On Wed, May 24, 2017 at 09:11:24AM +0100, Stuart Henderson wrote: > On 2017/05/24 10:03, Nils Frohberg wrote: > > The patch disables the symbols > > ECDSA_METHOD_new > > ECDSA_METHOD_free > > ECDSA_METHOD_set_flags > > ECDSA_METHOD_set_name > > that get pulled in due to the test > > #if OPENSSL_VERSION_NUMBER >= 0x10002000L > > Is there any more-targetted check you can make rather than 'if 0', > are there any related macros that were introduced at the same time as > the symbols you could use instead?
LibreSSL sets OPENSSL_VERSION_NUMBER to 0x20000000L. So we could
1) change the outter #if from ">= 0x10002000L" to "== 0x10002000L",
but then we don't include symbols that are actually there
2) change the "#if 0" to "#if OPENSSL_VERSION_NUMBER == 0x10002000L"
3) test for "LIBRESSL_VERSION_NUMBER" on the four functions to
see if we're using LibreSSL
I would suggest 2) or 3), but I don't know which fits better. 3)
could be changed to a "<=" test later, in case the functions get
implemented.
(Disclaimer: I currently just need Crypt::OpenSSL::ECDSA::ECDSA_do_sign(),
so I don't use anthing else from here.)
Attached is a .tar.gz using 3).
--- patch-ECDSA_xs Wed May 24 08:57:15 2017
+++ patch-ECDSA_xs.new Wed May 24 10:22:32 2017
@@ -5,9 +5,9 @@
int
ECDSA_size(const EC_KEY *eckey)
-+# not implemented
++# not implemented in LibreSSL
+
-+#if 0
++#ifndef LIBRESSL_VERSION_NUMBER
+
ECDSA_METHOD *
ECDSA_METHOD_new(ECDSA_METHOD *ecdsa_method=0)
p5-Crypt-OpenSSL-ECDSA.tar.gz
Description: application/tar-gz
