Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

build with OpenSSL 1.1 is broken #7735

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

build with OpenSSL 1.1 is broken #7735

wants to merge 1 commit into from

Conversation

mastersin
Copy link
Contributor

cert util: add support build with OpenSSL older than 3.0:

  • Don't include <openssl/core_names.h> header if OpenSSL older 3.0 is used.
  • Fix compile typos for build with OpenSSL 1.1.

@mastersin mastersin mentioned this pull request Dec 2, 2024
Closed
@alexey-tikhonov alexey-tikhonov self-assigned this Dec 2, 2024
sumit-bose
sumit-bose reviewed Dec 3, 2024
View reviewed changes
src/util/cert/libcrypto/cert.c Outdated
@@ -406,16 +416,16 @@ static int sss_rsa_get_key(const EVP_PKEY *cert_pub_key,

RSA_get0_key(rsa_pub_key, tmp_n, tmp_e, NULL);
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hi,

I'm sorry for all the typos, I was under the assumption the one of the CI systems is still using OpenSSL-1.1 so I assumed that everything was fine if all CI builds succeeded.

In the patch for sssd-2-9 you have + RSA_get0_key(rsa_pub_key, &tmp_n, &tmp_e, NULL); and it looks like I need this for master too, to not get incompatible-pointer-types warnings.

bye,
Sumit

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@mastersin, ping

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Sorry, it looks like my merge mistake. I fixed it and pushed with force.

@alexey-tikhonov
Copy link
Member

Thank you, ACK.

sumit-bose
sumit-bose reviewed Dec 10, 2024
View reviewed changes
Copy link
Contributor

@sumit-bose sumit-bose left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hi,

I'm sorry, there is still a typo, line 246/252 should be

if (ec_group == NULL) {

instead of

if (*_ec_group == NULL) {

This has to be fixed in the sssd-2-10 version of this patch as well.

bye,
Sumit

@mastersin
cert util: add support build with OpenSSL older than 3.0
0be2efa 
Don't include <openssl/core_names.h> header if OpenSSL older 3.0 is
used. Fix compile typos for build with OpenSSL 1.1.
sumit-bose
sumit-bose approved these changes Dec 10, 2024
View reviewed changes
Copy link
Contributor

@sumit-bose sumit-bose left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hi,

thank you for the update, SSSD now build with older OpenSSL and tests are passing, ACK.

bye,
Sumit

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@alexey-tikhonov alexey-tikhonov alexey-tikhonov approved these changes

@sumit-bose sumit-bose sumit-bose approved these changes

Assignees

@sumit-bose sumit-bose

@alexey-tikhonov alexey-tikhonov

Labels
Accepted branch: sssd-2-10
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@mastersin @alexey-tikhonov @sumit-bose