On Mon, Jan 04, 2016 at 01:29:56PM -0700, The Doctor wrote: > On Mon, Jan 04, 2016 at 07:22:04PM +0000, Viktor Dukhovni wrote: > > On Mon, Jan 04, 2016 at 09:08:31AM -0700, The Doctor wrote: > > > > > if ((rc = fprintf(fd ,"%08x (%s)\n", SSLeay(), > > > SSLeay_version(SSLEAY_VERSION))) <0) > > > > > > Could there be anything that is causing openssh not to see the new openssl 1.1 > > > > The above. The SSLeay names are gone. The new way is: > > > > if ((rc = fprintf(fd ,"%08x (%s)\n", OpenSSL_version_num(), > > OpenSSL_version(OPENSSL_VERSION))) <0) > > > > I think it is likely prudent at this time to restore source- > > backwards-compatible behaviour, by adding to <openssl/crypto.h>: > > > > #if !defined(OPENSSL_API_COMPAT) || OPENSSL_API_COMPAT < 0x10100000L > > # include <openssl/opensslv.h> > > # define SSLeay OpenSSL_version_num > > # define SSLeay_version OpenSSL_version > > # define SSLEAY_VERSION_NUMBER OPENSSL_VERSION_NUMBER > > # define SSLEAY_VERSION OPENSSL_VERSION > > # define SSLEAY_CFLAGS OPENSSL_CFLAGS > > # define SSLEAY_BUILT_ON OPENSSL_BUILT_ON > > # define SSLEAY_PLATFORM OPENSSL_PLATFORM > > # define SSLEAY_DIR OPENSSL_DIR > > #endif /* OPENSSL_API_COMPAT */ > > > > Users who want to make sure they are avoiding interfaces that are > > deprecated with 1.1.0 can set OPENSSL_API_COMPAT to 0x10100000L or > > higher as appropriate. > > That is one way. > > Can we get developers to come on baord so that > we can launch a new era without incident? All right, can the above be committed and any other source-backwards-compatible behaviour ? This will help API developers a lot. BTW, I got openssl-SNAP-20160115 to behave nicely. -- Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca God,Queen and country!Never Satan President Republic!Beware AntiChrist rising! http://www.fullyfollow.me/rootnl2k Look at Psalms 14 and 53 on Atheism Birthdate 29 Jan 1969 Redhill, Surrey, UK
