Re: "Remove a host of unnecessary OPENSSL_IS_BORINGSSL ifdefs" breaks build on older OSs.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On 11/16/22 6:26 PM, David Benjamin wrote:

[resending as plain text since the original message bounced from the list.]

Yes, the patch is necessary to avoid problems with later revisions of
BoringSSL. But the aim was not to break older OpenSSLs, so it's
possible some detail was wrong. Can you please provide the OpenSSL
version and the compile error?


Among other things, this code will not compile:

DEFINE_STACK_OF(AttrOrOID)

Maybe you can edit your patch to only pay attention to boring-ssl and leave
the openssl related checks in place?

I know this broke on my fedora-20 build machine:

[greearb@v-f20-64 hostap]$ rpm -qa|grep openss
openssh-clients-6.4p1-8.fc20.x86_64
openssh-server-6.4p1-8.fc20.x86_64
openssh-6.4p1-8.fc20.x86_64
openssl-1.0.1e-42.fc20.x86_64
openssh-askpass-6.4p1-8.fc20.x86_64
openssl-libs-1.0.1e-42.fc20.x86_64
openssl-devel-1.0.1e-42.fc20.x86_64


For now, I have reverted your patch in my tree and now it builds fine.
If you'd like to post a new patch I can test it.

Thanks,
Ben



On Wed, Nov 16, 2022 at 12:28 PM Ben Greear <greearb@xxxxxxxxxxxxxxx> wrote:


Hello David,

This patch is breaking compile on Fedora-24 and earlier (due to older openssl).

Does this patch actually help anything, or is it just code cleanup?

commit faf9c04cb51c9c1b5f2a4599c57e6ba44f6d2428
Author: David Benjamin <davidben@xxxxxxxxxx>
Date:   Mon Jun 13 12:22:05 2022 -0400

      Remove a host of unnecessary OPENSSL_IS_BORINGSSL ifdefs

      The <openssl/buf.h> include is relevant in both OpenSSL and BoringSSL
      because the file uses BUF_MEM (include what you use). OpenSSL just
      happened to include it via another file. OpenSSL also spells it
      <openssl/buffer.h>, not matching the type, so use the compatible
      spelling.

      Additionally all the CHECKED_CAST and manual STACK_OF(T) definitions
      call into BoringSSL internals. The correct, public APIs are simply to
      just use the same code as OpenSSL and call the DEFINE_STACK_OF macros.

      Signed-off-by: David Benjamin <davidben@xxxxxxxxxx>

Thanks,
Ben

--
Ben Greear <greearb@xxxxxxxxxxxxxxx>
Candela Technologies Inc  http://www.candelatech.com






--
Ben Greear <greearb@xxxxxxxxxxxxxxx>
Candela Technologies Inc  http://www.candelatech.com


_______________________________________________
Hostap mailing list
Hostap@xxxxxxxxxxxxxxxxxxx
http://lists.infradead.org/mailman/listinfo/hostap
[Index of Archives]     [Linux Wireless]     [Linux Kernel]     [ATH6KL]     [Linux Bluetooth]     [Linux Netdev]     [Kernel Newbies]     [IDE]     [Security]     [Git]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux ATA RAID]     [Samba]     [Device Mapper]

  Powered by Linux