[PATCH] crypto/openssl: do not build useless workaround

[Didier Pallard]

On Mon, Jun 26, 2023 at 12:04 PM Thomas Monjalon <thomas at monjalon.net>
wrote:

> 26/06/2023 11:13, Didier Pallard:
> > HI,
> > not sure to understand how it is possible.
> > If build  OPENSSL_VERSION_NUMBER <  0x10100000L, linker should link
> binary
> > with libcrypto.so.1.0.0.
> > libcrypto.so.1.1 if build for 0x10100000L and libcrypto.so.3 for
> > 0x30000000L
> > loader should not allow to link with a library different from the one
> used
> > at build time, no?
>
> You are probably right.
> libcrypto.so.1.1 and libcrypto.so.1.0 are incompatible versions?
>
I think so. Can someone else confirm?


> If we are linking against libcrypto.so.1.1 and you did exactly
> a check for lower than libcrypto.so.1.1, then it should be OK.
>
>
> > On Sun, Jun 25, 2023 at 9:22 PM Thomas Monjalon <thomas at monjalon.net>
> wrote:
> >
> > > 18/04/2023 16:56, Didier Pallard:
> > > > This workaround was needed before version 1.0.1f. Do not build it for
> > > > versions >= 1.1.
> > > >
> > > > Fixes: d61f70b4c918 ("crypto/libcrypto: add driver for OpenSSL
> library")
> > > > Signed-off-by: Didier Pallard <didier.pallard at 6wind.com>
> > > > Cc: stable at dpdk.org
> > > [...]
> > > > +#if OPENSSL_VERSION_NUMBER < 0x10100000L
> > > >       /* Workaround open ssl bug in version less then 1.0.1f */
> > > >       if (EVP_EncryptUpdate(ctx, empty, &unused, empty, 0) <= 0)
> > > >               goto process_auth_encryption_gcm_err;
> > > > +#endif
> > >
> > > What happens if we build with OpenSSL 1.1 and run with OpenSSL 1.0?
> > > Can we have a runtime check?
> > > Or is it better doing the workaround always as before?
>
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mails.dpdk.org/archives/stable/attachments/20230626/0ea2a2eb/attachment.htm>