[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Bug-wget] Failing to compile without depricated features from opens
|
From: |
Tim Ruehsen |
|
Subject: |
Re: [Bug-wget] Failing to compile without depricated features from openssl |
|
Date: |
Sun, 26 Nov 2017 19:03:41 +0100 |
Am Dienstag, den 21.11.2017, 00:07 -0600 schrieb Matthew Thode:
> Hi,
>
> It looks like openssl-1.1 support needs to be tweaked a bit to
> support
> building when openssl does not support depricated features.
>
> We are tracking the bug here, https://bugs.gentoo.org/604490 and have
> an
> attached patch here https://bugs.gentoo.org/attachment.cgi?id=498698
>
> The patch looks straight forward to my untrained eyes, but I'd like
> an
> ack on it or to possibly get the patch committed. (if just an ack
> I'd
> start carrrying it in our tree).
>
The patch seems to have a bug. IMO, it should be
if (ssl_options)
SSL_CTX_set_options (ssl_ctx, ssl_options);
+#if !defined(LIBRESSL_VERSION_NUMBER) && (OPENSSL_VERSION_NUMBER >=
0x10100000L)
+ if (ssl_proto_version)
+ SSL_CTX_set_min_proto_version(ssl_ctx, ssl_proto_version);
+#endif
+
Because you only declare 'ssl_proto_version' only under the above
conditions. Which means, the patch won't compile on older versions of
Openssl.
But please have a look and let me know if my assumption is right. The
commit can be found in branch 'openssl-1.1'.
With Best Regards, Tim
>
signature.asc
Description: This is a digitally signed message part