OpenSSL 3.0 disables a number of "legacy" algorithms by default, and we
need to enable them manually using their provider system. Note that
explicitly loading a provider will disable the implicit default
provider, which is why we need to load it explicitly.
Closes#2629
Signed-off-by: Simon Chopin <simon.chopin@canonical.com>
V2:
* use a local OSSL_LIB_CTX to avoid leaking the legacy algorithms
into the main SSL context.
* Simplify the fish_init() error paths by calling fish_deinit()
This is not a problem with a usual compiler configuration, but LLVM/clang
detects it when compiled with:
-fsanitize=undefined-trap -fsanitize-undefined-trap-on-error -ftrapv