diff --git a/cmake/FDBComponents.cmake b/cmake/FDBComponents.cmake index 7a97b07425..a5f7d3247b 100644 --- a/cmake/FDBComponents.cmake +++ b/cmake/FDBComponents.cmake @@ -29,13 +29,6 @@ else() if(OPENSSL_FOUND) set(CMAKE_REQUIRED_INCLUDES ${OPENSSL_INCLUDE_DIR}) set(WITH_TLS ON) - add_compile_options(-DHAVE_OPENSSL) - check_symbol_exists("OPENSSL_INIT_NO_ATEXIT" "openssl/crypto.h" OPENSSL_HAS_NO_ATEXIT) - if(OPENSSL_HAS_NO_ATEXIT) - add_compile_options(-DHAVE_OPENSSL_INIT_NO_AT_EXIT) - else() - message(STATUS "Found OpenSSL without OPENSSL_INIT_NO_ATEXIT: assuming BoringSSL") - endif() else() message(STATUS "OpenSSL was not found - Will compile without TLS Support") message(STATUS "You can set OPENSSL_ROOT_DIR to help cmake find it") diff --git a/fdbclient/NativeAPI.actor.cpp b/fdbclient/NativeAPI.actor.cpp index 4a54a673ad..302bcc7929 100644 --- a/fdbclient/NativeAPI.actor.cpp +++ b/fdbclient/NativeAPI.actor.cpp @@ -2188,10 +2188,8 @@ void setupNetwork(uint64_t transportId, UseMetrics useMetrics) { networkOptions.logClientInfo = true; setupGlobalKnobs(); - TLS::DisableOpenSSLAtExitHandler(); g_network = newNet2(tlsConfig, false, useMetrics || networkOptions.traceDirectory.present()); g_network->addStopCallback(Net2FileSystem::stop); - g_network->addStopCallback(TLS::DestroyOpenSSLGlobalState); FlowTransport::createInstance(true, transportId, WLTOKEN_RESERVED_COUNT); Net2FileSystem::newFileSystem(); diff --git a/flow/TLSConfig.actor.cpp b/flow/TLSConfig.actor.cpp index 0b412043aa..192f3558d8 100644 --- a/flow/TLSConfig.actor.cpp +++ b/flow/TLSConfig.actor.cpp @@ -25,28 +25,6 @@ // To force typeinfo to only be emitted once. TLSPolicy::~TLSPolicy() {} -namespace TLS { - -void DisableOpenSSLAtExitHandler() { -#ifdef HAVE_OPENSSL_INIT_NO_ATEXIT - static bool once = false; - if (!once) { - once = true; - int success = OPENSSL_init_crypto(OPENSSL_INIT_NO_ATEXIT, nullptr); - if (!success) { - throw tls_error(); - } - } -#endif -} - -void DestroyOpenSSLGlobalState() { -#ifdef HAVE_OPENSSL_INIT_NO_ATEXIT - OPENSSL_cleanup(); -#endif -} - -} // namespace TLS #ifdef TLS_DISABLED void LoadedTLSConfig::print(FILE* fp) { diff --git a/flow/TLSConfig.actor.h b/flow/TLSConfig.actor.h index 4d1f55cdf3..14415f8547 100644 --- a/flow/TLSConfig.actor.h +++ b/flow/TLSConfig.actor.h @@ -37,22 +37,6 @@ #include "flow/Knobs.h" #include "flow/flow.h" -namespace TLS { - -// Force OpenSSL to not register an atexit handler to clean up global state before process exit. -// If you call this, you must also call DestroyOpenSSLGlobalState() before the program exits. -// Calls OPENSSL_init_crypto with OPENSSL_INIT_NO_ATEXIT. -// Must be called before any other OpenSSL function. -void DisableOpenSSLAtExitHandler(); - -// Frees all global state maintained by OpenSSL. -// Calls OPENSSL_cleanup. -// Must be called before program exit if using DisableOpenSSLAtExitHandler. -// No OpenSSL code may be run after calling this function. -void DestroyOpenSSLGlobalState(); - -} // namespace TLS - #ifndef TLS_DISABLED #include