Uploaded image for project: 'serf'
  1. serf
  2. SERF-188

Stop using deprecated APIs when compiled with OpenSSL 1.1

Attach filesAttach ScreenshotVotersWatch issueWatchersCreate sub-taskLinkCloneUpdate Comment AuthorReplace String in CommentUpdate Comment VisibilityDelete Comments
    XMLWordPrintableJSON

Details

    • Improvement
    • Status: Resolved
    • Minor
    • Resolution: Fixed
    • serf-trunk
    • None
    • OpenSSL 1.1.0f
    • Patch

    Description

      Some OpenSSL APIs used by serf were removed from header files in OpenSSL 1.1. Serf still builds (at least on my system), but throws a few warnings about calls to:

      • X509_get_notBefore(): replaced by X509_get0_notBefore()
      • X509_get_notAfter(): replaced by X509_get0_notAfter()
      • X509_STORE_CTX_get_chain(): replaced by X509_STORE_CTX_get0_chain()
      • SSLeay(): replaced by OpenSSL_version_num()
      • SSL_library_init(): replaced by OPENSSL_init_ssl(), but calling it is not required since initialisation is automatic now
      • ERR_load_crypto_strings(): replaced by a flag passed to OPENSSL_init_crypto(), if called
      • SSL_load_error_strings(): replaced by a flag passed to OPENSSL_init_ssl(), if called
      • Openssl_add_all_algorithms(): not replaced

      The attached patch modifies buckets/ssl_buckets.c to use the new OpenSSL 1.1 APIs, while still detecting and maintaining compatibility with the previous API.

      This patch has been tested on my OpenSSL 1.1 system, by doing a SVN check-out of a test repository over HTTPS.

      Attachments

        Activity

          This comment will be Viewable by All Users Viewable by All Users
          Cancel

          People

            Unassigned Unassigned
            laomaiweng Quentin Minster
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Issue deployment