Don't let kore build with openssl 3 again.

The whole privilege separation breaks with OpenSSL 3, even if it builds. I guess it is somewhat time to start on donutls.
2021-12-06 23:58:13 +01:00 · 2021-12-06 23:58:13 +01:00 · a54f806978
parent 0337af2067
commit a54f806978
3 changed files with 0 additions and 21 deletions
--- a/include/kore/kore.h
+++ b/include/kore/kore.h
@ -79,11 +79,6 @@ extern int daemon(int, int);
 #endif
 #endif

-/* Ignore deprecation warnings for OpenSSL 3 for now. */
-#if defined(OPENSSL_VERSION_MAJOR)
-#pragma GCC diagnostic ignored "-Wdeprecated-declarations"
-#endif
-
 #if defined(__OpenBSD__)
 #define KORE_USE_PLATFORM_PLEDGE	1
 #endif
--- a/src/cli.c
+++ b/src/cli.c
@ -26,12 +26,6 @@
 #include <openssl/err.h>
 #include <openssl/pem.h>
 #include <openssl/x509v3.h>
-
-/* Ignore deprecation warnings for OpenSSL 3 for now. */
-#if defined(OPENSSL_VERSION_MAJOR)
-#pragma GCC diagnostic ignored "-Wdeprecated-declarations"
-#endif
-
 #endif

 #include <ctype.h>
--- a/src/keymgr.c
+++ b/src/keymgr.c
@ -689,12 +689,7 @@ keymgr_rsa_encrypt(struct kore_msg *msg, const void *data, struct key *key)
 	u_int8_t			buf[1024];

 	req = (const struct kore_keyreq *)data;
-
-#if defined(OPENSSL_VERSION_MAJOR)
-	rsa = EVP_PKEY_get0(key->pkey);
-#else
 	rsa = EVP_PKEY_get0_RSA(key->pkey);
-#endif

 	keylen = RSA_size(rsa);
 	if (req->data_len > keylen || keylen > sizeof(buf))
@ -718,12 +713,7 @@ keymgr_ecdsa_sign(struct kore_msg *msg, const void *data, struct key *key)
 	u_int8_t			sig[1024];

 	req = (const struct kore_keyreq *)data;
-
-#if defined(OPENSSL_VERSION_MAJOR)
-	ec = EVP_PKEY_get0(key->pkey);
-#else
 	ec = EVP_PKEY_get0_EC_KEY(key->pkey);
-#endif

 	len = ECDSA_size(ec);
 	if (req->data_len > len || len > sizeof(sig))