Date: Thu, 25 May 2023 16:04:22 -0400 From: Ed Maste <emaste@freebsd.org> To: John Baldwin <jhb@freebsd.org> Cc: src-committers@freebsd.org, dev-commits-src-all@freebsd.org, dev-commits-src-main@freebsd.org Subject: Re: git: 01aee8c92d93 - main - libfetch: do not call deprecated OpenSSL functions Message-ID: <CAPyFy2B82v1VMUXcVrgB%2BqaERiv_p_%2Bzzqxk7ATwkXGvKzJj8g@mail.gmail.com> In-Reply-To: <cc8665ad-0a4b-565b-38fa-3b932dbb6784@FreeBSD.org> References: <202305251622.34PGM6mN060353@gitrepo.freebsd.org> <cc8665ad-0a4b-565b-38fa-3b932dbb6784@FreeBSD.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, 25 May 2023 at 12:49, John Baldwin <jhb@freebsd.org> wrote:
>
> > +#if OPENSSL_VERSION_NUMBER < 0x10100000L
> > /* Init the SSL library and context */
> > if (!SSL_library_init()){
> > fprintf(stderr, "SSL library init failed\n");
> > @@ -1211,6 +1212,7 @@ fetch_ssl(conn_t *conn, const struct url *URL, int verbose)
> > }
> >
> > SSL_load_error_strings();
> > +#endif
>
> Should we just remove this code outright? I don't think there's any value in
> supporting pre-1.1 OpenSSL versions?
Indeed that should be our end goal, but my initial desire is for
minimal changes. I also think there's some value in having these
functions as placeholders for now, in case anything with OpenSSL's
automatic init doesn't work as expected.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAPyFy2B82v1VMUXcVrgB%2BqaERiv_p_%2Bzzqxk7ATwkXGvKzJj8g>