fish: enable the legacy provider if build against OpenSSL3

OpenSSL 3.0 disables a number of "legacy" algorithms by default, and we need to enable them manually using their provider system. Note that explicitly loading a provider will disable the implicit default provider, which is why we need to load it explicitly. Closes #2629 Signed-off-by: Simon Chopin <simon.chopin@canonical.com> V2: * use a local OSSL_LIB_CTX to avoid leaking the legacy algorithms into the main SSL context. * Simplify the fish_init() error paths by calling fish_deinit()
2026-03-10 07:50:19 +00:00 · 2021-11-30 13:56:56 +01:00
parent 8443755772
commit bbd60a96ec
4 changed files with 68 additions and 1 deletions
--- a/plugins/fishlim/fish.h
+++ b/plugins/fishlim/fish.h
@@ -35,6 +35,8 @@ enum fish_mode {
  FISH_CBC_MODE = 0x2
 };

+int fish_init(void);
+void fish_deinit(void);
 char *fish_base64_encode(const char *message, size_t message_len);
 char *fish_base64_decode(const char *message, size_t *final_len);
 char *fish_encrypt(const char *key, size_t keylen, const char *message, size_t message_len, enum fish_mode mode);