On Sun, Jul 03, 2022 at 05:42:05PM +0000, Klemens Nanni wrote:
> On Sun, Jul 03, 2022 at 06:16:02PM +0200, Theo Buehler wrote:
> > > Now with feedback from sthen@, diff between the tarballs:
> > > https://github.com/jasperla/openbsd-wip/commit/554d6e575
> > >
> > > Feedback? OK?
> >
> > distinfo still contains the patchfile
> >
> > I'd like to have a more specific comment to justify use of eopenssl11:
> >
> > # Can't use LibreSSL since X509_VERIFY_PARAM_get_time missing from libcrypto.
> > # Need to add OPENSSL_memdup with patch and neuter SHA-3; choice between the 1.1
> > # and 1.0 codepaths is a bit tricky.
>
> Thanks for both, I went with this comment:
>
> # Can't use LibreSSL since X509_VERIFY_PARAM_get_time is missing from libcrypto.
> # Need to add OPENSSL_memdup with patch and neuter SHA-3;
> # choice between the 1.1 and 1.0 codepaths is a bit tricky.
Here's a version that links against LibreSSL. All tests fail with
bad_alloc(0), but that is also the case with the version linked against
OpenSSL. Perhaps I'm doing something wrong.
You need libcrypto.so.49.1 for this to build since I added the missing
X509_VERIFY_PARAM_get_time() in today's bump. There's a bit of patching,
but I think it's not too bad. If this works for your purposes, I guess
that'd be preferable over linking against eopenssl11.
No comments:
Post a Comment