"Remove a host of unnecessary OPENSSL_IS_BORINGSSL ifdefs" breaks build on older OSs.

Ben Greear greearb at candelatech.com
Thu Nov 17 08:34:16 PST 2022 

On 11/16/22 6:26 PM, David Benjamin wrote:
> [resending as plain text since the original message bounced from the list.]
> 
> Yes, the patch is necessary to avoid problems with later revisions of
> BoringSSL. But the aim was not to break older OpenSSLs, so it's
> possible some detail was wrong. Can you please provide the OpenSSL
> version and the compile error?

Among other things, this code will not compile:

DEFINE_STACK_OF(AttrOrOID)

Maybe you can edit your patch to only pay attention to boring-ssl and leave
the openssl related checks in place?

I know this broke on my fedora-20 build machine:

[greearb at v-f20-64 hostap]$ rpm -qa|grep openss
openssh-clients-6.4p1-8.fc20.x86_64
openssh-server-6.4p1-8.fc20.x86_64
openssh-6.4p1-8.fc20.x86_64
openssl-1.0.1e-42.fc20.x86_64
openssh-askpass-6.4p1-8.fc20.x86_64
openssl-libs-1.0.1e-42.fc20.x86_64
openssl-devel-1.0.1e-42.fc20.x86_64


For now, I have reverted your patch in my tree and now it builds fine.
If you'd like to post a new patch I can test it.

Thanks,
Ben

> 
> On Wed, Nov 16, 2022 at 12:28 PM Ben Greear <greearb at candelatech.com> wrote:
>>
>> Hello David,
>>
>> This patch is breaking compile on Fedora-24 and earlier (due to older openssl).
>>
>> Does this patch actually help anything, or is it just code cleanup?
>>
>> commit faf9c04cb51c9c1b5f2a4599c57e6ba44f6d2428
>> Author: David Benjamin <davidben at google.com>
>> Date:   Mon Jun 13 12:22:05 2022 -0400
>>
>>       Remove a host of unnecessary OPENSSL_IS_BORINGSSL ifdefs
>>
>>       The <openssl/buf.h> include is relevant in both OpenSSL and BoringSSL
>>       because the file uses BUF_MEM (include what you use). OpenSSL just
>>       happened to include it via another file. OpenSSL also spells it
>>       <openssl/buffer.h>, not matching the type, so use the compatible
>>       spelling.
>>
>>       Additionally all the CHECKED_CAST and manual STACK_OF(T) definitions
>>       call into BoringSSL internals. The correct, public APIs are simply to
>>       just use the same code as OpenSSL and call the DEFINE_STACK_OF macros.
>>
>>       Signed-off-by: David Benjamin <davidben at google.com>
>>
>> Thanks,
>> Ben
>>
>> --
>> Ben Greear <greearb at candelatech.com>
>> Candela Technologies Inc  http://www.candelatech.com
>>
> 


-- 
Ben Greear <greearb at candelatech.com>
Candela Technologies Inc  http://www.candelatech.com

More information about the Hostap mailing list