[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: (ITS#8445) LibreSSL v2.4 compile
--001a113eeb0accaf2b0535b8d348
Content-Type: text/plain; charset=UTF-8
Unfortunately LibreSSL defines OPENSSL_VERSION_NUBMER as 0x02000000.
On Mon, Jun 20, 2016 at 11:40 AM Howard Chu <hyc@symas.com> wrote:
> Connor Taffe wrote:
> > Good point,
> >
> > I was assuming that LibreSSL was focused on only maintaining
> compatibility
> > with v1.0.1 though, as they've created their own libtls for future
> programs.
> >
> > Git grep didn't show anything in the v2.4.1 portable repo.
> > The v1.1 API is still in pre-release it looks like, and the relevant
> functions
> > have
> > only been in OpenSSL since January and March respectively according to
> git.
> > In fact LibreSSL has had only a handful of commits this year in portable,
> > mostly focused on building with cmake and some fixes, but no API
> additions.
> >
> > Neither function is available in the -current OpenBSD cvs tree either.
> >
> > I've emailed libressl@openbsd.org <mailto:libressl@openbsd.org> to
> inquire
> > further.
>
> Thanks. In the meantime I think the sane thing to do is just invert the
> current #if. Swap the code so it's
>
> #if OPENSSL_VERSION_NUMBER >= 0x01010000
> new stuff
> #else
> old stuff
> #endif
>
> then we can ignore this until LibreSSL catches up.
> >
> > On Mon, Jun 20, 2016 at 1:38 AM Howard Chu <hyc@symas.com
> > <mailto:hyc@symas.com>> wrote:
> >
> > Connor Taffe wrote:
> > > Fixed, attached is a patch.
> >
> > I'm a bit concerned that you're only checking for the existence of
> LIBRESSL
> > instead of actually comparing the version number. Since the OpenSSL
> change is
> > based on their v1.1 API, do you know if/when LibreSSL plans to adopt
> the
> > new API?
> >
> > > On Sun, Jun 19, 2016 at 8:02 PM Howard Chu <hyc@symas.com
> > <mailto:hyc@symas.com>
> > > <mailto:hyc@symas.com <mailto:hyc@symas.com>>> wrote:
> > >
> > > cpaynetaffe@gmail.com <mailto:cpaynetaffe@gmail.com>
> > <mailto:cpaynetaffe@gmail.com <mailto:cpaynetaffe@gmail.com>> wrote:
> > > > Full_Name: Connor Taffe
> > > > Version: master
> > > > OS: Ubuntu devel
> > > > URL: ftp://ftp.openldap.org/incoming/
> > > > Submission from: (NULL) (50.25.160.41)
> > > >
> > > >
> > > > Compiling against LibreSSL v2.4.1 failed linking with
> > SSL_CTX_up_ref and
> > > > X509_NAME_get0_der undefined. I added checking if
> > > LIBRESSL_VERSION_NUMBER to the
> > > > same conditional compilation ifs that are defined for old
> > versions of
> > > OpenSSL.
> > > >
> > > > https://github.com/cptaffe/openldap
> > >
> > > Please read the Developer Guidelines. I'm not going to pull an
> > arbitrary repo
> > > to find someone's patch.
> > >
> > > http://www.openldap.org/devel/contributing.html
> > >
> > > --
> > > -- Howard Chu
> > > CTO, Symas Corp. http://www.symas.com
> > > Director, Highland Sun http://highlandsun.com/hyc/
> > > Chief Architect, OpenLDAP
> http://www.openldap.org/project/
> > >
> >
> >
> > --
> > -- Howard Chu
> > CTO, Symas Corp. http://www.symas.com
> > Director, Highland Sun http://highlandsun.com/hyc/
> > Chief Architect, OpenLDAP http://www.openldap.org/project/
> >
>
>
> --
> -- Howard Chu
> CTO, Symas Corp. http://www.symas.com
> Director, Highland Sun http://highlandsun.com/hyc/
> Chief Architect, OpenLDAP http://www.openldap.org/project/
>
--001a113eeb0accaf2b0535b8d348
Content-Type: text/html; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
<div dir=3D"ltr"><div>Unfortunately LibreSSL defines OPENSSL_VERSION_NUBMER=
as=C2=A0<span style=3D"color:rgb(33,33,33);font-family:'helvetica neue=
',helvetica,arial,sans-serif">0x02000000.</span></div></div><br><div cl=
ass=3D"gmail_quote"><div dir=3D"ltr">On Mon, Jun 20, 2016 at 11:40 AM Howar=
d Chu <<a href=3D"mailto:hyc@symas.com">hyc@symas.com</a>> wrote:<br>=
</div><blockquote class=3D"gmail_quote" style=3D"margin:0 0 0 .8ex;border-l=
eft:1px #ccc solid;padding-left:1ex">Connor Taffe wrote:<br>
> Good point,<br>
><br>
>=C2=A0 =C2=A0I was assuming that LibreSSL was focused on only maintaini=
ng compatibility<br>
> with v1.0.1 though, as they've created their own libtls for future=
programs.<br>
><br>
> Git grep didn't show anything in the v2.4.1 portable repo.<br>
> The v1.1 API is still in pre-release it looks like, and the relevant f=
unctions<br>
> have<br>
> only been in OpenSSL since January and March respectively according to=
git.<br>
> In fact LibreSSL has had only a handful of commits this year in portab=
le,<br>
> mostly focused on building with cmake and some fixes, but no API addit=
ions.<br>
><br>
> Neither function is available in the -current OpenBSD cvs tree either.=
<br>
><br>
> I've emailed <a href=3D"mailto:libressl@openbsd.org" target=3D"_bl=
ank">libressl@openbsd.org</a> <mailto:<a href=3D"mailto:libressl@openbsd=
.org" target=3D"_blank">libressl@openbsd.org</a>> to inquire<br>
> further.<br>
<br>
Thanks. In the meantime I think the sane thing to do is just invert the<br>
current #if. Swap the code so it's<br>
<br>
#if OPENSSL_VERSION_NUMBER >=3D 0x01010000<br>
=C2=A0 =C2=A0new stuff<br>
#else<br>
=C2=A0 =C2=A0old stuff<br>
#endif<br>
<br>
then we can ignore this until LibreSSL catches up.<br>
><br>
> On Mon, Jun 20, 2016 at 1:38 AM Howard Chu <<a href=3D"mailto:hyc@s=
ymas.com" target=3D"_blank">hyc@symas.com</a><br>
> <mailto:<a href=3D"mailto:hyc@symas.com" target=3D"_blank">hyc@syma=
s.com</a>>> wrote:<br>
><br>
>=C2=A0 =C2=A0 =C2=A0Connor Taffe wrote:<br>
>=C2=A0 =C2=A0 =C2=A0 > Fixed, attached is a patch.<br>
><br>
>=C2=A0 =C2=A0 =C2=A0I'm a bit concerned that you're only checki=
ng for the existence of LIBRESSL<br>
>=C2=A0 =C2=A0 =C2=A0instead of actually comparing the version number. S=
ince the OpenSSL change is<br>
>=C2=A0 =C2=A0 =C2=A0based on their v1.1 API, do you know if/when LibreS=
SL plans to adopt the<br>
>=C2=A0 =C2=A0 =C2=A0new API?<br>
><br>
>=C2=A0 =C2=A0 =C2=A0 > On Sun, Jun 19, 2016 at 8:02 PM Howard Chu &l=
t;<a href=3D"mailto:hyc@symas.com" target=3D"_blank">hyc@symas.com</a><br>
>=C2=A0 =C2=A0 =C2=A0<mailto:<a href=3D"mailto:hyc@symas.com" target=
=3D"_blank">hyc@symas.com</a>><br>
>=C2=A0 =C2=A0 =C2=A0 > <mailto:<a href=3D"mailto:hyc@symas.com" t=
arget=3D"_blank">hyc@symas.com</a> <mailto:<a href=3D"mailto:hyc@symas.c=
om" target=3D"_blank">hyc@symas.com</a>>>> wrote:<br>
>=C2=A0 =C2=A0 =C2=A0 ><br>
>=C2=A0 =C2=A0 =C2=A0 > <a href=3D"mailto:cpaynetaffe@gmail.com" targ=
et=3D"_blank">cpaynetaffe@gmail.com</a> <mailto:<a href=3D"mailto:cpayne=
taffe@gmail.com" target=3D"_blank">cpaynetaffe@gmail.com</a>><br>
>=C2=A0 =C2=A0 =C2=A0<mailto:<a href=3D"mailto:cpaynetaffe@gmail.com"=
target=3D"_blank">cpaynetaffe@gmail.com</a> <mailto:<a href=3D"mailto:c=
paynetaffe@gmail.com" target=3D"_blank">cpaynetaffe@gmail.com</a>>> w=
rote:<br>
>=C2=A0 =C2=A0 =C2=A0 >=C2=A0 =C2=A0 =C2=A0 > Full_Name: Connor Ta=
ffe<br>
>=C2=A0 =C2=A0 =C2=A0 >=C2=A0 =C2=A0 =C2=A0 > Version: master<br>
>=C2=A0 =C2=A0 =C2=A0 >=C2=A0 =C2=A0 =C2=A0 > OS: Ubuntu devel<br>
>=C2=A0 =C2=A0 =C2=A0 >=C2=A0 =C2=A0 =C2=A0 > URL: <a href=3D"ftp:=
//ftp.openldap.org/incoming/" rel=3D"noreferrer" target=3D"_blank">ftp://ft=
p.openldap.org/incoming/</a><br>
>=C2=A0 =C2=A0 =C2=A0 >=C2=A0 =C2=A0 =C2=A0 > Submission from: (NU=
LL) (50.25.160.41)<br>
>=C2=A0 =C2=A0 =C2=A0 >=C2=A0 =C2=A0 =C2=A0 ><br>
>=C2=A0 =C2=A0 =C2=A0 >=C2=A0 =C2=A0 =C2=A0 ><br>
>=C2=A0 =C2=A0 =C2=A0 >=C2=A0 =C2=A0 =C2=A0 > Compiling against Li=
breSSL v2.4.1 failed linking with<br>
>=C2=A0 =C2=A0 =C2=A0SSL_CTX_up_ref and<br>
>=C2=A0 =C2=A0 =C2=A0 >=C2=A0 =C2=A0 =C2=A0 > X509_NAME_get0_der u=
ndefined. I added checking if<br>
>=C2=A0 =C2=A0 =C2=A0 >=C2=A0 =C2=A0 =C2=A0LIBRESSL_VERSION_NUMBER to=
the<br>
>=C2=A0 =C2=A0 =C2=A0 >=C2=A0 =C2=A0 =C2=A0 > same conditional com=
pilation ifs that are defined for old<br>
>=C2=A0 =C2=A0 =C2=A0versions of<br>
>=C2=A0 =C2=A0 =C2=A0 >=C2=A0 =C2=A0 =C2=A0OpenSSL.<br>
>=C2=A0 =C2=A0 =C2=A0 >=C2=A0 =C2=A0 =C2=A0 ><br>
>=C2=A0 =C2=A0 =C2=A0 >=C2=A0 =C2=A0 =C2=A0 > <a href=3D"https://g=
ithub.com/cptaffe/openldap" rel=3D"noreferrer" target=3D"_blank">https://gi=
thub.com/cptaffe/openldap</a><br>
>=C2=A0 =C2=A0 =C2=A0 ><br>
>=C2=A0 =C2=A0 =C2=A0 >=C2=A0 =C2=A0 =C2=A0Please read the Developer =
Guidelines. I'm not going to pull an<br>
>=C2=A0 =C2=A0 =C2=A0arbitrary repo<br>
>=C2=A0 =C2=A0 =C2=A0 >=C2=A0 =C2=A0 =C2=A0to find someone's patc=
h.<br>
>=C2=A0 =C2=A0 =C2=A0 ><br>
>=C2=A0 =C2=A0 =C2=A0 > <a href=3D"http://www.openldap.org/devel/cont=
ributing.html" rel=3D"noreferrer" target=3D"_blank">http://www.openldap.org=
/devel/contributing.html</a><br>
>=C2=A0 =C2=A0 =C2=A0 ><br>
>=C2=A0 =C2=A0 =C2=A0 >=C2=A0 =C2=A0 =C2=A0--<br>
>=C2=A0 =C2=A0 =C2=A0 >=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0-- Howard Ch=
u<br>
>=C2=A0 =C2=A0 =C2=A0 >=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0CTO, Symas C=
orp. <a href=3D"http://www.symas.com" rel=3D"noreferrer" target=3D"_blank">=
http://www.symas.com</a><br>
>=C2=A0 =C2=A0 =C2=A0 >=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0Director, Hi=
ghland Sun <a href=3D"http://highlandsun.com/hyc/" rel=3D"noreferrer" targe=
t=3D"_blank">http://highlandsun.com/hyc/</a><br>
>=C2=A0 =C2=A0 =C2=A0 >=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0Chief Archit=
ect, OpenLDAP <a href=3D"http://www.openldap.org/project/" rel=3D"noreferre=
r" target=3D"_blank">http://www.openldap.org/project/</a><br>
>=C2=A0 =C2=A0 =C2=A0 ><br>
><br>
><br>
>=C2=A0 =C2=A0 =C2=A0--<br>
>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0-- Howard Chu<br>
>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0CTO, Symas Corp. <a href=3D"http://ww=
w.symas.com" rel=3D"noreferrer" target=3D"_blank">http://www.symas.com</a><=
br>
>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0Director, Highland Sun <a href=3D"htt=
p://highlandsun.com/hyc/" rel=3D"noreferrer" target=3D"_blank">http://highl=
andsun.com/hyc/</a><br>
>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0Chief Architect, OpenLDAP <a href=3D"=
http://www.openldap.org/project/" rel=3D"noreferrer" target=3D"_blank">http=
://www.openldap.org/project/</a><br>
><br>
<br>
<br>
--<br>
=C2=A0 =C2=A0-- Howard Chu<br>
=C2=A0 =C2=A0CTO, Symas Corp.=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0<a hr=
ef=3D"http://www.symas.com" rel=3D"noreferrer" target=3D"_blank">http://www=
.symas.com</a><br>
=C2=A0 =C2=A0Director, Highland Sun=C2=A0 =C2=A0 =C2=A0<a href=3D"http://hi=
ghlandsun.com/hyc/" rel=3D"noreferrer" target=3D"_blank">http://highlandsun=
.com/hyc/</a><br>
=C2=A0 =C2=A0Chief Architect, OpenLDAP=C2=A0 <a href=3D"http://www.openldap=
.org/project/" rel=3D"noreferrer" target=3D"_blank">http://www.openldap.org=
/project/</a><br>
</blockquote></div>
--001a113eeb0accaf2b0535b8d348--