEMD_UNITS=ON \
         -DNO_SHARED=ON \
         -DNO_TARGET_VERSIONS=1 \
+        -DRSPAMD_LEGACY_SSL_PROVIDER=1 \
 %ifarch x86_64 amd64 arm64 aarch64
         -DENABLE_HYPERSCAN=ON \
 %endif

diff --git a/src/libserver/ssl_util.c b/src/libserver/ssl_util.c
index b739961a8a9cd1499bb1bc727087d0ce8d9f40e7..b97e2a498c81bafa00f262c79c9c8195fd056413 100644 (file)
--- a/src/libserver/ssl_util.c
+++ b/src/libserver/ssl_util.c
@@ -1,11 +1,11 @@
-/*-
- * Copyright 2016 Vsevolod Stakhov
+/*
+ * Copyright 2024 Vsevolod Stakhov
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
  *
- *   http://www.apache.org/licenses/LICENSE-2.0
+ *    http://www.apache.org/licenses/LICENSE-2.0
  *
  * Unless required by applicable law or agreed to in writing, software
  * distributed under the License is distributed on an "AS IS" BASIS,
@@ -1054,6 +1054,9 @@ gpointer rspamd_init_ssl_ctx_noverify(void)
 
        return ssl_ctx_noverify;
 }
+#if defined(RSPAMD_LEGACY_SSL_PROVIDER) && OPENSSL_VERSION_NUMBER >= 0x30000000L
+#include <openssl/provider.h>
+#endif
 
 void rspamd_openssl_maybe_init(void)
 {
@@ -1075,6 +1078,9 @@ void rspamd_openssl_maybe_init(void)
 #else
                OPENSSL_init_ssl(0, NULL);
 #endif
+#if defined(RSPAMD_LEGACY_SSL_PROVIDER) && OPENSSL_VERSION_NUMBER >= 0x30000000L
+               (void) OSSL_PROVIDER_load(NULL, "legacy");
+#endif
 
 #if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
                OPENSSL_config(NULL);