v3.4 deprecated SSL_CTX_flush_sessions() in favor of *_ex(), which is now Y2038 safe [0]. Using the *_ex() variant fixes the build against a "no-deprecated" built v3.4. [0] https://docs.openssl.org/3.4/man3/SSL_CTX_flush_sessions/ Signed-off-by: Andre Heider <a.heider@xxxxxxxxx> --- src/crypto/tls_openssl.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/src/crypto/tls_openssl.c b/src/crypto/tls_openssl.c index eab43df39..ed0ec1421 100644 --- a/src/crypto/tls_openssl.c +++ b/src/crypto/tls_openssl.c @@ -1343,7 +1343,13 @@ void tls_deinit(void *ssl_ctx) if (data->tls_session_lifetime > 0) { wpa_printf(MSG_DEBUG, "OpenSSL: Flush sessions"); +#if OPENSSL_VERSION_NUMBER >= 0x30400000L && \ + !defined(LIBRESSL_VERSION_NUMBER) && \ + !defined(OPENSSL_IS_BORINGSSL) + SSL_CTX_flush_sessions_ex(ssl, 0); +#else SSL_CTX_flush_sessions(ssl, 0); +#endif /* OpenSSL version >= 3.4 */ wpa_printf(MSG_DEBUG, "OpenSSL: Flush sessions - done"); } while ((sess_data = dl_list_first(&context->sessions, -- 2.47.2 _______________________________________________ Hostap mailing list Hostap@xxxxxxxxxxxxxxxxxxx http://lists.infradead.org/mailman/listinfo/hostap
