diff options
-rw-r--r-- | secure/lib/libcrypto/opensslconf.h.in | 3 | ||||
-rw-r--r-- | secure/lib/libssl/Makefile | 2 | ||||
-rw-r--r-- | secure/lib/libssl/dummy_abi.c | 46 |
3 files changed, 51 insertions, 0 deletions
diff --git a/secure/lib/libcrypto/opensslconf.h.in b/secure/lib/libcrypto/opensslconf.h.in index 503a44c684808..1a68649dde0a4 100644 --- a/secure/lib/libcrypto/opensslconf.h.in +++ b/secure/lib/libcrypto/opensslconf.h.in @@ -79,6 +79,9 @@ extern "C" { #ifndef OPENSSL_NO_SSL3 # define OPENSSL_NO_SSL3 #endif +#ifndef OPENSSL_NO_SSL3_METHOD +# define OPENSSL_NO_SSL3_METHOD +#endif #ifndef OPENSSL_NO_UBSAN # define OPENSSL_NO_UBSAN #endif diff --git a/secure/lib/libssl/Makefile b/secure/lib/libssl/Makefile index ce97714504354..d97775b9afe4b 100644 --- a/secure/lib/libssl/Makefile +++ b/secure/lib/libssl/Makefile @@ -22,6 +22,8 @@ SRCS+= ssl3_record.c ssl3_record_tls13.c SRCS+= extensions.c extensions_clnt.c extensions_cust.c extensions_srvr.c SRCS+= statem.c statem_clnt.c statem_dtls.c statem_lib.c statem_srvr.c +SRCS+= dummy_abi.c + LIBADD= crypto CFLAGS+= -I${LCRYPTO_SRC}/ssl diff --git a/secure/lib/libssl/dummy_abi.c b/secure/lib/libssl/dummy_abi.c new file mode 100644 index 0000000000000..79d38a4200935 --- /dev/null +++ b/secure/lib/libssl/dummy_abi.c @@ -0,0 +1,46 @@ +/* This file is in the public domain. */ + +#include <sys/cdefs.h> +__FBSDID("$FreeBSD$"); + +#include <stdbool.h> +#include <unistd.h> + +#include <openssl/ssl.h> + +static inline void +__SSLv3_dummy_method_impl(void) +{ + static const char warning[] = "SSLv3 use is deprecated.\n"; + static bool once = false; + + if (once) + return; + + once = true; + write(STDERR_FILENO, warning, sizeof(warning) - 1); +} + +const SSL_METHOD * +__SSLv3_method_fbsd12(void) +{ + __SSLv3_dummy_method_impl(); + return (NULL); +} +__sym_compat(SSLv3_method, __SSLv3_method_fbsd12, OPENSSL_1_1_0); + +const SSL_METHOD * +__SSLv3_client_method_fbsd12(void) +{ + __SSLv3_dummy_method_impl(); + return (NULL); +} +__sym_compat(SSLv3_client_method, __SSLv3_client_method_fbsd12, OPENSSL_1_1_0); + +const SSL_METHOD * +__SSLv3_server_method_fbsd12(void) +{ + __SSLv3_dummy_method_impl(); + return (NULL); +} +__sym_compat(SSLv3_server_method, __SSLv3_server_method_fbsd12, OPENSSL_1_1_0); |