[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: (ITS#8445) LibreSSL v2.4 compile
Connor Taffe wrote:
> Good point,
>
> I was assuming that LibreSSL was focused on only maintaining compatibility
> with v1.0.1 though, as they've created their own libtls for future programs.
>
> Git grep didn't show anything in the v2.4.1 portable repo.
> The v1.1 API is still in pre-release it looks like, and the relevant functions
> have
> only been in OpenSSL since January and March respectively according to git.
> In fact LibreSSL has had only a handful of commits this year in portable,
> mostly focused on building with cmake and some fixes, but no API additions.
>
> Neither function is available in the -current OpenBSD cvs tree either.
>
> I've emailed libressl@openbsd.org <mailto:libressl@openbsd.org> to inquire
> further.
Thanks. In the meantime I think the sane thing to do is just invert the
current #if. Swap the code so it's
#if OPENSSL_VERSION_NUMBER >= 0x01010000
new stuff
#else
old stuff
#endif
then we can ignore this until LibreSSL catches up.
>
> On Mon, Jun 20, 2016 at 1:38 AM Howard Chu <hyc@symas.com
> <mailto:hyc@symas.com>> wrote:
>
> Connor Taffe wrote:
> > Fixed, attached is a patch.
>
> I'm a bit concerned that you're only checking for the existence of LIBRESSL
> instead of actually comparing the version number. Since the OpenSSL change is
> based on their v1.1 API, do you know if/when LibreSSL plans to adopt the
> new API?
>
> > On Sun, Jun 19, 2016 at 8:02 PM Howard Chu <hyc@symas.com
> <mailto:hyc@symas.com>
> > <mailto:hyc@symas.com <mailto:hyc@symas.com>>> wrote:
> >
> > cpaynetaffe@gmail.com <mailto:cpaynetaffe@gmail.com>
> <mailto:cpaynetaffe@gmail.com <mailto:cpaynetaffe@gmail.com>> wrote:
> > > Full_Name: Connor Taffe
> > > Version: master
> > > OS: Ubuntu devel
> > > URL: ftp://ftp.openldap.org/incoming/
> > > Submission from: (NULL) (50.25.160.41)
> > >
> > >
> > > Compiling against LibreSSL v2.4.1 failed linking with
> SSL_CTX_up_ref and
> > > X509_NAME_get0_der undefined. I added checking if
> > LIBRESSL_VERSION_NUMBER to the
> > > same conditional compilation ifs that are defined for old
> versions of
> > OpenSSL.
> > >
> > > https://github.com/cptaffe/openldap
> >
> > Please read the Developer Guidelines. I'm not going to pull an
> arbitrary repo
> > to find someone's patch.
> >
> > http://www.openldap.org/devel/contributing.html
> >
> > --
> > -- Howard Chu
> > CTO, Symas Corp. http://www.symas.com
> > Director, Highland Sun http://highlandsun.com/hyc/
> > Chief Architect, OpenLDAP http://www.openldap.org/project/
> >
>
>
> --
> -- Howard Chu
> CTO, Symas Corp. http://www.symas.com
> Director, Highland Sun http://highlandsun.com/hyc/
> Chief Architect, OpenLDAP http://www.openldap.org/project/
>
--
-- Howard Chu
CTO, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc/
Chief Architect, OpenLDAP http://www.openldap.org/project/