--001a113eeb0accaf2b0535b8d348 Content-Type: text/plain; charset=UTF-8
Unfortunately LibreSSL defines OPENSSL_VERSION_NUBMER as 0x02000000.
On Mon, Jun 20, 2016 at 11:40 AM Howard Chu hyc@symas.com wrote:
Connor Taffe wrote:
Good point,
I was assuming that LibreSSL was focused on only maintaining
compatibility
with v1.0.1 though, as they've created their own libtls for future
programs.
Git grep didn't show anything in the v2.4.1 portable repo. The v1.1 API is still in pre-release it looks like, and the relevant
functions
have only been in OpenSSL since January and March respectively according to
git.
In fact LibreSSL has had only a handful of commits this year in portable, mostly focused on building with cmake and some fixes, but no API
additions.
Neither function is available in the -current OpenBSD cvs tree either.
I've emailed libressl@openbsd.org mailto:libressl@openbsd.org to
inquire
further.
Thanks. In the meantime I think the sane thing to do is just invert the current #if. Swap the code so it's
#if OPENSSL_VERSION_NUMBER >= 0x01010000 new stuff #else old stuff #endif
then we can ignore this until LibreSSL catches up.
On Mon, Jun 20, 2016 at 1:38 AM Howard Chu <hyc@symas.com mailto:hyc@symas.com> wrote:
Connor Taffe wrote: > Fixed, attached is a patch. I'm a bit concerned that you're only checking for the existence ofLIBRESSL
instead of actually comparing the version number. Since the OpenSSLchange is
based on their v1.1 API, do you know if/when LibreSSL plans to adoptthe
new API? > On Sun, Jun 19, 2016 at 8:02 PM Howard Chu <hyc@symas.com <mailto:hyc@symas.com> > <mailto:hyc@symas.com <mailto:hyc@symas.com>>> wrote: > > cpaynetaffe@gmail.com <mailto:cpaynetaffe@gmail.com> <mailto:cpaynetaffe@gmail.com <mailto:cpaynetaffe@gmail.com>> wrote: > > Full_Name: Connor Taffe > > Version: master > > OS: Ubuntu devel > > URL: ftp://ftp.openldap.org/incoming/ > > Submission from: (NULL) (50.25.160.41) > > > > > > Compiling against LibreSSL v2.4.1 failed linking with SSL_CTX_up_ref and > > X509_NAME_get0_der undefined. I added checking if > LIBRESSL_VERSION_NUMBER to the > > same conditional compilation ifs that are defined for old versions of > OpenSSL. > > > > https://github.com/cptaffe/openldap > > Please read the Developer Guidelines. I'm not going to pull an arbitrary repo > to find someone's patch. > > http://www.openldap.org/devel/contributing.html > > -- > -- Howard Chu > CTO, Symas Corp. http://www.symas.com > Director, Highland Sun http://highlandsun.com/hyc/ > Chief Architect, OpenLDAPhttp://www.openldap.org/project/
> -- -- Howard Chu CTO, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/-- -- Howard Chu CTO, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/
--001a113eeb0accaf2b0535b8d348 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable
<div dir=3D"ltr"><div>Unfortunately LibreSSL defines OPENSSL_VERSION_NUBMER= as=C2=A0<span style=3D"color:rgb(33,33,33);font-family:'helvetica neue= ',helvetica,arial,sans-serif">0x02000000.</span></div></div><br><div cl= ass=3D"gmail_quote"><div dir=3D"ltr">On Mon, Jun 20, 2016 at 11:40 AM Howar= d Chu <<a href=3D"mailto:hyc@symas.com">hyc@symas.com</a>> wrote:<br>= </div><blockquote class=3D"gmail_quote" style=3D"margin:0 0 0 .8ex;border-l= eft:1px #ccc solid;padding-left:1ex">Connor Taffe wrote:<br> > Good point,<br> ><br> >=C2=A0 =C2=A0I was assuming that LibreSSL was focused on only maintaini= ng compatibility<br> > with v1.0.1 though, as they've created their own libtls for future= programs.<br> ><br> > Git grep didn't show anything in the v2.4.1 portable repo.<br> > The v1.1 API is still in pre-release it looks like, and the relevant f= unctions<br> > have<br> > only been in OpenSSL since January and March respectively according to= git.<br> > In fact LibreSSL has had only a handful of commits this year in portab= le,<br> > mostly focused on building with cmake and some fixes, but no API addit= ions.<br> ><br> > Neither function is available in the -current OpenBSD cvs tree either.= <br> ><br> > I've emailed <a href=3D"mailto:libressl@openbsd.org" target=3D"_bl= ank">libressl@openbsd.org</a> <mailto:<a href=3D"mailto:libressl@openbsd= .org" target=3D"_blank">libressl@openbsd.org</a>> to inquire<br> > further.<br> <br> Thanks. In the meantime I think the sane thing to do is just invert the<br> current #if. Swap the code so it's<br> <br> #if OPENSSL_VERSION_NUMBER >=3D 0x01010000<br> =C2=A0 =C2=A0new stuff<br> #else<br> =C2=A0 =C2=A0old stuff<br> #endif<br> <br> then we can ignore this until LibreSSL catches up.<br> ><br> > On Mon, Jun 20, 2016 at 1:38 AM Howard Chu <<a href=3D"mailto:hyc@s= ymas.com" target=3D"_blank">hyc@symas.com</a><br> > <mailto:<a href=3D"mailto:hyc@symas.com" target=3D"_blank">hyc@syma= s.com</a>>> wrote:<br> ><br> >=C2=A0 =C2=A0 =C2=A0Connor Taffe wrote:<br> >=C2=A0 =C2=A0 =C2=A0 > Fixed, attached is a patch.<br> ><br> >=C2=A0 =C2=A0 =C2=A0I'm a bit concerned that you're only checki= ng for the existence of LIBRESSL<br> >=C2=A0 =C2=A0 =C2=A0instead of actually comparing the version number. S= ince the OpenSSL change is<br> >=C2=A0 =C2=A0 =C2=A0based on their v1.1 API, do you know if/when LibreS= SL plans to adopt the<br> >=C2=A0 =C2=A0 =C2=A0new API?<br> ><br> >=C2=A0 =C2=A0 =C2=A0 > On Sun, Jun 19, 2016 at 8:02 PM Howard Chu &l= t;<a href=3D"mailto:hyc@symas.com" target=3D"_blank">hyc@symas.com</a><br> >=C2=A0 =C2=A0 =C2=A0<mailto:<a href=3D"mailto:hyc@symas.com" target= =3D"_blank">hyc@symas.com</a>><br> >=C2=A0 =C2=A0 =C2=A0 > <mailto:<a href=3D"mailto:hyc@symas.com" t= arget=3D"_blank">hyc@symas.com</a> <mailto:<a href=3D"mailto:hyc@symas.c= om" target=3D"_blank">hyc@symas.com</a>>>> wrote:<br> >=C2=A0 =C2=A0 =C2=A0 ><br> >=C2=A0 =C2=A0 =C2=A0 > <a href=3D"mailto:cpaynetaffe@gmail.com" targ= et=3D"_blank">cpaynetaffe@gmail.com</a> <mailto:<a href=3D"mailto:cpayne= taffe@gmail.com" target=3D"_blank">cpaynetaffe@gmail.com</a>><br> >=C2=A0 =C2=A0 =C2=A0<mailto:<a href=3D"mailto:cpaynetaffe@gmail.com"= target=3D"_blank">cpaynetaffe@gmail.com</a> <mailto:<a href=3D"mailto:c= paynetaffe@gmail.com" target=3D"_blank">cpaynetaffe@gmail.com</a>>> w= rote:<br> >=C2=A0 =C2=A0 =C2=A0 >=C2=A0 =C2=A0 =C2=A0 > Full_Name: Connor Ta= ffe<br> >=C2=A0 =C2=A0 =C2=A0 >=C2=A0 =C2=A0 =C2=A0 > Version: master<br> >=C2=A0 =C2=A0 =C2=A0 >=C2=A0 =C2=A0 =C2=A0 > OS: Ubuntu devel<br> >=C2=A0 =C2=A0 =C2=A0 >=C2=A0 =C2=A0 =C2=A0 > URL: <a href=3D"ftp:= //ftp.openldap.org/incoming/" rel=3D"noreferrer" target=3D"_blank">ftp://ft= p.openldap.org/incoming/</a><br> >=C2=A0 =C2=A0 =C2=A0 >=C2=A0 =C2=A0 =C2=A0 > Submission from: (NU= LL) (50.25.160.41)<br> >=C2=A0 =C2=A0 =C2=A0 >=C2=A0 =C2=A0 =C2=A0 ><br> >=C2=A0 =C2=A0 =C2=A0 >=C2=A0 =C2=A0 =C2=A0 ><br> >=C2=A0 =C2=A0 =C2=A0 >=C2=A0 =C2=A0 =C2=A0 > Compiling against Li= breSSL v2.4.1 failed linking with<br> >=C2=A0 =C2=A0 =C2=A0SSL_CTX_up_ref and<br> >=C2=A0 =C2=A0 =C2=A0 >=C2=A0 =C2=A0 =C2=A0 > X509_NAME_get0_der u= ndefined. I added checking if<br> >=C2=A0 =C2=A0 =C2=A0 >=C2=A0 =C2=A0 =C2=A0LIBRESSL_VERSION_NUMBER to= the<br> >=C2=A0 =C2=A0 =C2=A0 >=C2=A0 =C2=A0 =C2=A0 > same conditional com= pilation ifs that are defined for old<br> >=C2=A0 =C2=A0 =C2=A0versions of<br> >=C2=A0 =C2=A0 =C2=A0 >=C2=A0 =C2=A0 =C2=A0OpenSSL.<br> >=C2=A0 =C2=A0 =C2=A0 >=C2=A0 =C2=A0 =C2=A0 ><br> >=C2=A0 =C2=A0 =C2=A0 >=C2=A0 =C2=A0 =C2=A0 > <a href=3D"https://g= ithub.com/cptaffe/openldap" rel=3D"noreferrer" target=3D"_blank">https://gi= thub.com/cptaffe/openldap</a><br> >=C2=A0 =C2=A0 =C2=A0 ><br> >=C2=A0 =C2=A0 =C2=A0 >=C2=A0 =C2=A0 =C2=A0Please read the Developer = Guidelines. I'm not going to pull an<br> >=C2=A0 =C2=A0 =C2=A0arbitrary repo<br> >=C2=A0 =C2=A0 =C2=A0 >=C2=A0 =C2=A0 =C2=A0to find someone's patc= h.<br> >=C2=A0 =C2=A0 =C2=A0 ><br> >=C2=A0 =C2=A0 =C2=A0 > <a href=3D"http://www.openldap.org/devel/cont= ributing.html" rel=3D"noreferrer" target=3D"_blank">http://www.openldap.org= /devel/contributing.html</a><br> >=C2=A0 =C2=A0 =C2=A0 ><br> >=C2=A0 =C2=A0 =C2=A0 >=C2=A0 =C2=A0 =C2=A0--<br> >=C2=A0 =C2=A0 =C2=A0 >=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0-- Howard Ch= u<br> >=C2=A0 =C2=A0 =C2=A0 >=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0CTO, Symas C= orp. <a href=3D"http://www.symas.com" rel=3D"noreferrer" target=3D"_blank">= http://www.symas.com</a><br> >=C2=A0 =C2=A0 =C2=A0 >=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0Director, Hi= ghland Sun <a href=3D"http://highlandsun.com/hyc/" rel=3D"noreferrer" targe= t=3D"_blank">http://highlandsun.com/hyc/</a><br> >=C2=A0 =C2=A0 =C2=A0 >=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0Chief Archit= ect, OpenLDAP <a href=3D"http://www.openldap.org/project/" rel=3D"noreferre= r" target=3D"_blank">http://www.openldap.org/project/</a><br> >=C2=A0 =C2=A0 =C2=A0 ><br> ><br> ><br> >=C2=A0 =C2=A0 =C2=A0--<br> >=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0-- Howard Chu<br> >=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0CTO, Symas Corp. <a href=3D"http://ww= w.symas.com" rel=3D"noreferrer" target=3D"_blank">http://www.symas.com</a><= br> >=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0Director, Highland Sun <a href=3D"htt= p://highlandsun.com/hyc/" rel=3D"noreferrer" target=3D"_blank">http://highl= andsun.com/hyc/</a><br> >=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0Chief Architect, OpenLDAP <a href=3D"= http://www.openldap.org/project/" rel=3D"noreferrer" target=3D"_blank">http= ://www.openldap.org/project/</a><br> ><br> <br> <br> --<br> =C2=A0 =C2=A0-- Howard Chu<br> =C2=A0 =C2=A0CTO, Symas Corp.=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0<a hr= ef=3D"http://www.symas.com" rel=3D"noreferrer" target=3D"_blank">http://www= .symas.com</a><br> =C2=A0 =C2=A0Director, Highland Sun=C2=A0 =C2=A0 =C2=A0<a href=3D"http://hi= ghlandsun.com/hyc/" rel=3D"noreferrer" target=3D"_blank">http://highlandsun= .com/hyc/</a><br> =C2=A0 =C2=A0Chief Architect, OpenLDAP=C2=A0 <a href=3D"http://www.openldap= .org/project/" rel=3D"noreferrer" target=3D"_blank">http://www.openldap.org= /project/</a><br> </blockquote></div>
--001a113eeb0accaf2b0535b8d348--
-
cpaynetaffe@gmail.com