diff options
| author | Joel Sing <jsing@cvs.openbsd.org> | 2019-08-12 18:03:18 +0000 |
|---|---|---|
| committer | Joel Sing <jsing@cvs.openbsd.org> | 2019-08-12 18:03:18 +0000 |
| commit | 754f0ebc7b197a518630fdc72865cb4e45e21d07 (patch) | |
| tree | cf7225d7904f4d31e07d7cd2531fde00693c2ad6 /usr.sbin | |
| parent | 4dcb9eaa77fece297f909cdcf7526dcc5a397fc9 (diff) | |
Stop pulling libssl into rpki-client.
None of this code actually does TLS, hence libssl is not needed. Instead,
pull in the correct headers and call the appropriate libcrypto
initialisation functions (even this is only necessary to support OpenSSL
prior to 1.1).
While here also remove libssl/libcrypto initialisation/uninitialisation
from main() - it should only be necessary in proc_parser().
ok deraadt@ job@
Diffstat (limited to 'usr.sbin')
| -rw-r--r-- | usr.sbin/rpki-client/Makefile | 4 | ||||
| -rw-r--r-- | usr.sbin/rpki-client/main.c | 19 |
2 files changed, 8 insertions, 15 deletions
diff --git a/usr.sbin/rpki-client/Makefile b/usr.sbin/rpki-client/Makefile index f13083438d2..5f78ecb5cab 100644 --- a/usr.sbin/rpki-client/Makefile +++ b/usr.sbin/rpki-client/Makefile @@ -1,11 +1,11 @@ -# $OpenBSD: Makefile,v 1.6 2019/06/18 06:15:54 claudio Exp $ +# $OpenBSD: Makefile,v 1.7 2019/08/12 18:03:17 jsing Exp $ PROG= rpki-client SRCS= as.c cert.c cms.c crl.c io.c ip.c log.c main.c mft.c \ output-bgpd.c roa.c rsync.c tal.c validate.c x509.c MAN= rpki-client.8 -LDADD= /usr/local/lib/eopenssl/libssl.a /usr/local/lib/eopenssl/libcrypto.a +LDADD= /usr/local/lib/eopenssl/libcrypto.a CFLAGS= -I/usr/local/include/eopenssl .include <bsd.prog.mk> diff --git a/usr.sbin/rpki-client/main.c b/usr.sbin/rpki-client/main.c index 70eb9dd3123..66ef149ff6f 100644 --- a/usr.sbin/rpki-client/main.c +++ b/usr.sbin/rpki-client/main.c @@ -1,4 +1,4 @@ -/* $OpenBSD: main.c,v 1.13 2019/08/09 09:50:44 claudio Exp $ */ +/* $OpenBSD: main.c,v 1.14 2019/08/12 18:03:17 jsing Exp $ */ /* * Copyright (c) 2019 Kristaps Dzonsons <kristaps@bsd.lv> * @@ -33,7 +33,8 @@ #include <unistd.h> #include <openssl/err.h> -#include <openssl/ssl.h> +#include <openssl/evp.h> +#include <openssl/x509v3.h> #include "extern.h" @@ -980,8 +981,9 @@ proc_parser(int fd, int force, int norev) struct auth *auths = NULL; int first_tals = 1; - SSL_library_init(); - SSL_load_error_strings(); + ERR_load_crypto_strings(); + OpenSSL_add_all_ciphers(); + OpenSSL_add_all_digests(); if ((store = X509_STORE_new()) == NULL) cryptoerrx("X509_STORE_new"); @@ -1371,11 +1373,6 @@ main(int argc, char *argv[]) * parsing process. */ - /* Initialise SSL, errors, and our structures. */ - - SSL_library_init(); - SSL_load_error_strings(); - if (pledge("stdio", NULL) == -1) err(EXIT_FAILURE, "pledge"); @@ -1503,10 +1500,6 @@ main(int argc, char *argv[]) roa_free(out[i]); free(out); - EVP_cleanup(); - CRYPTO_cleanup_all_ex_data(); - ERR_remove_state(0); - ERR_free_strings(); return rc ? EXIT_SUCCESS : EXIT_FAILURE; usage: |