MIME-Version: 1.0
In-Reply-To: <e61e1c372eec4936eace10f01718a5e2@www.isc.org>
X-Mailer: MIME-tools 5.505 (Entity 5.505)
Content-Disposition: inline
X-RT-Interface: Web
References: <e61e1c372eec4936eace10f01718a5e2@www.isc.org>
 <RT-Ticket-45117@isc.org>
Content-Type: text/plain; charset="utf-8"
Message-ID: <rt-4.2.8-8320-1492699460-1544.45117-0-0@isc.org>
Content-Transfer-Encoding: binary
X-RT-Original-Encoding: utf-8
RT-Send-CC:
X-RT-Encrypt: 0
X-RT-Sign: 0
Content-Length: 703

Someone decided to disable all backwards compatibility when they built OpenSSL 1.1.0.
Unfortunately when we test built against OpenSS1 1.1.0 we did a default build which
doesn't do this.  Anyway the fix is simple.

diff --git a/lib/dns/openssl_link.c b/lib/dns/openssl_link.c
index 7f74489937..88e7921d46 100644
--- a/lib/dns/openssl_link.c
+++ b/lib/dns/openssl_link.c
@@ -204,9 +204,9 @@ dst__openssl_init(const char *engine) {
                goto cleanup_mutexalloc;
        CRYPTO_set_locking_callback(lock_callback);
        CRYPTO_set_id_callback(id_callback);
-#endif
 
        ERR_load_crypto_strings();
+#endif
 
        rm = mem_alloc(sizeof(RAND_METHOD) FILELINE);
        if (rm == NULL) {