Re: [PATCH] improving ssl defines
On Wed, Jan 22, 2020 at 11:32:43AM +0500, ??? wrote: > I've taken openssl branches (master, openssl_1_1_1 and openssl_1_1_0) and > built haproxy against various commits (not tagged as releases). > sometimes build fail, I ended with changing "ifdef" from > version-dependendent (which is not accurate) to feature dependent. > > I can find particular commits, but I think it is not important since > released versions of openssl build just fine (I'll provide detailed info if > build will ever fail on openssl release). OK thanks, I'll try to summarize that into the commit message. Willy
Re: [PATCH] improving ssl defines
ср, 22 янв. 2020 г. в 11:24, Willy Tarreau : > Hi Ilya, > > On Sat, Jan 18, 2020 at 06:47:48PM +0500, ??? wrote: > > Hello, > > > > let us switch to constants check, not versions. > > > > cheers, > > Ilya Shipitcin > > > From a8b68e746bb71c4fee65a05bea8287ad970c979c Mon Sep 17 00:00:00 2001 > > From: Ilya Shipitsin > > Date: Sat, 18 Jan 2020 18:42:45 +0500 > > Subject: [PATCH] BUG/MINOR: ssl: fix build on openssl-1.1.0 > > > > while working on issue #429, I built various openssl versions, > > let us improve ssl defines, switch to features, not versions > > What is the build issue you've encountered exactly (and/or in what > specific environment), and should this build fix be backported, and if > so, how far ? > > I think it should not be backported. I've taken openssl branches (master, openssl_1_1_1 and openssl_1_1_0) and built haproxy against various commits (not tagged as releases). sometimes build fail, I ended with changing "ifdef" from version-dependendent (which is not accurate) to feature dependent. I can find particular commits, but I think it is not important since released versions of openssl build just fine (I'll provide detailed info if build will ever fail on openssl release). > Thanks, > Willy >
Re: [PATCH] improving ssl defines
Hi Ilya, On Sat, Jan 18, 2020 at 06:47:48PM +0500, ??? wrote: > Hello, > > let us switch to constants check, not versions. > > cheers, > Ilya Shipitcin > From a8b68e746bb71c4fee65a05bea8287ad970c979c Mon Sep 17 00:00:00 2001 > From: Ilya Shipitsin > Date: Sat, 18 Jan 2020 18:42:45 +0500 > Subject: [PATCH] BUG/MINOR: ssl: fix build on openssl-1.1.0 > > while working on issue #429, I built various openssl versions, > let us improve ssl defines, switch to features, not versions What is the build issue you've encountered exactly (and/or in what specific environment), and should this build fix be backported, and if so, how far ? Thanks, Willy
[PATCH] improving ssl defines
Hello, let us switch to constants check, not versions. cheers, Ilya Shipitcin From a8b68e746bb71c4fee65a05bea8287ad970c979c Mon Sep 17 00:00:00 2001 From: Ilya Shipitsin Date: Sat, 18 Jan 2020 18:42:45 +0500 Subject: [PATCH] BUG/MINOR: ssl: fix build on openssl-1.1.0 while working on issue #429, I built various openssl versions, let us improve ssl defines, switch to features, not versions --- include/common/openssl-compat.h | 5 - 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/include/common/openssl-compat.h b/include/common/openssl-compat.h index 72b4e2fe2..cb9caa3e9 100644 --- a/include/common/openssl-compat.h +++ b/include/common/openssl-compat.h @@ -284,8 +284,11 @@ static inline void EVP_PKEY_up_ref(EVP_PKEY *pkey) #define X509_getm_notAfter X509_get_notAfter #endif -#if (OPENSSL_VERSION_NUMBER < 0x101fL || defined LIBRESSL_VERSION_NUMBER) +#if !defined(EVP_CTRL_AEAD_SET_IVLEN) #define EVP_CTRL_AEAD_SET_IVLEN EVP_CTRL_GCM_SET_IVLEN +#endif + +#if !defined(EVP_CTRL_AEAD_SET_TAG) #define EVP_CTRL_AEAD_SET_TAG EVP_CTRL_GCM_SET_TAG #endif -- 2.24.1