Use accessors for DSA and RSA objects

NLnetLabs / ldns

LDNS is a DNS library that facilitates DNS tool programming

https://nlnetlabs.nl/ldns

BSD 3-Clause "New" or "Revised" License

292 stars 98 forks source link

Use accessors for DSA and RSA objects #151

Closed botovq closed 2 years ago

botovq commented 2 years ago

In the upcoming LibreSSL version 3.5, the DSA and RSA structs will become opaque, so we should use the OpenSSL 1.1 setters and getters to fix the build. The relevant API has been available since LibreSSL 2.7. The last LibreSSL version (2.6) not having these accessors was EOL late 2018, so no users should be affected by this change.

wtoorop commented 2 years ago

Thanks. There is something to say for dropping support for libraries that are EOL yes, but we haven't done it that way before... I think I would prefer a more conservative approach... something like this?:

#if OPENSSL_VERSION_NUMBER < 0x10100000 || (defined(HAVE_LIBRESSL) &&  OPENSSL_VERSION_NUMBER < 0x20700000)

botovq commented 2 years ago

Thanks for your feedback, understood and PR amended. We need to use LIBRESSL_VERSION_NUMBER since OPENSSL_VERSION_NUMBER is a constant.

https://github.com/libressl-portable/openbsd/blob/bc1ae415b645733fb5b0b7a063efaba81beae65d/src/lib/libcrypto/opensslv.h#L6-L11

wtoorop commented 2 years ago

Perfect @botovq . Thanks!