Closed kalbasit closed 7 years ago
What is blocking you from merging this @kalbasit ???
@awitherow I don't have write permission to do so :(
I will try and poke the maintainer.
@AGWA are you there? Ping ping.
I'm curious if there are any platforms currently shipping only OpenSSL 1.1 and not also OpenSSL 1.0. There are definitely platforms that still only have OpenSSL 1.0, and git-crypt needs to continue supporting them. So I'm afraid it's not as simple as just merging this PR.
@AGWA do you know if there's a way to split the build? perhaps with a #ifdef
or maybe we can do so in the Makefile?
Yeah, #ifdef
would work. Does OpenSSL define any constants in its header files that we could match on?
@AGWA openssl 1.1 defines OPENSSL_API_COMPAT
but openssl 1.0 does not. See https://github.com/openssl/openssl/blob/c4604e9b97a4f6c4fd532dbab0fc4b1fdad81276/include/openssl/opensslconf.h.in#L93
feel free to push on my PR if you have a system with openssl 1.0 handy you can test with.
$ grep OPENSSL_API_COMPAT /usr/include/openssl-1.0/openssl/*.h
$ grep OPENSSL_API_COMPAT /usr/include/openssl/*.h
/usr/include/openssl/asn1.h:# if OPENSSL_API_COMPAT < 0x10100000L
/usr/include/openssl/bio.h:# if OPENSSL_API_COMPAT < 0x10100000L
/usr/include/openssl/bn.h:# if OPENSSL_API_COMPAT < 0x00908000L
/usr/include/openssl/bn.h:# if OPENSSL_API_COMPAT >= 0x00908000L
/usr/include/openssl/bn.h:# if OPENSSL_API_COMPAT < 0x10100000L
/usr/include/openssl/comp.h:#if OPENSSL_API_COMPAT < 0x10100000L
/usr/include/openssl/conf.h:#if OPENSSL_API_COMPAT < 0x10100000L
/usr/include/openssl/conf.h:#if OPENSSL_API_COMPAT < 0x10100000L
/usr/include/openssl/crypto.h:# if OPENSSL_API_COMPAT < 0x10100000L
/usr/include/openssl/crypto.h:# if OPENSSL_API_COMPAT < 0x10100000L
/usr/include/openssl/crypto.h:# endif /* OPENSSL_API_COMPAT */
/usr/include/openssl/crypto.h:# if OPENSSL_API_COMPAT < 0x10100000L
/usr/include/openssl/crypto.h:# if OPENSSL_API_COMPAT < 0x10000000L
/usr/include/openssl/crypto.h:# endif /* OPENSSL_API_COMPAT < 0x10000000L */
/usr/include/openssl/crypto.h:# endif /* OPENSSL_API_COMPAT < 0x10100000L */
/usr/include/openssl/crypto.h:# if OPENSSL_API_COMPAT < 0x10100000L
/usr/include/openssl/dh.h:# if OPENSSL_API_COMPAT < 0x10100000L
/usr/include/openssl/dh.h:# if OPENSSL_API_COMPAT < 0x10100000L
/usr/include/openssl/dsa.h:# if OPENSSL_API_COMPAT < 0x10100000L
/usr/include/openssl/dsa.h:# if OPENSSL_API_COMPAT < 0x10100000L
/usr/include/openssl/ec.h:# if OPENSSL_API_COMPAT < 0x10100000L
/usr/include/openssl/engine.h:# if OPENSSL_API_COMPAT < 0x10100000L
/usr/include/openssl/engine.h:#if OPENSSL_API_COMPAT < 0x10100000L
/usr/include/openssl/engine.h:#if OPENSSL_API_COMPAT < 0x10100000L
/usr/include/openssl/err.h:#if OPENSSL_API_COMPAT < 0x10100000L
/usr/include/openssl/evp.h:# if OPENSSL_API_COMPAT < 0x10100000L
/usr/include/openssl/evp.h:# if OPENSSL_API_COMPAT < 0x10100000L
/usr/include/openssl/evp.h:# if OPENSSL_API_COMPAT < 0x10100000L
/usr/include/openssl/idea.h:# if OPENSSL_API_COMPAT < 0x10100000L
/usr/include/openssl/lhash.h:# if OPENSSL_API_COMPAT < 0x10100000L
/usr/include/openssl/objects.h:#if OPENSSL_API_COMPAT < 0x10100000L
/usr/include/openssl/opensslconf.h: * Applications should use -DOPENSSL_API_COMPAT=<version> to suppress the
/usr/include/openssl/opensslconf.h:#if !defined(OPENSSL_API_COMPAT) || OPENSSL_API_COMPAT < OPENSSL_MIN_API
/usr/include/openssl/opensslconf.h:# undef OPENSSL_API_COMPAT
/usr/include/openssl/opensslconf.h:# define OPENSSL_API_COMPAT OPENSSL_MIN_API
/usr/include/openssl/opensslconf.h:#if OPENSSL_API_COMPAT < 0x10100000L
/usr/include/openssl/opensslconf.h:#if OPENSSL_API_COMPAT < 0x10000000L
/usr/include/openssl/opensslconf.h:#if OPENSSL_API_COMPAT < 0x00908000L
/usr/include/openssl/pkcs12.h:#if OPENSSL_API_COMPAT < 0x10100000L
/usr/include/openssl/rand.h:#if OPENSSL_API_COMPAT < 0x10100000L
/usr/include/openssl/rsa.h:# if OPENSSL_API_COMPAT < 0x10100000L
/usr/include/openssl/rsa.h:# if OPENSSL_API_COMPAT < 0x10100000L
/usr/include/openssl/rsa.h:# if OPENSSL_API_COMPAT < 0x00908000L
/usr/include/openssl/ssl.h:# if OPENSSL_API_COMPAT < 0x10100000L
/usr/include/openssl/ssl.h:# if OPENSSL_API_COMPAT < 0x10100000L
/usr/include/openssl/ssl.h:#if OPENSSL_API_COMPAT < 0x10100000L
/usr/include/openssl/ssl.h:#if OPENSSL_API_COMPAT < 0x10100000L
/usr/include/openssl/ssl.h:#if OPENSSL_API_COMPAT < 0x10100000L
/usr/include/openssl/ssl.h:#if OPENSSL_API_COMPAT < 0x10100000L
/usr/include/openssl/ssl.h:# if OPENSSL_API_COMPAT < 0x10100000L
/usr/include/openssl/stack.h:# if OPENSSL_API_COMPAT < 0x10100000L
/usr/include/openssl/tls1.h:# if OPENSSL_API_COMPAT < 0x10100000L
/usr/include/openssl/ui.h:# if OPENSSL_API_COMPAT < 0x10100000L
/usr/include/openssl/x509.h:# if OPENSSL_API_COMPAT < 0x10100000L
/usr/include/openssl/x509.h:# if OPENSSL_API_COMPAT < 0x10100000L
/usr/include/openssl/x509.h:# if OPENSSL_API_COMPAT < 0x10100000L
/usr/include/openssl/x509v3.h:#if OPENSSL_API_COMPAT < 0x10100000L
/usr/include/openssl/x509_vfy.h:#if OPENSSL_API_COMPAT < 0x10100000L
/usr/include/openssl/x509_vfy.h:# if OPENSSL_API_COMPAT < 0x10100000L
/usr/include/openssl/x509_vfy.h:#if OPENSSL_API_COMPAT < 0x10100000L
@AGWA I updated the PR, split the crypto into two files. We could merge into one with multiple if
s, but this might be cleaner in the long run. @AGWA let me know if this is acceptable to you and I'll squash the commits before you merge (or you can squash merge).
@kalbasit Thanks for updating the PR. Doesn't the Makefile also need to be updated so the new file you added will be compiled?
@AGWA You're right. I just pushed a build fix. Is there a test suite we can run?
closes #111