Hi, Attached patch is a better approach to fix that by loading providers in main instead of crypto module. That way it also works for legacy VTun crypto module (VTun <= 2.6) if there are any users left and is future proof for auth module.
Sylvain
diff -Nru vtun-3.0.4.orig/main.c vtun-3.0.4/main.c
--- vtun-3.0.4.orig/main.c 2022-11-23 13:56:31.000000000 +0100
+++ vtun-3.0.4/main.c 2022-11-23 13:57:03.283705646 +0100
@@ -35,6 +35,10 @@
#include <netinet/in.h>
#endif
+#ifdef HAVE_SSL
+#include <openssl/provider.h>
+#endif /* HAVE_SSL */
+
#include "vtun.h"
#include "lib.h"
#include "compat.h"
@@ -70,6 +74,10 @@
struct vtun_host *host = NULL;
struct sigaction sa;
char *hst;
+#ifdef HAVE_SSL
+ OSSL_PROVIDER *legacy;
+ OSSL_PROVIDER *deflt;
+#endif /* HAVE_SSL */
/* Configure default settings */
svr = 0; daemon = 1; sock = 0;
@@ -168,6 +176,20 @@
openlog("vtund", LOG_PID|LOG_NDELAY|LOG_PERROR, vtun.syslog);
}
+#ifdef HAVE_SSL
+ legacy = OSSL_PROVIDER_load(NULL, "legacy");
+ if (legacy == NULL) {
+ vtun_syslog(LOG_ERR, "Failed to load OpenSSL Legacy provider");
+ exit(1);
+ }
+
+ deflt = OSSL_PROVIDER_load(NULL, "default");
+ if (deflt == NULL) {
+ vtun_syslog(LOG_ERR, "Failed to load OpenSSL Default provider");
+ exit(1);
+ }
+#endif /* HAVE_SSL */
+
clear_nat_hack_flags(svr);
if(!svr){
signature.asc
Description: Digital signature
