On Tue, Oct 23, 2018 at 04:36:24AM +1100, Joel Sing wrote: > > #if (OPENSSL_VERSION_NUMBER >= 0x10100000L && > > !defined(LIBRESSL_VERSION_NUMBER)) || (LIBRESSL_VERSION_NUMBER >= > > 0x2070000fL) > > That works, but seems a little backwards, since you're potentially still > evaluating LIBRESSL_VERSION_NUMBER even when it is not defined. I think the > following would be preferable (and I'll check what we've used elsewhere more > carefully): > > #if OPENSSL_VERSION_NUMBER >= 0x10100000L && \ > (!defined(LIBRESSL_VERSION_NUMBER) || LIBRESSL_VERSION_NUMBER >= > 0x2070000fL)
I think your version is also correct. Getting it right is hard and required some iterations with upstream. As my version of the condition has been released and tested, I would like to keep it. If LIBRESSL_VERSION_NUMBER is not defined, then it evaluates as 0, which also works fine. It is consistent within this file and makes it easier to push upstream. And also avoid \ newline as the style of the file is to use long lines. ok? bluhm Index: security/p5-Net_SSLeay/Makefile =================================================================== RCS file: /data/mirror/openbsd/cvs/ports/security/p5-Net_SSLeay/Makefile,v retrieving revision 1.69 diff -u -p -r1.69 Makefile --- security/p5-Net_SSLeay/Makefile 18 Mar 2018 16:47:58 -0000 1.69 +++ security/p5-Net_SSLeay/Makefile 22 Oct 2018 18:38:55 -0000 @@ -3,6 +3,7 @@ COMMENT = perl module for using OpenSSL DISTNAME = Net-SSLeay-1.85 +REVISION = 0 CATEGORIES = security Index: security/p5-Net_SSLeay/patches/patch-SSLeay_xs =================================================================== RCS file: security/p5-Net_SSLeay/patches/patch-SSLeay_xs diff -N security/p5-Net_SSLeay/patches/patch-SSLeay_xs --- /dev/null 1 Jan 1970 00:00:00 -0000 +++ security/p5-Net_SSLeay/patches/patch-SSLeay_xs 22 Oct 2018 18:35:59 -0000 @@ -0,0 +1,23 @@ +$OpenBSD$ + +Index: SSLeay.xs +--- SSLeay.xs.orig ++++ SSLeay.xs +@@ -5612,7 +5612,7 @@ SSL_get_client_random(s) + + #endif + +-#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) ++#if (OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)) || (LIBRESSL_VERSION_NUMBER >= 0x2070000fL) + + void + SSL_get_server_random(s) +@@ -5643,7 +5643,7 @@ int + SSL_get_keyblock_size(s) + SSL * s + CODE: +-#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) ++#if (OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)) || (LIBRESSL_VERSION_NUMBER >= 0x2070000fL) + const SSL_CIPHER *ssl_cipher; + int cipher = NID_undef, digest = NID_undef, mac_secret_size = 0; + const EVP_CIPHER *c = NULL;