From 02cf40b87fb42730b89f398f26ea74939599ba99 Mon Sep 17 00:00:00 2001
From: Mark Andrews <marka@isc.org>
Date: Thu, 10 Aug 2017 10:16:26 +1000
Subject: [PATCH] 4676.   [cleanup]       Allow BIND to be built using OpenSSL
 1.0.X with                         deprecated functions removed. [RT #45706]

(cherry picked from commit cbc80a42d34baca5dfee8ade0c334921ebef8c3b)
---
 CHANGES                |  3 +++
 lib/dns/openssl_link.c | 20 ++++++++++++++++++--
 2 files changed, 21 insertions(+), 2 deletions(-)

diff --git a/CHANGES b/CHANGES
index 2c52991e6b..715a30156a 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1,3 +1,6 @@
+4676.	[cleanup]	Allow BIND to be built using OpenSSL 1.0.X with
+			deprecated functions removed. [RT #45706]
+
 4675.	[cleanup]	Don't use C++ keyword class. [RT #45726]
 
 4673.	[port]		Silence GCC 7 warnings. [RT #45592]
diff --git a/lib/dns/openssl_link.c b/lib/dns/openssl_link.c
index a23b807c21..0a3d2ba8a2 100644
--- a/lib/dns/openssl_link.c
+++ b/lib/dns/openssl_link.c
@@ -112,7 +112,7 @@ entropy_add(const void *buf, int num, double entropy) {
 }
 #endif
 
-#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
+#if OPENSSL_VERSION_NUMBER >= 0x10000000L && OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
 static void
 lock_callback(int mode, int type, const char *file, int line) {
 	UNUSED(file);
@@ -122,7 +122,9 @@ lock_callback(int mode, int type, const char *file, int line) {
 	else
 		UNLOCK(&locks[type]);
 }
+#endif
 
+#if OPENSSL_VERSION_NUMBER < 0x10000000L
 static unsigned long
 id_callback(void) {
 	return ((unsigned long)isc_thread_self());
@@ -186,6 +188,14 @@ mem_realloc(void *ptr, size_t size FLARG) {
 #endif
 }
 
+#if OPENSSL_VERSION_NUMBER >= 0x10000000L && OPENSSL_VERSION_NUMBER < 0x10100000L
+static void
+_set_thread_id(CRYPTO_THREADID *id)
+{
+	CRYPTO_THREADID_set_numeric(id, (unsigned long)pthread_self());
+}
+#endif
+
 isc_result_t
 dst__openssl_init(const char *engine) {
 	isc_result_t result;
@@ -211,7 +221,11 @@ dst__openssl_init(const char *engine) {
 	if (result != ISC_R_SUCCESS)
 		goto cleanup_mutexalloc;
 	CRYPTO_set_locking_callback(lock_callback);
+# if OPENSSL_VERSION_NUMBER >= 0x10000000L
+	CRYPTO_THREADID_set_callback(_set_thread_id);
+# else
 	CRYPTO_set_id_callback(id_callback);
+# endif
 
 	ERR_load_crypto_strings();
 #endif
@@ -332,7 +346,9 @@ dst__openssl_destroy(void) {
 	CRYPTO_cleanup_all_ex_data();
 #endif
 	ERR_clear_error();
-#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
+#if OPENSSL_VERSION_NUMBER >= 0x10000000L && OPENSSL_VERSION_NUMBER < 0x10100000L
+	ERR_remove_thread_state(NULL);
+#elif OPENSSL_VERSION_NUMBER < 0x10000000L || defined(LIBRESSL_VERSION_NUMBER)
 	ERR_remove_state(0);
 #endif
 	ERR_free_strings();