From 32e32e7a28be53604d446240364af3290b801d0c Mon Sep 17 00:00:00 2001
From: jddurand <jeandamiendurand@free.fr>
Date: Sun, 18 Dec 2022 19:12:29 +0100
Subject: [PATCH] Use BIO API instead of fp to avoid OPENSSL_Applink
 errors(#405)

Use BIO API functions instead of FILE * and Unix type file descriptors
to avoid errors such as these:

OPENSSL_Uplink(00007FFFBC46D000,08): no OPENSSL_Applink
OPENSSL_Uplink(02831000,08): no OPENSSL_Applink

In addition to GitHub issue GH-281, this also addresses
CPAN Request Tracker Bug 101638.
https://rt.cpan.org/Public/Bug/Display.html?id=101638
---
 SSLeay.xs | 18 ++++++++++--------
 1 file changed, 10 insertions(+), 8 deletions(-)

diff --git a/SSLeay.xs b/SSLeay.xs
index a57b1fcc..d39e0592 100644
--- a/SSLeay.xs
+++ b/SSLeay.xs
@@ -4902,16 +4902,17 @@ CTX_use_PKCS12_file(ctx, file, password=NULL)
         PKCS12 *p12;
         EVP_PKEY *private_key;
         X509 *certificate;
-        FILE *fp;
+        BIO *bio;
     CODE:
         RETVAL = 0;
-        if ((fp = fopen (file, "rb"))) {
+        bio = BIO_new_file(file, "rb");
+        if (bio) {
 #if OPENSSL_VERSION_NUMBER >= 0x0090700fL
             OPENSSL_add_all_algorithms_noconf();
 #else
             OpenSSL_add_all_algorithms();
 #endif
-            if ((p12 = d2i_PKCS12_fp(fp, NULL))) {
+            if ((p12 = d2i_PKCS12_bio(bio, NULL))) {
                 if (PKCS12_parse(p12, password, &private_key, &certificate, NULL)) {
                     if (private_key) {
                         if (SSL_CTX_use_PrivateKey(ctx, private_key)) RETVAL = 1;
@@ -4925,7 +4926,7 @@ CTX_use_PKCS12_file(ctx, file, password=NULL)
                 PKCS12_free(p12);
             }
             if (!RETVAL) ERR_print_errors_fp(stderr);
-            fclose(fp);
+            BIO_free(bio);
         }
     OUTPUT:
         RETVAL
@@ -4941,16 +4942,17 @@ P_PKCS12_load_file(file, load_chain=0, password=NULL)
         X509 *certificate = NULL;
         STACK_OF(X509) *cachain = NULL;
         X509 *x;
-        FILE *fp;
+        BIO *bio;
         int i, result;
     PPCODE:
-        if ((fp = fopen (file, "rb"))) {
+        bio = BIO_new_file(file, "rb");
+        if (bio) {
 #if OPENSSL_VERSION_NUMBER >= 0x0090700fL
             OPENSSL_add_all_algorithms_noconf();
 #else
             OpenSSL_add_all_algorithms();
 #endif
-            if ((p12 = d2i_PKCS12_fp(fp, NULL))) {
+            if ((p12 = d2i_PKCS12_bio(bio, NULL))) {
                 if(load_chain)
                     result= PKCS12_parse(p12, password, &private_key, &certificate, &cachain);
                 else
@@ -4974,7 +4976,7 @@ P_PKCS12_load_file(file, load_chain=0, password=NULL)
                 }
                 PKCS12_free(p12);
             }
-            fclose(fp);
+            BIO_free(bio);
         }
 
 #ifndef OPENSSL_NO_MD2