Don't call ERR_remove_state().
authorGuus Sliepen <guus@tinc-vpn.org>
Sat, 7 Oct 2017 21:14:58 +0000 (23:14 +0200)
committerGuus Sliepen <guus@tinc-vpn.org>
Sat, 7 Oct 2017 21:18:27 +0000 (23:18 +0200)
It's impossible to write portable code that properly cleans up after
OpenSSL without resulting in compile time warnings, so don't try.

m4/openssl.m4
src/tincd.c

index adca5f7..895c31a 100644 (file)
@@ -54,5 +54,5 @@ AC_DEFUN([tinc_OPENSSL],
     [#include <openssl/evp.h>]
   )
 
-  AC_CHECK_FUNCS([BN_GENCB_new ERR_remove_state RSA_set0_key], , , [#include <openssl/rsa.h>])
+  AC_CHECK_FUNCS([BN_GENCB_new RSA_set0_key], , , [#include <openssl/rsa.h>])
 ])
index db6b213..3abd33f 100644 (file)
@@ -821,14 +821,8 @@ end:
        free(priority);
 
        EVP_cleanup();
-       ENGINE_cleanup();
-       CRYPTO_cleanup_all_ex_data();
-#ifdef HAVE_ERR_REMOVE_STATE
-       // OpenSSL claims this function was deprecated in 1.0.0,
-       // but valgrind's leak detector shows you still need to call it to make sure OpenSSL cleans up properly.
-       ERR_remove_state(0);
-#endif
        ERR_free_strings();
+       ENGINE_cleanup();
 
        exit_configuration(&config_tree);
        list_delete_list(cmdline_conf);