From 11e68a9440219a39b90d3311cd324a27b5756aa8 Mon Sep 17 00:00:00 2001
From: Pavel Baykov <pbaykov@peerplays.com>
Date: Tue, 8 Feb 2022 14:03:48 +0000
Subject: [PATCH 1/2] migrate to OpenSSL 1.1.0

---
 include/fc/crypto/openssl.hpp |  1 +
 src/crypto/aes.cpp            | 18 ------------------
 src/crypto/openssl.cpp        | 14 ++++++++------
 3 files changed, 9 insertions(+), 24 deletions(-)

diff --git a/include/fc/crypto/openssl.hpp b/include/fc/crypto/openssl.hpp
index af883d6..fc0a98b 100755
--- a/include/fc/crypto/openssl.hpp
+++ b/include/fc/crypto/openssl.hpp
@@ -8,6 +8,7 @@
 #include <openssl/ecdh.h>
 #include <openssl/sha.h>
 #include <openssl/obj_mac.h>
+#include <openssl/bn.h>
 
 /** 
  * @file openssl.hpp
diff --git a/src/crypto/aes.cpp b/src/crypto/aes.cpp
index 50001c2..fe375f6 100755
--- a/src/crypto/aes.cpp
+++ b/src/crypto/aes.cpp
@@ -411,10 +411,6 @@ unsigned long openssl_thread_config::get_thread_id()
 
 void openssl_thread_config::locking_callback(int mode, int type, const char *file, int line)
 {
-  if (mode & CRYPTO_LOCK)
-    openssl_mutexes[type].lock();
-  else
-    openssl_mutexes[type].unlock();
 }
 
 // Warning: Things get complicated if third-party libraries also try to install their their own 
@@ -423,23 +419,9 @@ void openssl_thread_config::locking_callback(int mode, int type, const char *fil
 // each library that does this to make sure they will play nice.
 openssl_thread_config::openssl_thread_config()
 {
-  if (CRYPTO_get_id_callback() == NULL &&
-      CRYPTO_get_locking_callback() == NULL)
-  {
-    openssl_mutexes = new boost::mutex[CRYPTO_num_locks()];
-    CRYPTO_set_id_callback(&get_thread_id);
-    CRYPTO_set_locking_callback(&locking_callback);
-  }
 }
 openssl_thread_config::~openssl_thread_config()
 {
-  if (CRYPTO_get_id_callback() == &get_thread_id)
-  {
-    CRYPTO_set_id_callback(NULL);
-    CRYPTO_set_locking_callback(NULL);
-    delete[] openssl_mutexes;
-    openssl_mutexes = nullptr;
-  }
 }
 
 }  // namespace fc
diff --git a/src/crypto/openssl.cpp b/src/crypto/openssl.cpp
index e3044ac..5ccebf2 100755
--- a/src/crypto/openssl.cpp
+++ b/src/crypto/openssl.cpp
@@ -8,6 +8,8 @@
 #include <string>
 #include <stdlib.h>
 
+#include <fc/log/logger.hpp>
+
 namespace  fc 
 {
     struct openssl_scope
@@ -15,9 +17,6 @@ namespace  fc
        static path _configurationFilePath;
        openssl_scope()
        {
-          ERR_load_crypto_strings(); 
-          OpenSSL_add_all_algorithms();
-
           const boost::filesystem::path& boostPath = _configurationFilePath;
           if(boostPath.empty() == false)
           {
@@ -30,13 +29,16 @@ namespace  fc
 #endif
           }
 
-          OPENSSL_config(nullptr);
+          if (CONF_modules_load_file(_configurationFilePath.string().c_str(), "fc", CONF_MFLAGS_IGNORE_MISSING_FILE) <= 0) {
+		  elog("FATAL: error loading configuration file\n");
+		  ERR_print_errors_fp(stderr);
+		  exit(1);
+	  }
+
        }
 
        ~openssl_scope()
        {
-          EVP_cleanup();
-          ERR_free_strings();
        }
     };
 

From 090f37f98b5825f17a7504c15a003f9e18c2ec85 Mon Sep 17 00:00:00 2001
From: Pavel Baykov <pbaykov@peerplays.com>
Date: Wed, 9 Feb 2022 15:41:41 -0400
Subject: [PATCH 2/2] remove openssl_thread_config_manager

---
 src/crypto/aes.cpp | 41 -----------------------------------------
 1 file changed, 41 deletions(-)

diff --git a/src/crypto/aes.cpp b/src/crypto/aes.cpp
index fe375f6..44c4085 100755
--- a/src/crypto/aes.cpp
+++ b/src/crypto/aes.cpp
@@ -383,45 +383,4 @@ std::vector<char> aes_load( const fc::path& file, const fc::sha512& key )
    return aes_decrypt( key, cipher );
 } FC_RETHROW_EXCEPTIONS( warn, "", ("file",file) ) }
 
-/* This stuff has to go somewhere, I guess this is as good a place as any...
-  OpenSSL isn't thread-safe unless you give it access to some mutexes,
-  so the CRYPTO_set_id_callback() function needs to be called before there's any
-  chance of OpenSSL being accessed from multiple threads.
-*/
-struct openssl_thread_config
-{
-  static boost::mutex* openssl_mutexes;
-  static unsigned long get_thread_id();
-  static void locking_callback(int mode, int type, const char *file, int line);
-  openssl_thread_config();
-  ~openssl_thread_config();
-};
-openssl_thread_config openssl_thread_config_manager;
-
-boost::mutex*         openssl_thread_config::openssl_mutexes = nullptr;
-
-unsigned long openssl_thread_config::get_thread_id()
-{
-#ifdef _WIN32
-  return (unsigned long)::GetCurrentThreadId();
-#else
-  return (unsigned long)(&fc::thread::current());    // TODO: should expose boost thread id
-#endif
-}
-
-void openssl_thread_config::locking_callback(int mode, int type, const char *file, int line)
-{
-}
-
-// Warning: Things get complicated if third-party libraries also try to install their their own 
-// OpenSSL thread functions.  Right now, we don't install our own handlers if another library has
-// installed them before us which is a partial solution, but you'd really need to evaluate
-// each library that does this to make sure they will play nice.
-openssl_thread_config::openssl_thread_config()
-{
-}
-openssl_thread_config::~openssl_thread_config()
-{
-}
-
 }  // namespace fc