Hey Ilya, Unfortunately, vtest isn't ported on OpenBSD and I try to avoid building software outside of the ports tree. That said, I think it could be useful for libressl devs to check haproxy regress test so I'll look into making a port for vtest.
While checking the mailing list for other submission to see if I was doing the correct thing, I saw your [PATC H] adjust vtc for cert revocation check https://www.mail-archive.com/haproxy@formilux.org/msg41553.html Is the regression test you're talking about addressed by this patch of yours? Either way, can you share with me the output of the regression tests? (privately or not) I'll ask a friendly libressl developers about it :) Cheers, Daniel On Wed, 8 Dec 2021 09:11:01 +0500, Илья Шипицин <chipits...@gmail.com> wrote: > Daniel, can you try regtests ? > reg-tests/ssl/ssl_client_samples.vtc is failing for me on the latest > LibreSSL > > ср, 8 дек. 2021 г. в 06:37, Daniel Jakots <hapr...@chown.me>: > > > Hi, > > > > Here's the file inline generated with `git format-patch -1`. Is it > > ok? > > > > I'm not subscribed to the mailing list, please keep me in Cc:. > > > > Thanks, > > Daniel > > > > From bc44099cb32a95d3a8895a6232b5b0ce5c9cb5c0 Mon Sep 17 00:00:00 > > 2001 From: Daniel Jakots <d...@chown.me> > > Date: Sun, 5 Dec 2021 17:30:57 -0500 > > Subject: [PATCH] BUILD: unbreak the build with newer libressl > > > > In LibreSSL 3.5.0, BIO is going to become opaque, so haproxy's > > compat macros will no longer work. The functions they substitute > > have been available since LibreSSL 2.7.0. > > --- > > include/haproxy/openssl-compat.h | 2 +- > > 1 file changed, 1 insertion(+), 1 deletion(-) > > > > diff --git a/include/haproxy/openssl-compat.h > > b/include/haproxy/openssl-compat.h > > index 17d073d51..123b76ede 100644 > > --- a/include/haproxy/openssl-compat.h > > +++ b/include/haproxy/openssl-compat.h > > @@ -417,7 +417,7 @@ static inline X509 > > *X509_STORE_CTX_get0_cert(X509_STORE_CTX *ctx) > > #define SSL_CTX_get_extra_chain_certs(ctx, chain) do { *(chain) = > > (ctx)->extra_certs; } while (0) > > #endif > > > > -#if HA_OPENSSL_VERSION_NUMBER < 0x10100000L > > +#if HA_OPENSSL_VERSION_NUMBER < 0x10100000L && > > (!defined(LIBRESSL_VERSION_NUMBER) || LIBRESSL_VERSION_NUMBER < > > 0x2070000fL) #define BIO_get_data(b) (b)->ptr > > #define BIO_set_data(b, v) do { (b)->ptr = (v); } while > > (0) #define BIO_set_init(b, v) do { (b)->init = (v); } > > while (0) -- > > 2.32.0 > > > > > >
