On Wed, May 24, 2017 at 09:11:24AM +0100, Stuart Henderson wrote: > On 2017/05/24 10:03, Nils Frohberg wrote: > > The patch disables the symbols > > ECDSA_METHOD_new > > ECDSA_METHOD_free > > ECDSA_METHOD_set_flags > > ECDSA_METHOD_set_name > > that get pulled in due to the test > > #if OPENSSL_VERSION_NUMBER >= 0x10002000L > > Is there any more-targetted check you can make rather than 'if 0', > are there any related macros that were introduced at the same time as > the symbols you could use instead?
LibreSSL sets OPENSSL_VERSION_NUMBER to 0x20000000L. So we could 1) change the outter #if from ">= 0x10002000L" to "== 0x10002000L", but then we don't include symbols that are actually there 2) change the "#if 0" to "#if OPENSSL_VERSION_NUMBER == 0x10002000L" 3) test for "LIBRESSL_VERSION_NUMBER" on the four functions to see if we're using LibreSSL I would suggest 2) or 3), but I don't know which fits better. 3) could be changed to a "<=" test later, in case the functions get implemented. (Disclaimer: I currently just need Crypt::OpenSSL::ECDSA::ECDSA_do_sign(), so I don't use anthing else from here.) Attached is a .tar.gz using 3). --- patch-ECDSA_xs Wed May 24 08:57:15 2017 +++ patch-ECDSA_xs.new Wed May 24 10:22:32 2017 @@ -5,9 +5,9 @@ int ECDSA_size(const EC_KEY *eckey) -+# not implemented ++# not implemented in LibreSSL + -+#if 0 ++#ifndef LIBRESSL_VERSION_NUMBER + ECDSA_METHOD * ECDSA_METHOD_new(ECDSA_METHOD *ecdsa_method=0)
p5-Crypt-OpenSSL-ECDSA.tar.gz
Description: application/tar-gz