Re: [PATCH v4 3/3] cache.h: eliminate SHA-1 deprecation warnings on OS X 10.8

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Mon, May 13, 2013 at 4:23 AM, David Aguilar <davvid@xxxxxxxxx> wrote:
> Mac OS X Mountain Lion prints warnings when building git:
>
>         warning: 'SHA1_Init' is deprecated
>         (declared at /usr/include/openssl/sha.h:121)
>
> Silence the warnings by using the CommonCrytpo SHA-1
> functions for SHA1_Init(), SHA1_Update(), and SHA1_Final().
>
> Add a COMMON_DIGEST_SHA1 option to the Makefile to allow
> choosing this implementation and define it by default on Darwin.

The approach of adding a Makefile option for each CommonCrypto
facility does not really scale well. For instance, these days, I
generally build git against OpenSSL from MacPorts, which gives me a
warning-free git build since MacPorts/OpenSSL lacks those
Apple-specific deprecation flags. With this patch series introducing
several Makefile knobs, people wishing to use MacPorts/OpenSSL will
have to tweak each knob. These patches already introduce two knobs
(COMMON_DIGEST_SHA1, COMMON_DIGEST_HMAC). Adding more knobs to silence
the remaining 29 deprecation warnings will make the build more
cumbersome for those who prefer OpenSSL. Instead, introducing a single
knob (such as APPLE_COMMON_CRYPTO) would avoid this problem.

More generally, is the approach of trying to figure out CommonCrypto
replacements for DIGEST, HMAC, and the other 29 warnings worthwhile?
After all, Apple introduced deprecation warnings due to the
ABI-instability of OpenSSL, not due to any particular flaw in OpenSSL
or its API. A more manageable approach might simply be to disable that
particular warning on Darwin (via CFLAGS or perhaps '#pragma GCC
diagnostic ignored' for more fine-grained control).

> Define COMMON_DIGEST_FOR_OPENSSL to enable the OpenSSL
> compatibility macros in CommonDigest.h.
>
> Helped-by: Eric Sunshine <sunshine@xxxxxxxxxxxxxx>
> Signed-off-by: David Aguilar <davvid@xxxxxxxxx>
> ---
> Changes since last round:
> COMMON_DIGEST_FOR_OPENSSL is used to enable the compatibility macros.
>
>  Makefile | 6 ++++++
>  1 file changed, 6 insertions(+)
>
> diff --git a/Makefile b/Makefile
> index a0f7afc..29c02ed 100644
> --- a/Makefile
> +++ b/Makefile
> @@ -1055,6 +1055,7 @@ ifeq ($(uname_S),Darwin)
>                 endif
>         endif
>         COMMON_DIGEST_HMAC = YesPlease
> +       COMMON_DIGEST_SHA1 = YesPlease
>         NO_REGEX = YesPlease
>         PTHREAD_LIBS =
>  endif
> @@ -1390,10 +1391,15 @@ ifdef PPC_SHA1
>         LIB_OBJS += ppc/sha1.o ppc/sha1ppc.o
>         LIB_H += ppc/sha1.h
>  else
> +ifdef COMMON_DIGEST_SHA1
> +       BASIC_CFLAGS += -DCOMMON_DIGEST_FOR_OPENSSL
> +       SHA1_HEADER = <CommonCrypto/CommonDigest.h>
> +else
>         SHA1_HEADER = <openssl/sha.h>
>         EXTLIBS += $(LIB_4_CRYPTO)
>  endif
>  endif
> +endif
>
>  ifdef COMMON_DIGEST_HMAC
>         BASIC_CFLAGS += -DCOMMON_DIGEST_FOR_HMAC
> --
> 1.8.3.rc1.52.g872cb7b
>
--
To unsubscribe from this list: send the line "unsubscribe git" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html




[Index of Archives]     [Linux Kernel Development]     [Gcc Help]     [IETF Annouce]     [DCCP]     [Netdev]     [Networking]     [Security]     [V4L]     [Bugtraq]     [Yosemite]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux SCSI]     [Fedora Users]