Message ID | 20180317122348.5394-1-hauke@hauke-m.de |
---|---|
State | Superseded |
Delegated to: | Tom Rini |
Headers | show |
Series | [U-Boot] tools/mxsimage: Support building with LibreSSL | expand |
On 03/17/2018 03:47 PM, Marek Vasut wrote: > On 03/17/2018 01:23 PM, Hauke Mehrtens wrote: >> The mxsimage utility fails to compile against LibreSSL because LibreSSL >> says it is OpenSSL 2.0, but it does not support the complete OpenSSL 1.1 >> interface. > > The mxsimage does support OpenSSL 1.1 , the commit message is confusing. > Can you elaborate on that and reword the last part ? libressl defines the following in version 2.7.4: #define OPENSSL_VERSION_NUMBER 0x20000000L #define LIBRESSL_VERSION_NUMBER 0x2060400fL see here: https://github.com/libressl-portable/openbsd/blob/OPENBSD_6_2/src/lib/libcrypto/opensslv.h But OPENSSL_zalloc() is not provided by libressl, that is only available in OpeSSL 1.1.0 and later. I do not know if libressl plans to add functions like OPENSSL_zalloc() in the future, but currently it is not included and we always have to use the backward compatible code when compiling against libressl. >> Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de> >> --- >> tools/mxsimage.c | 2 +- >> 1 file changed, 1 insertion(+), 1 deletion(-) >> >> diff --git a/tools/mxsimage.c b/tools/mxsimage.c >> index 32a7978cae..0cbf007dff 100644 >> --- a/tools/mxsimage.c >> +++ b/tools/mxsimage.c >> @@ -26,7 +26,7 @@ >> * OpenSSL 1.1.0 and newer compatibility functions: >> * https://wiki.openssl.org/index.php/1.1_API_Changes >> */ >> -#if OPENSSL_VERSION_NUMBER < 0x10100000L >> +#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) > > This should check for the libressl version number value too I think? > >> static void *OPENSSL_zalloc(size_t num) >> { >> void *ret = OPENSSL_malloc(num); >> > >
On 03/18/2018 01:33 AM, Jonathan Gray wrote: > On Sat, Mar 17, 2018 at 05:24:47PM +0100, Marek Vasut wrote: >> On 03/17/2018 04:09 PM, Hauke Mehrtens wrote: >>> On 03/17/2018 03:47 PM, Marek Vasut wrote: >>>> On 03/17/2018 01:23 PM, Hauke Mehrtens wrote: >>>>> The mxsimage utility fails to compile against LibreSSL because LibreSSL >>>>> says it is OpenSSL 2.0, but it does not support the complete OpenSSL 1.1 >>>>> interface. >>>> >>>> The mxsimage does support OpenSSL 1.1 , the commit message is confusing. >>>> Can you elaborate on that and reword the last part ? >>> >>> libressl defines the following in version 2.7.4: >>> #define OPENSSL_VERSION_NUMBER 0x20000000L >>> #define LIBRESSL_VERSION_NUMBER 0x2060400fL >>> see here: >>> https://github.com/libressl-portable/openbsd/blob/OPENBSD_6_2/src/lib/libcrypto/opensslv.h >>> >>> But OPENSSL_zalloc() is not provided by libressl, that is only available >>> in OpeSSL 1.1.0 and later. >> >> So it's libressl that's API-incompatible and thus broken ? OK >> >> I guess the commit message should mention that and then yes, if >> LIBRESSL_VERSION_NUMBER is defined, we should treat it as old version of >> OpenSSL. > > LibreSSL implements parts of the OpenSSL 1.1 API without breaking > backwards compat like OpenSSL did. > > The proposed patch to mxsimage.c is wrong as some of these functions > are now implemented by LibreSSL. > > https://marc.info/?l=openbsd-cvs&m=151887933725237&w=2 > EVP_MD_CTX_new() > EVP_MD_CTX_free() > EVP_CIPHER_CTX_reset() > > OPENSSL_zalloc() is not implemented but it is only used in this ifdef block. > > A patch along the lines of the below would be better. > > diff --git a/tools/mxsimage.c b/tools/mxsimage.c > index 32a7978cae..c8f1f204e3 100644 > --- a/tools/mxsimage.c > +++ b/tools/mxsimage.c > @@ -26,7 +26,8 @@ > * OpenSSL 1.1.0 and newer compatibility functions: > * https://wiki.openssl.org/index.php/1.1_API_Changes > */ > -#if OPENSSL_VERSION_NUMBER < 0x10100000L > +#if OPENSSL_VERSION_NUMBER < 0x10100000L || \ > + (defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x2070000fL) > static void *OPENSSL_zalloc(size_t num) > { > void *ret = OPENSSL_malloc(num); > Yes you are right your patch is better. Now I also found these functions in the libressl repository and they will be available with the version 2.7.0. https://github.com/libressl-portable/openbsd/commit/2443cc9a48b200ef126dba99cbbb2f25937382e0 https://github.com/libressl-portable/openbsd/commit/651a8b53a2a41bbfc31d665b3f7030109d09606e Is this sufficient or should I send a new patch? Hauke
diff --git a/tools/mxsimage.c b/tools/mxsimage.c index 32a7978cae..0cbf007dff 100644 --- a/tools/mxsimage.c +++ b/tools/mxsimage.c @@ -26,7 +26,7 @@ * OpenSSL 1.1.0 and newer compatibility functions: * https://wiki.openssl.org/index.php/1.1_API_Changes */ -#if OPENSSL_VERSION_NUMBER < 0x10100000L +#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) static void *OPENSSL_zalloc(size_t num) { void *ret = OPENSSL_malloc(num);
The mxsimage utility fails to compile against LibreSSL because LibreSSL says it is OpenSSL 2.0, but it does not support the complete OpenSSL 1.1 interface. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de> --- tools/mxsimage.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)