Message ID | 20201013124655.1408-1-aserdean@cloudbasesolutions.com |
---|---|
State | Changes Requested |
Headers | show |
Series | [ovs-dev,v2] windows: Bump OpenSSL version | expand |
On 10/13/20 2:46 PM, Alin Gabriel Serdean wrote: > Switch from OpenSSL 1.0.2 to 1.1.1. > > `mkdir` does not support permission arguments on Windows. Create a wrapper > for it that uses only the last argument and uses `-p` option. Does chmod work fine on windows? Maybe it's better to replace 'mkdir -m' invocations with pairs of 'mkdir'+'chmod'? It seems important to have correct permissions on certificates and keys. Best regards, Ilya Maximets. > > Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> > --- > v2: Add more details in the commit message. > --- > appveyor.yml | 6 +++--- > m4/ax_check_openssl.m4 | 2 +- > utilities/ovs-pki.in | 8 ++++++++ > 3 files changed, 12 insertions(+), 4 deletions(-) > > diff --git a/appveyor.yml b/appveyor.yml > index 25c3f69fb..9debf1465 100644 > --- a/appveyor.yml > +++ b/appveyor.yml > @@ -15,15 +15,15 @@ init: > > mkdir C:\openvswitch\driver > > - $source = "https://slproweb.com/download/Win64OpenSSL-1_0_2u.exe" > + $source = "https://slproweb.com/download/Win64OpenSSL-1_1_1h.exe" > > - $destination = "C:\ovs-build-downloads\Win64OpenSSL-1_0_2u.exe" > + $destination = "C:\ovs-build-downloads\Win64OpenSSL-1_1_1h.exe" > > Invoke-WebRequest $source -OutFile $destination > > cd C:\ovs-build-downloads > > - .\Win64OpenSSL-1_0_2u.exe /silent /verysilent /sp- /suppressmsgboxes > + .\Win64OpenSSL-1_1_1h.exe /silent /verysilent /sp- /suppressmsgboxes > > Start-Sleep -s 30 > > diff --git a/m4/ax_check_openssl.m4 b/m4/ax_check_openssl.m4 > index 281d4dc65..37f983284 100644 > --- a/m4/ax_check_openssl.m4 > +++ b/m4/ax_check_openssl.m4 > @@ -81,7 +81,7 @@ AC_DEFUN([AX_CHECK_OPENSSL], [ > SSL_INCLUDES="-I$ssldir/include" > SSL_LDFLAGS="-L$ssldir/lib" > if test "$WIN32" = "yes"; then > - SSL_LIBS="-lssleay32 -llibeay32" > + SSL_LIBS="-llibssl -llibcrypto" > SSL_DIR=/$(echo ${ssldir} | ${SED} -e 's/://') > else > SSL_LIBS="-lssl -lcrypto" > diff --git a/utilities/ovs-pki.in b/utilities/ovs-pki.in > index e0ba910f9..c846b69a1 100755 > --- a/utilities/ovs-pki.in > +++ b/utilities/ovs-pki.in > @@ -57,6 +57,14 @@ FreeBSD|NetBSD|Darwin) > ;; > esac > > +case $(uname -s) in > +MINGW*|MSYS*) > + mkdir() { > + command mkdir -p "${@: -1}" > + } > + ;; > +esac > + > for option; do > # This option-parsing mechanism borrowed from a Autoconf-generated > # configure script under the following license: >
From: Ilya Maximets<mailto:i.maximets@ovn.org> Sent: Wednesday, October 21, 2020 6:50 PM To: Alin Serdean<mailto:aserdean@cloudbasesolutions.com>; dev@openvswitch.org<mailto:dev@openvswitch.org> Cc: i.maximets@ovn.org<mailto:i.maximets@ovn.org>; Mark Gray<mailto:mark.d.gray@redhat.com> Subject: Re: [PATCH v2] windows: Bump OpenSSL version On 10/13/20 2:46 PM, Alin Gabriel Serdean wrote: > Switch from OpenSSL 1.0.2 to 1.1.1. > > `mkdir` does not support permission arguments on Windows. Create a wrapper > for it that uses only the last argument and uses `-p` option. Does chmod work fine on windows? Maybe it's better to replace 'mkdir -m' invocations with pairs of 'mkdir'+'chmod'? It seems important to have correct permissions on certificates and keys. [Alin] Thank you for the review! Unfortunately chmod doesn’t work as expected on Windows. Thank you for raising the concern, I will switch it to `mkdir`+`icacls` to make sure only the right permissions are set. -- Alin.
diff --git a/appveyor.yml b/appveyor.yml index 25c3f69fb..9debf1465 100644 --- a/appveyor.yml +++ b/appveyor.yml @@ -15,15 +15,15 @@ init: mkdir C:\openvswitch\driver - $source = "https://slproweb.com/download/Win64OpenSSL-1_0_2u.exe" + $source = "https://slproweb.com/download/Win64OpenSSL-1_1_1h.exe" - $destination = "C:\ovs-build-downloads\Win64OpenSSL-1_0_2u.exe" + $destination = "C:\ovs-build-downloads\Win64OpenSSL-1_1_1h.exe" Invoke-WebRequest $source -OutFile $destination cd C:\ovs-build-downloads - .\Win64OpenSSL-1_0_2u.exe /silent /verysilent /sp- /suppressmsgboxes + .\Win64OpenSSL-1_1_1h.exe /silent /verysilent /sp- /suppressmsgboxes Start-Sleep -s 30 diff --git a/m4/ax_check_openssl.m4 b/m4/ax_check_openssl.m4 index 281d4dc65..37f983284 100644 --- a/m4/ax_check_openssl.m4 +++ b/m4/ax_check_openssl.m4 @@ -81,7 +81,7 @@ AC_DEFUN([AX_CHECK_OPENSSL], [ SSL_INCLUDES="-I$ssldir/include" SSL_LDFLAGS="-L$ssldir/lib" if test "$WIN32" = "yes"; then - SSL_LIBS="-lssleay32 -llibeay32" + SSL_LIBS="-llibssl -llibcrypto" SSL_DIR=/$(echo ${ssldir} | ${SED} -e 's/://') else SSL_LIBS="-lssl -lcrypto" diff --git a/utilities/ovs-pki.in b/utilities/ovs-pki.in index e0ba910f9..c846b69a1 100755 --- a/utilities/ovs-pki.in +++ b/utilities/ovs-pki.in @@ -57,6 +57,14 @@ FreeBSD|NetBSD|Darwin) ;; esac +case $(uname -s) in +MINGW*|MSYS*) + mkdir() { + command mkdir -p "${@: -1}" + } + ;; +esac + for option; do # This option-parsing mechanism borrowed from a Autoconf-generated # configure script under the following license:
Switch from OpenSSL 1.0.2 to 1.1.1. `mkdir` does not support permission arguments on Windows. Create a wrapper for it that uses only the last argument and uses `-p` option. Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> --- v2: Add more details in the commit message. --- appveyor.yml | 6 +++--- m4/ax_check_openssl.m4 | 2 +- utilities/ovs-pki.in | 8 ++++++++ 3 files changed, 12 insertions(+), 4 deletions(-)