openssl_stream: remove locking initialization on OpenSSL version >=1.1

Up to version 1.0, OpenSSL required us to provide a callback which implements a locking mechanism. Due to problems in the API design though this mechanism was inherently broken, especially regarding that the locking callback cannot report errors in an obvious way. Due to this shortcoming, the locking initialization has been completely removed in OpenSSL version 1.1. As the library has also been refactored to not make any use of these callback functions, we can safely remove all initialization of the locking subsystem if compiling against OpenSSL version 1.1 or higher. This fixes a compilation error when compiling against OpenSSL version 1.1 which has been built without stubs for deprecated syntax.

openssl_stream: remove locking initialization on OpenSSL version >=1.1
Up to version 1.0, OpenSSL required us to provide a callback which implements a locking mechanism. Due to problems in the API design though this mechanism was inherently broken, especially regarding that the locking callback cannot report errors in an obvious way. Due to this shortcoming, the locking initialization has been completely removed in OpenSSL version 1.1. As the library has also been refactored to not make any use of these callback functions, we can safely remove all initialization of the locking subsystem if compiling against OpenSSL version 1.1 or higher. This fixes a compilation error when compiling against OpenSSL version 1.1 which has been built without stubs for deprecated syntax.
29081c2f · Patrick Steinhardt · e572b631 · 29081c2f
Commit 29081c2f authored Apr 07, 2017 by Patrick Steinhardt
Hide whitespace changes
Inline Side-by-side

Showing with 5 additions and 3 deletions

src/openssl_stream.c
+5 -3

No files found.
--- a/src/openssl_stream.c
+++ b/src/openssl_stream.c
@@ -37,7 +37,7 @@ SSL_CTX *git__ssl_ctx;

 #define GIT_SSL_DEFAULT_CIPHERS "ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-DSS-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA:DHE-DSS-AES128-SHA256:DHE-DSS-AES256-SHA256:DHE-DSS-AES128-SHA:DHE-DSS-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA"

-#ifdef GIT_THREADS
+#if defined(GIT_THREADS) && OPENSSL_VERSION_NUMBER < 0x10100000L

 static git_mutex *openssl_locks;

@@ -70,7 +70,7 @@ static void shutdown_ssl_locking(void)
 	git__free(openssl_locks);
 }

-#endif /* GIT_THREADS */
+#endif /* GIT_THREADS && OPENSSL_VERSION_NUMBER < 0x10100000L */

 static BIO_METHOD *git_stream_bio_method;
 static int init_bio_method(void);
@@ -146,7 +146,7 @@ int git_openssl_stream_global_init(void)

 int git_openssl_set_locking(void)
 {
-#ifdef GIT_THREADS
+#if defined(GIT_THREADS) && OPENSSL_VERSION_NUMBER < 0x10100000L
 	int num_locks, i;

 	num_locks = CRYPTO_num_locks();
@@ -163,6 +163,8 @@ int git_openssl_set_locking(void)
 	CRYPTO_set_locking_callback(openssl_locking_function);
 	git__on_shutdown(shutdown_ssl_locking);
 	return 0;
+#elif OPENSSL_VERSION_NUMBER >= 0x10100000L
+	return 0;
 #else
 	giterr_set(GITERR_THREAD, "libgit2 was not built with threads");
 	return -1;