From 9f2d2290d13454fbb8ab365f05dbf28aafd101bf Mon Sep 17 00:00:00 2001
From: Viktor Szakats <commit@vsz.me>
Date: Fri, 15 Dec 2023 01:50:06 +0000
Subject: [PATCH] openssl: re-match LibreSSL deinit with init

Earlier we switched to use modern initialization with LibreSSL v2.7.0
and up, but did not touch deinitialization [1]. Fix it in this patch.

Regression from bec0c5bbf34369920598678161d2df8bea0e243b #11611

[1] https://github.com/curl/curl/pull/11611#issuecomment-1668654014

Reported-by: Mike Hommey
Reviewed-by: Daniel Stenberg
Fixes #12525
Closes #12526
---
 lib/vtls/openssl.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c
index 1f735e0014..737c2f7e14 100644
--- a/lib/vtls/openssl.c
+++ b/lib/vtls/openssl.c
@@ -1753,7 +1753,7 @@ static int ossl_init(void)
 static void ossl_cleanup(void)
 {
 #if (OPENSSL_VERSION_NUMBER >= 0x10100000L) &&  \
-  !defined(LIBRESSL_VERSION_NUMBER)
+  (!defined(LIBRESSL_VERSION_NUMBER) || LIBRESSL_VERSION_NUMBER >= 0x2070000fL)
   /* OpenSSL 1.1 deprecates all these cleanup functions and
      turns them into no-ops in OpenSSL 1.0 compatibility mode */
 #else