[Minor] Use OSSL_PROVIDER_load on RHEL based distros

config.h.in

@@ -116,6 +116,7 @@
 #cmakedefine WITH_FASTTEXT       1
 #cmakedefine BACKWARD_ENABLE     1
 #cmakedefine HAVE_BUILTIN_CPU_SUPPORTS 1
+#cmakedefine RSPAMD_LEGACY_SSL_PROVIDER 1
 
 #cmakedefine DISABLE_PTHREAD_MUTEX 1
 

rpm/rspamd.spec

@@ -137,6 +137,7 @@ rm -f %{_builddir}/luajit-build/lib/*.so || true
         -DWANT_SYSTEMD_UNITS=ON \
         -DNO_SHARED=ON \
         -DNO_TARGET_VERSIONS=1 \
+        -DRSPAMD_LEGACY_SSL_PROVIDER=1 \
 %ifarch x86_64 amd64 arm64 aarch64
         -DENABLE_HYPERSCAN=ON \
 %endif

src/libserver/ssl_util.c

@@ -1,11 +1,11 @@
-/*-
- * Copyright 2016 Vsevolod Stakhov
+/*
+ * Copyright 2024 Vsevolod Stakhov
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
  *
- *   http://www.apache.org/licenses/LICENSE-2.0
+ *    http://www.apache.org/licenses/LICENSE-2.0
  *
  * Unless required by applicable law or agreed to in writing, software
  * distributed under the License is distributed on an "AS IS" BASIS,
@@ -1054,6 +1054,9 @@ gpointer rspamd_init_ssl_ctx_noverify(void)
 
 	return ssl_ctx_noverify;
 }
+#if defined(RSPAMD_LEGACY_SSL_PROVIDER) && OPENSSL_VERSION_NUMBER >= 0x30000000L
+#include <openssl/provider.h>
+#endif
 
 void rspamd_openssl_maybe_init(void)
 {
@@ -1075,6 +1078,9 @@ void rspamd_openssl_maybe_init(void)
 #else
 		OPENSSL_init_ssl(0, NULL);
 #endif
+#if defined(RSPAMD_LEGACY_SSL_PROVIDER) && OPENSSL_VERSION_NUMBER >= 0x30000000L
+		(void) OSSL_PROVIDER_load(NULL, "legacy");
+#endif
 
 #if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
 		OPENSSL_config(NULL);