From 04bcc9fe35ef3e9bdeab7bdf800b1d08a55b12b9 Mon Sep 17 00:00:00 2001 From: Vsevolod Stakhov Date: Tue, 15 Oct 2024 16:19:09 +0100 Subject: [PATCH] [Minor] Use OSSL_PROVIDER_load on RHEL based distros --- config.h.in | 1 + rpm/rspamd.spec | 1 + src/libserver/ssl_util.c | 12 +++++++++--- 3 files changed, 11 insertions(+), 3 deletions(-) diff --git a/config.h.in b/config.h.in index 9aff90783..0ed2cd6b2 100644 --- a/config.h.in +++ b/config.h.in @@ -116,6 +116,7 @@ #cmakedefine WITH_FASTTEXT 1 #cmakedefine BACKWARD_ENABLE 1 #cmakedefine HAVE_BUILTIN_CPU_SUPPORTS 1 +#cmakedefine RSPAMD_LEGACY_SSL_PROVIDER 1 #cmakedefine DISABLE_PTHREAD_MUTEX 1 diff --git a/rpm/rspamd.spec b/rpm/rspamd.spec index 0727d2430..663fa0929 100644 --- a/rpm/rspamd.spec +++ b/rpm/rspamd.spec @@ -137,6 +137,7 @@ rm -f %{_builddir}/luajit-build/lib/*.so || true -DWANT_SYSTEMD_UNITS=ON \ -DNO_SHARED=ON \ -DNO_TARGET_VERSIONS=1 \ + -DRSPAMD_LEGACY_SSL_PROVIDER=1 \ %ifarch x86_64 amd64 arm64 aarch64 -DENABLE_HYPERSCAN=ON \ %endif diff --git a/src/libserver/ssl_util.c b/src/libserver/ssl_util.c index b739961a8..b97e2a498 100644 --- a/src/libserver/ssl_util.c +++ b/src/libserver/ssl_util.c @@ -1,11 +1,11 @@ -/*- - * Copyright 2016 Vsevolod Stakhov +/* + * Copyright 2024 Vsevolod Stakhov * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, @@ -1054,6 +1054,9 @@ gpointer rspamd_init_ssl_ctx_noverify(void) return ssl_ctx_noverify; } +#if defined(RSPAMD_LEGACY_SSL_PROVIDER) && OPENSSL_VERSION_NUMBER >= 0x30000000L +#include +#endif void rspamd_openssl_maybe_init(void) { @@ -1075,6 +1078,9 @@ void rspamd_openssl_maybe_init(void) #else OPENSSL_init_ssl(0, NULL); #endif +#if defined(RSPAMD_LEGACY_SSL_PROVIDER) && OPENSSL_VERSION_NUMBER >= 0x30000000L + (void) OSSL_PROVIDER_load(NULL, "legacy"); +#endif #if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) OPENSSL_config(NULL); -- 2.39.5