[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH] libcrypto: fix compilation with LibreSSL
[Thread Prev] | [Thread Next]
- Subject: Re: [PATCH] libcrypto: fix compilation with LibreSSL
- From: Stefan Strogin <steils@xxxxxxxxxx>
- Reply-to: libssh@xxxxxxxxxx
- Date: Mon, 1 Jul 2019 18:12:24 +0300
- To: libssh@xxxxxxxxxx
Hi Jakub, On 01/07/2019 15:46, Jakub Jelen wrote: > Thank you for the patch. > > I am wondering whether it would be cleaner to have this detection done > in cmake (see ConfigureChecks.cmake and config.h.cmake) and have the > code clean of specific references to different implementation of > openssl API. > > Regards, > Thanks for the quick reply! Something like defining HAVE_FIPS_MODE in cmake for OpenSSL only when FIPS is supported and then checking it in libcrypto.h? It can be done, not sure which way is better. I'll make a patch v2, so you could decide. Yet I see nothing wrong with *SSL_VERSION_NUMBER ifdefs in the code when they are justified. References to different OpenSSL versions already exist in libssh (grep it for OPENSSL_VERSION_NUMBER). As far as I know ifdefs with LIBRESSL_VERSIONS_NUMBER and OPENSSL_VERSION_NUMBER is a very common way of supporting different OpenSSL/LibreSSL API versions in many projects. For example: https://github.com/OpenVPN/openvpn/commit/a47508606be2c6359d4b27c3b65b72dfe4786222 https://github.com/curl/curl/commit/7c90c93c0b061da81f69fabdd57125b2783c15fb https://w1.fi/cgit/hostap/commit/?id=f665c93e1d28fbab3d9127a8c3985cc32940824f etc, lots of them. -- Stefan
| [PATCH] libcrypto: fix compilation with LibreSSL | Stefan Strogin <steils@xxxxxxxxxx> |
| Re: [PATCH] libcrypto: fix compilation with LibreSSL | Jakub Jelen <jjelen@xxxxxxxxxx> |