lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Tue, 5 Oct 2021 19:11:02 +0100 From: Lee Jones <lee.jones@...aro.org> To: Eric Biggers <ebiggers@...nel.org> Cc: Adam Langley <agl@...gle.com>, linux-kernel@...r.kernel.org, David Howells <dhowells@...hat.com>, David Woodhouse <dwmw2@...radead.org>, keyrings@...r.kernel.org Subject: Re: [PATCH 1/1] sign-file: Use OpenSSL provided define to compile out deprecated APIs On Tue, 05 Oct 2021, Eric Biggers wrote: > On Tue, Oct 05, 2021 at 10:14:58AM -0700, Adam Langley wrote: > > On Tue, Oct 5, 2021 at 10:01 AM Eric Biggers <ebiggers@...nel.org> wrote: > > > I ran into these same -Wdeprecated-declarations compiler warnings on another > > > project that uses the ENGINE API to access OpenSSL's support for PKCS#11 tokens. > > > The conclusion was that in OpenSSL 3.0, the new API for PKCS#11 support isn't > > > actually ready yet, so we had to keep using the ENGINE API and just add > > > -Wno-deprecated-declarations to the compiler flags. > > > > > > Your patch just removes support for PKCS#11 in that case, which seems > > > undesirable. (Unless no one is actually using it?) > > > > The patch removes support when OPENSSL_NO_ENGINE is defined, but > > that's not defined by default in OpenSSL 3.0. (Unless something > > changed recently.) > > > > When OPENSSL_NO_ENGINE is defined, ENGINE support is not compiled into > > OpenSSL and the headers don't include the functions: > > https://github.com/openssl/openssl/blob/master/include/openssl/engine.h > > . > > Okay so this patch is actually a build fix for when OpenSSL doesn't include > ENGINE support? Correct. > Currently this patch claims that it's removing the use of a > "deprecated" API, which is something entirely different. I see your point. Happy to rejig the commit message if that would help. -- Lee Jones [李琼斯] Senior Technical Lead - Developer Services Linaro.org │ Open source software for Arm SoCs Follow Linaro: Facebook | Twitter | Blog
Powered by blists - more mailing lists