From 672540d4ddbd24782b5c65b35d636bdfe8a90d0f Mon Sep 17 00:00:00 2001
From: Rosen Penev <rosenp@gmail.com>
Date: Fri, 15 Jun 2018 18:35:30 -0700
Subject: [PATCH] Fix compile with OpenSSL 1.1.0 and deprecated APIs

SSL_session_reused is the same as SSL_cache_hit. The engine load stuff is
now handled by OPENSSL_init.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
---
 src/crypto/tls_openssl.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

--- a/src/crypto/tls_openssl.c
+++ b/src/crypto/tls_openssl.c
@@ -1024,8 +1024,10 @@ void * tls_init(const struct tls_config
 
 #ifndef OPENSSL_NO_ENGINE
 	wpa_printf(MSG_DEBUG, "ENGINE: Loading dynamic engine");
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
 	ERR_load_ENGINE_strings();
 	ENGINE_load_dynamic();
+#endif /* OPENSSL_VERSION_NUMBER */
 
 	if (conf &&
 	    (conf->opensc_engine_path || conf->pkcs11_engine_path ||
@@ -3874,7 +3876,7 @@ struct wpabuf * tls_connection_decrypt(v
 
 int tls_connection_resumed(void *ssl_ctx, struct tls_connection *conn)
 {
-	return conn ? SSL_cache_hit(conn->ssl) : 0;
+	return conn ? SSL_session_reused(conn->ssl) : 0;
 }