From 78c5b1c2dc3347894d69bf95b08c3f664c0bc399 Mon Sep 17 00:00:00 2001
From: Guus Sliepen <guus@tinc-vpn.org>
Date: Sat, 7 Oct 2017 23:14:58 +0200
Subject: [PATCH] Don't call ERR_remove_state().

It's impossible to write portable code that properly cleans up after
OpenSSL without resulting in compile time warnings, so don't try.
---
 m4/openssl.m4 | 2 +-
 src/tincd.c   | 8 +-------
 2 files changed, 2 insertions(+), 8 deletions(-)

diff --git a/m4/openssl.m4 b/m4/openssl.m4
index adca5f7a..895c31aa 100644
--- a/m4/openssl.m4
+++ b/m4/openssl.m4
@@ -54,5 +54,5 @@ AC_DEFUN([tinc_OPENSSL],
     [#include <openssl/evp.h>]
   )
 
-  AC_CHECK_FUNCS([BN_GENCB_new ERR_remove_state RSA_set0_key], , , [#include <openssl/rsa.h>])
+  AC_CHECK_FUNCS([BN_GENCB_new RSA_set0_key], , , [#include <openssl/rsa.h>])
 ])
diff --git a/src/tincd.c b/src/tincd.c
index db6b213a..3abd33f0 100644
--- a/src/tincd.c
+++ b/src/tincd.c
@@ -821,14 +821,8 @@ end:
 	free(priority);
 
 	EVP_cleanup();
-	ENGINE_cleanup();
-	CRYPTO_cleanup_all_ex_data();
-#ifdef HAVE_ERR_REMOVE_STATE
-	// OpenSSL claims this function was deprecated in 1.0.0,
-	// but valgrind's leak detector shows you still need to call it to make sure OpenSSL cleans up properly.
-	ERR_remove_state(0);
-#endif
 	ERR_free_strings();
+	ENGINE_cleanup();
 
 	exit_configuration(&config_tree);
 	list_delete_list(cmdline_conf);
-- 
2.39.5