On Sun, Jul 03, 2022 at 05:42:05PM +0000, Klemens Nanni wrote: > On Sun, Jul 03, 2022 at 06:16:02PM +0200, Theo Buehler wrote: > > > Now with feedback from sthen@, diff between the tarballs: > > > https://github.com/jasperla/openbsd-wip/commit/554d6e575 > > > > > > Feedback? OK? > > > > distinfo still contains the patchfile > > > > I'd like to have a more specific comment to justify use of eopenssl11: > > > > # Can't use LibreSSL since X509_VERIFY_PARAM_get_time missing from > > libcrypto. > > # Need to add OPENSSL_memdup with patch and neuter SHA-3; choice between > > the 1.1 > > # and 1.0 codepaths is a bit tricky. > > Thanks for both, I went with this comment: > > # Can't use LibreSSL since X509_VERIFY_PARAM_get_time is missing from > libcrypto. > # Need to add OPENSSL_memdup with patch and neuter SHA-3; > # choice between the 1.1 and 1.0 codepaths is a bit tricky.
Here's a version that links against LibreSSL. All tests fail with bad_alloc(0), but that is also the case with the version linked against OpenSSL. Perhaps I'm doing something wrong. You need libcrypto.so.49.1 for this to build since I added the missing X509_VERIFY_PARAM_get_time() in today's bump. There's a bit of patching, but I think it's not too bad. If this works for your purposes, I guess that'd be preferable over linking against eopenssl11.
libdigidocpp.tgz
Description: application/tar-gz