From 4425c385ad8e244e555bc959869f8241efbbc8f4 Mon Sep 17 00:00:00 2001
From: Yann Ylavic <ylavic@apache.org>
Date: Tue, 12 Jun 2018 21:38:24 +0000
Subject: apr_crypto: follow up to r1833359: more openssl _term() cleanups.

git-svn-id: https://svn.apache.org/repos/asf/apr/apr/trunk@1833426 13f79535-47bb-0310-9956-ffa450edef68
---
 crypto/apr_crypto_internal.c | 34 +++++++++++++++++++++++++++++++---
 1 file changed, 31 insertions(+), 3 deletions(-)

(limited to 'crypto')

diff --git a/crypto/apr_crypto_internal.c b/crypto/apr_crypto_internal.c
index 66e340c05..d22564230 100644
--- a/crypto/apr_crypto_internal.c
+++ b/crypto/apr_crypto_internal.c
@@ -24,19 +24,32 @@
 
 #include <openssl/crypto.h>
 #include <openssl/engine.h>
+#include <openssl/conf.h>
+#include <openssl/comp.h>
 #include <openssl/evp.h>
 
+#ifndef APR_USE_OPENSSL_PRE_1_1_API
+#if defined(LIBRESSL_VERSION_NUMBER)
+/* LibreSSL declares OPENSSL_VERSION_NUMBER == 2.0 but does not include most
+ * changes from OpenSSL >= 1.1 (new functions, macros, deprecations, ...), so
+ * we have to work around this...
+ */
+#define APR_USE_OPENSSL_PRE_1_1_API (1)
+#else
+#define APR_USE_OPENSSL_PRE_1_1_API (OPENSSL_VERSION_NUMBER < 0x10100000L)
+#endif
+#endif
+
 apr_status_t apr__crypto_openssl_init(const char *params,
                                       const apu_err_t **result,
                                       apr_pool_t *pool)
 {
 #if APR_USE_OPENSSL_PRE_1_1_API
-    (void)CRYPTO_malloc_init();
+    CRYPTO_malloc_init();
 #else
     OPENSSL_malloc_init();
 #endif
     ERR_load_crypto_strings();
-    /* SSL_load_error_strings(); */
     OpenSSL_add_all_algorithms();
     ENGINE_load_builtin_engines();
     ENGINE_register_all_complete();
@@ -46,9 +59,24 @@ apr_status_t apr__crypto_openssl_init(const char *params,
 
 apr_status_t apr__crypto_openssl_term(void)
 {
-    ERR_free_strings();
+#if APR_USE_OPENSSL_PRE_1_1_API
+#ifdef OPENSSL_FIPS
+    FIPS_mode_set(0);
+#endif
+    CONF_modules_unload(1);
+    OBJ_cleanup();
     EVP_cleanup();
+    RAND_cleanup();
     ENGINE_cleanup();
+    ERR_free_strings();
+    ERR_remove_thread_state(NULL);
+    CRYPTO_cleanup_all_ex_data();
+#ifndef OPENSSL_NO_COMP
+    COMP_zlib_cleanup();
+#endif
+#else   /* !APR_USE_OPENSSL_PRE_1_1_API */
+    OPENSSL_cleanup();
+#endif  /* !APR_USE_OPENSSL_PRE_1_1_API */
 
     return APR_SUCCESS;
 }
-- 
cgit v1.2.1