From: Art Cancro <ajc@citadel.org>
Date: Fri, 7 Jan 2022 16:38:19 +0000 (-0500)
Subject: ssl_ctx = SSL_CTX_new(SSLv23_server_method()) instead of using a temporary variable... 
X-Git-Tag: v944~7
X-Git-Url: https://code.citadel.org/?p=citadel.git;a=commitdiff_plain;h=b8cdf72394178327432dd541aefb8a9031e29c2a

ssl_ctx = SSL_CTX_new(SSLv23_server_method()) instead of using a temporary variable f or the server method.  (Changed in Citadel Server, WebCit Classic, and WebCit-NG)
---

diff --git a/citadel/modules/crypto/serv_crypto.c b/citadel/modules/crypto/serv_crypto.c
index 302be080e..cbb190cde 100644
--- a/citadel/modules/crypto/serv_crypto.c
+++ b/citadel/modules/crypto/serv_crypto.c
@@ -133,7 +133,6 @@ void update_key_and_cert_if_needed(void) {
 
 
 void init_ssl(void) {
-	const SSL_METHOD *ssl_method;
 	RSA *rsa = NULL;
 	X509_REQ *req = NULL;
 	X509 *cer = NULL;
@@ -145,8 +144,7 @@ void init_ssl(void) {
 	// Initialize SSL transport layer
 	SSL_library_init();
 	SSL_load_error_strings();
-	ssl_method = SSLv23_server_method();
-	if (!(ssl_ctx = SSL_CTX_new(ssl_method))) {
+	if (!(ssl_ctx = SSL_CTX_new(SSLv23_server_method()))) {
 		syslog(LOG_ERR, "crypto: SSL_CTX_new failed: %s", ERR_reason_error_string(ERR_get_error()));
 		return;
 	}
diff --git a/citadel/server.h b/citadel/server.h
index ef7b4aa84..f0af5c647 100644
--- a/citadel/server.h
+++ b/citadel/server.h
@@ -1,7 +1,7 @@
 /* 
  * Main declarations file for the Citadel server
  *
- * Copyright (c) 1987-2020 by the citadel.org team
+ * Copyright (c) 1987-2022 by the citadel.org team
  *
  * This program is open source software; you can redistribute it and/or modify
  * it under the terms of the GNU General Public License, version 3.
@@ -155,6 +155,7 @@ enum {
 	S_SINGLE_USER,
 	S_LDAP,
 	S_IM_LOGS,
+	S_OPENSSL,
 	MAX_SEMAPHORES
 };
 
diff --git a/webcit-ng/tls.c b/webcit-ng/tls.c
index 988ac2541..b82f8b34f 100644
--- a/webcit-ng/tls.c
+++ b/webcit-ng/tls.c
@@ -44,7 +44,6 @@ void bind_to_key_and_certificate(void) {
 
 // Initialize ssl engine, load certs and initialize openssl internals
 void init_ssl(void) {
-	const SSL_METHOD *ssl_method;
 	RSA *rsa = NULL;
 	X509_REQ *req = NULL;
 	X509 *cer = NULL;
@@ -58,8 +57,7 @@ void init_ssl(void) {
 	// Initialize SSL transport layer
 	SSL_library_init();
 	SSL_load_error_strings();
-	ssl_method = SSLv23_server_method();
-	if (!(ssl_ctx = SSL_CTX_new(ssl_method))) {
+	if (!(ssl_ctx = SSL_CTX_new(SSLv23_server_method()))) {
 		syslog(LOG_WARNING, "SSL_CTX_new failed: %s", ERR_reason_error_string(ERR_get_error()));
 		return;
 	}
diff --git a/webcit/crypto.c b/webcit/crypto.c
index bd0863902..971d1e06b 100644
--- a/webcit/crypto.c
+++ b/webcit/crypto.c
@@ -50,7 +50,6 @@ void bind_to_key_and_certificate(void) {
 
 // initialize ssl engine, load certs and initialize openssl internals
 void init_ssl(void) {
-	const SSL_METHOD *ssl_method;
 
 #ifndef OPENSSL_NO_EGD
 	if (!access("/var/run/egd-pool", F_OK)) {
@@ -66,8 +65,7 @@ void init_ssl(void) {
 	// Initialize SSL transport layer
 	SSL_library_init();
 	SSL_load_error_strings();
-	ssl_method = SSLv23_server_method();
-	if (!(ssl_ctx = SSL_CTX_new(ssl_method))) {
+	if (!(ssl_ctx = SSL_CTX_new(SSLv23_server_method()))) {
 		syslog(LOG_WARNING, "SSL_CTX_new failed: %s", ERR_reason_error_string(ERR_get_error()));
 		return;
 	}