From cdee93ae252e8b9b12a892c70c77299b56f54aca Mon Sep 17 00:00:00 2001 From: James Muehlner Date: Sat, 30 Jul 2022 00:06:48 +0000 Subject: [PATCH 1/2] GUACAMOLE-1652: Only call SSL init functions when the library version requires it. --- src/common-ssh/ssh.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/src/common-ssh/ssh.c b/src/common-ssh/ssh.c index a847e7c3..ba88c40b 100644 --- a/src/common-ssh/ssh.c +++ b/src/common-ssh/ssh.c @@ -165,9 +165,11 @@ int guac_common_ssh_init(guac_client* client) { CRYPTO_set_locking_callback(guac_common_ssh_openssl_locking_callback); #endif - /* Init OpenSSL */ +#if OPENSSL_VERSION_NUMBER < 0x10100000L + /* Init OpenSSL - only required for OpenSSL Versions < 1.1.0 */ SSL_library_init(); ERR_load_crypto_strings(); +#endif /* Init libssh2 */ libssh2_init(0); From 9c93337d9781d4d85d84d9442297a2013c492837 Mon Sep 17 00:00:00 2001 From: James Muehlner Date: Sat, 30 Jul 2022 02:24:31 +0000 Subject: [PATCH 2/2] GUACAMOLE-1652: Migrate OpenSSL initialization to modern methods for OpenSSL >= 1.1.0. --- src/guacd/daemon.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/src/guacd/daemon.c b/src/guacd/daemon.c index 2861cffe..8bf30351 100644 --- a/src/guacd/daemon.c +++ b/src/guacd/daemon.c @@ -381,10 +381,15 @@ int main(int argc, char* argv[]) { CRYPTO_set_locking_callback(guacd_openssl_locking_callback); #endif - /* Init SSL */ +#if OPENSSL_VERSION_NUMBER < 0x10100000L + /* Init OpenSSL for OpenSSL Versions < 1.1.0 */ SSL_library_init(); SSL_load_error_strings(); ssl_context = SSL_CTX_new(SSLv23_server_method()); +#else + /* Set up OpenSSL for OpenSSL Versions >= 1.1.0 */ + ssl_context = SSL_CTX_new(TLS_server_method()); +#endif /* Load key */ if (config->key_file != NULL) {