Don't call ERR_remove_state().

It's impossible to write portable code that properly cleans up after
OpenSSL without resulting in compile time warnings, so don't try.

diff --git a/m4/openssl.m4 b/m4/openssl.m4
index adca5f7a5bdef845cb14980f0c75429cc04322fb..895c31aa0d09ff374a27274f8f7aabfe8b3046de 100644 (file)
--- a/m4/openssl.m4
+++ b/m4/openssl.m4
@@ -54,5 +54,5 @@ AC_DEFUN([tinc_OPENSSL],
     [#include <openssl/evp.h>]
   )
 
-  AC_CHECK_FUNCS([BN_GENCB_new ERR_remove_state RSA_set0_key], , , [#include <openssl/rsa.h>])
+  AC_CHECK_FUNCS([BN_GENCB_new RSA_set0_key], , , [#include <openssl/rsa.h>])
 ])

diff --git a/src/tincd.c b/src/tincd.c
index db6b213aa1a67fc94cdab4e4fed14f55a89dd6f5..3abd33f00d284fe66524019eb7a44ce6cbf6c7d9 100644 (file)
--- a/src/tincd.c
+++ b/src/tincd.c
@@ -821,14 +821,8 @@ end:
        free(priority);
 
        EVP_cleanup();
-       ENGINE_cleanup();
-       CRYPTO_cleanup_all_ex_data();
-#ifdef HAVE_ERR_REMOVE_STATE
-       // OpenSSL claims this function was deprecated in 1.0.0,
-       // but valgrind's leak detector shows you still need to call it to make sure OpenSSL cleans up properly.
-       ERR_remove_state(0);
-#endif
        ERR_free_strings();
+       ENGINE_cleanup();
 
        exit_configuration(&config_tree);
        list_delete_list(cmdline_conf);