Re: [Openvpn-devel] [PATCH applied] Re: Allow external EC key through --management-external-key

Wed, 21 Feb 2018 08:41:52 -0800 

Hi,

On Tue, Feb 20, 2018 at 7:03 AM, Gert Doering <g...@greenie.muc.de> wrote:
> Hi,
>
> On Tue, Feb 20, 2018 at 11:30:35AM +0100, Gert Doering wrote:
>> Your patch has been applied to the master branch.
>>
>> (I have not done any real review on it, except "compile test" and "stare
>> a bit at the code for really obvious issues" - trusting Arne since his
>> GUI seems to be the only thing really using it today, so if he's happy,
>> I am as well)
>>
>> commit 7eca140c70ff76177371dc94c19aeb8644c2c3b5
>> Author: Selva Nair
>> Date:   Thu Jan 25 14:45:13 2018 -0500
>>
>>      Allow external EC key through --management-external-key
>
> *sigh*
>
> Today's the day of buildbot exploisions.
>
> *This* one breaks LibreSSL compilation (namely, the OpenBSD buildbot),
> because
>
> ssl_openssl.c: In function 'tls_ctx_use_external_ec_key':
> ssl_openssl.c:1229: error: 'EC_KEY_METHOD' undeclared (first use in this 
> function)
> ssl_openssl.c:1229: error: 'ec_method' undeclared (first use in this function)
> ssl_openssl.c:1233: warning: implicit declaration of function 
> 'EC_KEY_METHOD_new'
> ssl_openssl.c:1233: warning: implicit declaration of function 'EC_KEY_OpenSSL'
> ssl_openssl.c:1240: warning: implicit declaration of function 
> 'EC_KEY_METHOD_set_init'
> ssl_openssl.c:1241: warning: implicit declaration of function 
> 'EC_KEY_METHOD_set_sign'
> ssl_openssl.c:1249: warning: implicit declaration of function 
> 'EC_KEY_set_method'
>
> So we need another "&& !defined(LIBRESSL)" here, I think.
>
> (And this, dear OpenBSD folks, is why application developers are just
> a tiny little bit unhappy with the way LibreSSL claims OpenSSL "recent API"
> compatibility by means of OPENSSL_VERSION but then... doesn't)

Adding && !defined(LIBRESSL_VERSION_NUMBER)
to the line
#if OPENSSL_VERSION_NUMBER > 0x10100000L && !defined(OPENSSL_NO_EC)

should fix it, I think. I don't have a freebsd build env to test this.

Thanks,

Selva

------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel

Reply via email to