From b987c121b1097f2e4bff3a9078a3ae33aca9a959 Mon Sep 17 00:00:00 2001
From: Dmitry Pankratov <dmitry@pankratov.net>
Date: Tue, 7 Jan 2025 15:23:29 +0100
Subject: [PATCH] Load "legacy" openssl provider for deprecated ciphers and
 algorithms

---
 Cargo.lock         |  1 +
 snx-rs/Cargo.toml  |  1 +
 snx-rs/src/main.rs | 13 ++++++++++++-
 3 files changed, 14 insertions(+), 1 deletion(-)

diff --git a/Cargo.lock b/Cargo.lock
index 93695da..59752d8 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -2977,6 +2977,7 @@ dependencies = [
  "futures",
  "ipnet",
  "libc",
+ "openssl",
  "snxcore",
  "tokio",
  "tracing",
diff --git a/snx-rs/Cargo.toml b/snx-rs/Cargo.toml
index cd770fa..620e144 100644
--- a/snx-rs/Cargo.toml
+++ b/snx-rs/Cargo.toml
@@ -20,3 +20,4 @@ libc = "0.2"
 tracing-subscriber = "0.3"
 clap = { version = "4.5.4", features = ["derive"] }
 ipnet = {  version = "2", features = ["serde"] }
+openssl = "0.10"
diff --git a/snx-rs/src/main.rs b/snx-rs/src/main.rs
index ffbef1a..fbfd005 100644
--- a/snx-rs/src/main.rs
+++ b/snx-rs/src/main.rs
@@ -1,8 +1,13 @@
-use std::{collections::VecDeque, future::Future, sync::Arc};
+use std::{
+    collections::VecDeque,
+    future::Future,
+    sync::{Arc, OnceLock},
+};
 
 use anyhow::anyhow;
 use clap::Parser;
 use futures::pin_mut;
+use openssl::provider::Provider;
 use tokio::{
     signal::unix,
     sync::{mpsc, oneshot},
@@ -64,6 +69,12 @@ async fn main() -> anyhow::Result<()> {
         return Err(anyhow!("Please run me as a root user!"));
     }
 
+    static LEGACY_PROVIDER: OnceLock<Provider> = OnceLock::new();
+
+    if let Ok(provider) = Provider::try_load(None, "legacy", true) {
+        let _ = LEGACY_PROVIDER.set(provider);
+    }
+
     let mode = cmdline_params.mode;
 
     let mut params = if let Some(ref config_file) = cmdline_params.config_file {