thodg/libgit2

Browse

Commit 29081c2fd4c951b2c166f327b145dca5212c9fca

Patrick Steinhardt 2017-04-07T12:54:33

openssl_stream: remove locking initialization on OpenSSL version >=1.1 Up to version 1.0, OpenSSL required us to provide a callback which implements a locking mechanism. Due to problems in the API design though this mechanism was inherently broken, especially regarding that the locking callback cannot report errors in an obvious way. Due to this shortcoming, the locking initialization has been completely removed in OpenSSL version 1.1. As the library has also been refactored to not make any use of these callback functions, we can safely remove all initialization of the locking subsystem if compiling against OpenSSL version 1.1 or higher. This fixes a compilation error when compiling against OpenSSL version 1.1 which has been built without stubs for deprecated syntax. 

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40

diff --git a/src/openssl_stream.c b/src/openssl_stream.c
index c0a9c3c..fadff5c 100644
--- a/src/openssl_stream.c
+++ b/src/openssl_stream.c
@@ -37,7 +37,7 @@ SSL_CTX *git__ssl_ctx;
 
 #define GIT_SSL_DEFAULT_CIPHERS "ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-DSS-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA:DHE-DSS-AES128-SHA256:DHE-DSS-AES256-SHA256:DHE-DSS-AES128-SHA:DHE-DSS-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA"
 
-#ifdef GIT_THREADS
+#if defined(GIT_THREADS) && OPENSSL_VERSION_NUMBER < 0x10100000L
 
 static git_mutex *openssl_locks;
 
@@ -70,7 +70,7 @@ static void shutdown_ssl_locking(void)
 	git__free(openssl_locks);
 }
 
-#endif /* GIT_THREADS */
+#endif /* GIT_THREADS && OPENSSL_VERSION_NUMBER < 0x10100000L */
 
 static BIO_METHOD *git_stream_bio_method;
 static int init_bio_method(void);
@@ -146,7 +146,7 @@ int git_openssl_stream_global_init(void)
 
 int git_openssl_set_locking(void)
 {
-#ifdef GIT_THREADS
+#if defined(GIT_THREADS) && OPENSSL_VERSION_NUMBER < 0x10100000L
 	int num_locks, i;
 
 	num_locks = CRYPTO_num_locks();
@@ -163,6 +163,8 @@ int git_openssl_set_locking(void)
 	CRYPTO_set_locking_callback(openssl_locking_function);
 	git__on_shutdown(shutdown_ssl_locking);
 	return 0;
+#elif OPENSSL_VERSION_NUMBER >= 0x10100000L
+	return 0;
 #else
 	giterr_set(GITERR_THREAD, "libgit2 was not built with threads");
 	return -1;
kmx.io     mail     discord kmxgit v0.4.0