[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH] libcrypto: fix compilation with LibreSSL
[Thread Prev] | [Thread Next]
- Subject: Re: [PATCH] libcrypto: fix compilation with LibreSSL
- From: Jakub Jelen <jjelen@xxxxxxxxxx>
- Reply-to: libssh@xxxxxxxxxx
- Date: Mon, 01 Jul 2019 14:46:00 +0200
- To: libssh@xxxxxxxxxx
- Cc: Stefan Strogin <steils@xxxxxxxxxx>
On Mon, 2019-07-01 at 13:46 +0300, Stefan Strogin wrote: > LibreSSL does not support FIPS, so do not check it. > > Signed-off-by: Stefan Strogin <steils@xxxxxxxxxx> > --- > include/libssh/libcrypto.h | 4 ++++ > 1 file changed, 4 insertions(+) > > diff --git a/include/libssh/libcrypto.h b/include/libssh/libcrypto.h > index 541912b5..1a1df635 100644 > --- a/include/libssh/libcrypto.h > +++ b/include/libssh/libcrypto.h > @@ -112,7 +112,11 @@ typedef BN_CTX* bignum_CTX; > > > /* Returns true if the OpenSSL is operating in FIPS mode */ > +#ifndef LIBRESSL_VERSION_NUMBER > #define ssh_fips_mode() (FIPS_mode() != 0) > +#else > +#define ssh_fips_mode() false > +#endif > > #endif /* HAVE_LIBCRYPTO */ > Thank you for the patch. I am wondering whether it would be cleaner to have this detection done in cmake (see ConfigureChecks.cmake and config.h.cmake) and have the code clean of specific references to different implementation of openssl API. Regards, -- Jakub Jelen Senior Software Engineer Security Technologies Red Hat, Inc.
| Re: [PATCH] libcrypto: fix compilation with LibreSSL | Stefan Strogin <steils@xxxxxxxxxx> |
| [PATCH] libcrypto: fix compilation with LibreSSL | Stefan Strogin <steils@xxxxxxxxxx> |