add support for OpenSSL 1.1.0 for BIO filter by igor-raits · Pull Request #3960 · libgit2/libgit2 · GitHub
Skip to content

add support for OpenSSL 1.1.0 for BIO filter#3960

Merged
carlosmn merged 4 commits into
libgit2:masterfrom
igor-raits:openssl-1.1.0
Nov 2, 2016
Merged

add support for OpenSSL 1.1.0 for BIO filter#3960
carlosmn merged 4 commits into
libgit2:masterfrom
igor-raits:openssl-1.1.0

Conversation

@igor-raits

Copy link
Copy Markdown
Contributor

Closes: #3959
Signed-off-by: Igor Gnatenko i.gnatenko.brain@gmail.com

Closes: libgit2#3959
Signed-off-by: Igor Gnatenko <i.gnatenko.brain@gmail.com>
@igor-raits

igor-raits commented Oct 12, 2016

Copy link
Copy Markdown
Contributor Author

@carlosmn

Copy link
Copy Markdown
Member

I would rather have us #define these BIO_ setters and getters if we detect that OpenSSL doesn't provide them so we don't have our code littered with preprocessor statements.

@mikeando

Copy link
Copy Markdown
Contributor

No need to use a #define, real functions will work just fine. Just add a compatibility header that only defines the functions if SSH isn't providing them.

#if !OPENSSL_HAS_BIO_SET_INIT
void BIO_set_init(BIO* b, int v) {
    b->init = v;
    b->num = 0;
    b->ptr = NULL;
    b->flags = 0;
}
#endif

etc.

@carlosmn

Copy link
Copy Markdown
Member

Declaring functions in someone else's namespace is something you have to be very careful about, or you might end up overwriting the one hat libssl itself provides, depending on exactly how the libraries are loaded, like in the example above.

@igor-raits

Copy link
Copy Markdown
Contributor Author

so what should I do after all?

@carlosmn

Copy link
Copy Markdown
Member

Either would work, but if you prefer functions, they should be using the GIT_INLINE macro so they're local and the compiler is more likely to inline these single-use tiny functions.

@carlosmn carlosmn added this to the libgit2 v0.25 - Rutschgefahr milestone Oct 24, 2016
We want to program against the interface, so recreate it when we compile
against pre-1.1 versions.
For older versions we can fall back on the deprecated ASN1_STRING_data.
@carlosmn

carlosmn commented Nov 2, 2016

Copy link
Copy Markdown
Member

My distribution just upgraded to 1.1 in the headers, so I've gone ahead and updated to what the kind of interfaces we program against.

I also moved the creation of the method to the global initialisation function. Creating a new one on each connection is unsafe thread-wise and it's also a memory leak.

We need to include the initialisation and construction functions in all
backend, so we include this header when building against SecureTransport
and WinHTTP as well.
@carlosmn

carlosmn commented Nov 2, 2016

Copy link
Copy Markdown
Member

@carlosmn carlosmn merged commit 7175222 into libgit2:master Nov 2, 2016
@igor-raits igor-raits deleted the openssl-1.1.0 branch November 3, 2016 17:50
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants