From b7e84e8a260bf2e4a44d0e6055291d2efc3b6c10 Mon Sep 17 00:00:00 2001
From: Aram Sargsyan <aram@isc.org>
Date: Fri, 25 Feb 2022 08:41:36 +0000
Subject: [PATCH] Remove EVP_CIPHER_CTX_new() and EVP_CIPHER_CTX_free() shims

LibreSSL 3.5.0 fails to compile with these shims. We could have just
removed the LibreSSL check from the pre-processor condition, but it
seems that these shims are no longer needed because all the supported
versions of OpenSSL and LibreSSL have those functions.

According to EVP_ENCRYPTINIT(3) manual page in LibreSSL,
EVP_CIPHER_CTX_new() and EVP_CIPHER_CTX_free() first appeared in
OpenSSL 0.9.8b, and have been available since OpenBSD 4.5.

(cherry picked from commit a3789053682b57a2031de8c544134f1923e76cf3)
---
 lib/isc/aes.c | 18 ------------------
 1 file changed, 18 deletions(-)

diff --git a/lib/isc/aes.c b/lib/isc/aes.c
index 16f723183b..d136bd4857 100644
--- a/lib/isc/aes.c
+++ b/lib/isc/aes.c
@@ -22,19 +22,9 @@
 #include <isc/types.h>
 #include <isc/util.h>
 
-#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
-#define EVP_CIPHER_CTX_new()   &(_context), EVP_CIPHER_CTX_init(&_context)
-#define EVP_CIPHER_CTX_free(c) RUNTIME_CHECK(EVP_CIPHER_CTX_cleanup(c) == 1)
-#endif /* if OPENSSL_VERSION_NUMBER < 0x10100000L || \
-	* defined(LIBRESSL_VERSION_NUMBER) */
-
 void
 isc_aes128_crypt(const unsigned char *key, const unsigned char *in,
 		 unsigned char *out) {
-#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
-	EVP_CIPHER_CTX _context;
-#endif /* if OPENSSL_VERSION_NUMBER < 0x10100000L || \
-	* defined(LIBRESSL_VERSION_NUMBER) */
 	EVP_CIPHER_CTX *c;
 	int len;
 
@@ -51,10 +41,6 @@ isc_aes128_crypt(const unsigned char *key, const unsigned char *in,
 void
 isc_aes192_crypt(const unsigned char *key, const unsigned char *in,
 		 unsigned char *out) {
-#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
-	EVP_CIPHER_CTX _context;
-#endif /* if OPENSSL_VERSION_NUMBER < 0x10100000L || \
-	* defined(LIBRESSL_VERSION_NUMBER) */
 	EVP_CIPHER_CTX *c;
 	int len;
 
@@ -71,10 +57,6 @@ isc_aes192_crypt(const unsigned char *key, const unsigned char *in,
 void
 isc_aes256_crypt(const unsigned char *key, const unsigned char *in,
 		 unsigned char *out) {
-#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
-	EVP_CIPHER_CTX _context;
-#endif /* if OPENSSL_VERSION_NUMBER < 0x10100000L || \
-	* defined(LIBRESSL_VERSION_NUMBER) */
 	EVP_CIPHER_CTX *c;
 	int len;