Since OpenSSL 3.0 there is new OPENSSL_VERSION_MAJOR, but previous
releases does not have it.
So let's use plain old OPENSSL_VERSION_NUMBER to avoid more preprocessor
macros.
* Don't use deprecated functions when building against OpenSSL 3.0.
* Recognise that OpenSSL 3.0 can signal a dirty shutdown as a protocol.
error in addition to the expected IO error produced by OpenSSL 1.1.1
* Update regress_mbedtls.c for compatibility with OpenSSL 3
LibreSSL 2.7 implements OpenSSL 1.1 API except for BIO_get_init()
See also: https://bugs.freebsd.org/226900
Signed-off-by: Bernard Spil <brnrd@FreeBSD.org>
Closes: #617 (cherry-pick)
OpenSSL has a per-thread error stack, and really doesn't like you
leaving errors on the stack. Rather than discard the errors or force
the user to handle them, this patch pulls them off the openssl stack
and puts them on a stack associated with the bufferevent_openssl. If
the user leaves them on the stack then, it won't affect any other
connections.
This bug was found by Roman Puls. Thanks!
svn:r1481
This code adds a new Bufferevent type that is only compiled when the
openssl library is present. It supports using an SSL object and an
event alert mechanism, which can either be an fd or an underlying
bufferevent.
There is still more work to do: the unit tests are incomplete, and we
need to support flush and shutdown much better. Sometimes events are
generated needlessly: this will hose performance.
There's a new encrypting proxy in sample/le-proxy.c.
This code has only been tested on OSX, and nowhere else.
svn:r1382
