Fix rpc.tlsservd and rpc.tlsclntd so they build for OpenSSL3
ClosedPublic
Actions

Authored by rmacklem on May 25 2023, 10:42 PM.

Details

Reviewers

emaste
jhb
ngie

Commits

rG88ea962879be: rpc.tls[serv|clnt]d.c: Clean up code for OpenSSL3

Summary

Added #if OPENSSL_VERSION_NUMBER around deprecated
SSL_library_init() and SSL_load_error_strings(), so that the
code should build for OpenSSL3.n. The functions already
have some #if OPENSSL_VERSION_NUMBER >= 0x30000000
for this, but I did the above to be compatible with what is
being done in other places.

Test Plan

Builds with OpenSSL1.1.1. I do not have an OpenSSL3
setup at this time.

Diff Detail

Repository

rG FreeBSD src repository

Lint

Lint Skipped

Unit

Tests Skipped

Event Timeline

rmacklem created this revision.May 25 2023, 10:42 PM

Herald added a subscriber: imp. · View Herald TranscriptMay 25 2023, 10:42 PM

rmacklem requested review of this revision.May 25 2023, 10:42 PM

emaste added a subscriber: khorben_defora.org.May 30 2023, 5:56 PM

I guess we did not observe a problem here in the OpenSSL 3 experiments because the deprecation checks only activate when OPENSSL_API_COMPAT is set.

This revision is now accepted and ready to land.May 30 2023, 6:04 PM

I installed openssl31 via ports and did builds
using that with OPENSSL_NO_DEPRECATED_...
and found a few more.

I also changed 0x30000000 to 0x30000000L
to be consistent, although I do not think it
matters.

This patch covers all the cases that were found
deprecated.

This revision now requires review to proceed.May 31 2023, 12:54 AM

Could just delete the < 0x10100000L cases, since we have no need to support past-EOL OpenSSL.

emaste added a reviewer: ngie.May 31 2023, 2:01 AM

In D40275#918519, @emaste wrote:

Could just delete the < 0x10100000L cases, since we have no need to support past-EOL OpenSSL.

Sure, if you are fine with it. I just did it this way since
you seemed to prefer that over jhb@'s suggestion
to delete it.

I, personally, prefer less #ifdef'ng in code.

In D40275#918522, @rmacklem wrote:

Sure, if you are fine with it. I just did it this way since
you seemed to prefer that over jhb@'s suggestion
to delete it.

I, personally, prefer less #ifdef'ng in code.

I plan to go back and remove the pre-1.1 #ifdefs in the future (from code I've been working on), I just wasn't able to go over everything yet and didn't want to have a mix of some pre-1.1 #ifdef blocks left behind in files or functions I didn't touch.

LGTM! I think @jhb’s suggestion about using static functions or macros with forward looking names would be a good potential investment, but that doesn’t need to be done here or now.

This revision is now accepted and ready to land.May 31 2023, 2:48 AM

This version gets rid of the pre-1.1.1 calls.
It also fixes a typo where I used > instead
of >= for the OPENSSL_VERSION_NUMBER.

This revision now requires review to proceed.May 31 2023, 3:41 AM

ngie accepted this revision.May 31 2023, 5:06 AM

This revision is now accepted and ready to land.May 31 2023, 5:06 AM

The commit message/revision description needs updating, BTW.

emaste accepted this revision.Jun 1 2023, 1:18 AM

Closed by commit rG88ea962879be: rpc.tls[serv|clnt]d.c: Clean up code for OpenSSL3 (authored by rmacklem). · Explain WhyJun 1 2023, 8:45 PM

This revision was automatically updated to reflect the committed changes.

rmacklem added a commit: rG88ea962879be: rpc.tls[serv|clnt]d.c: Clean up code for OpenSSL3.