Date: Sat, 27 May 2023 14:16:21 -0700 From: Enji Cooper <yaneurabeya@gmail.com> To: John Baldwin <jhb@freebsd.org> Cc: Enji Cooper <ngie@FreeBSD.org>, "src-committers@freebsd.org" <src-committers@FreeBSD.org>, "dev-commits-src-all@freebsd.org" <dev-commits-src-all@FreeBSD.org>, "dev-commits-src-main@freebsd.org" <dev-commits-src-main@FreeBSD.org> Subject: Re: git: 537cd766435c - main - factor: support OpenSSL 3 Message-ID: <7F042D0C-F994-40A6-B5AB-4710052815DA@gmail.com> In-Reply-To: <626f675b-f304-b772-61a4-0a92283ac348@FreeBSD.org> References: <202305271811.34RIBtHY093538@gitrepo.freebsd.org> <626f675b-f304-b772-61a4-0a92283ac348@FreeBSD.org>
next in thread | previous in thread | raw e-mail | index | archive | help
--Apple-Mail=_736430BD-4CA6-48CB-8F24-727A6A6C6C83 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=utf-8 > On May 27, 2023, at 12:21 PM, John Baldwin <jhb@freebsd.org> wrote: =E2=80=A6 > I would suggest restructing this by having a compat shim for the 3.0 = API at > the top of the file (something like this): >=20 > #if OPENSSL_VERSION_NUMBER < 0x30000000L > #define PRIME_CHECKS 5 >=20 > static int > BN_check_prime(const BIGNUM *p, BN_CTX *ctx, BN_GENCB *cb) > { > return (BN_is_prime_ex(p, PRIME_CHECKS, ctx, cb)); > } > #endif >=20 > And then just using BN_check_prime in the rest of the file without = #ifdef's. >=20 > This is the approach we used for OpenSSL 1.1.x and will result in = fewer #ifdef's > and cleaner code overall. One thing we didn't do for OpenSSL 1.1.x = but could > choose to do in this case is to define a header with these shims that = could be > shared to reduce the work needed to update programs to move away from = APIs > deprecated in 3.0. That=E2=80=99s a really fair point. I opened up = https://reviews.freebsd.org/D40305 to track the suggested updates to use = a compat function for pre-3.0. Cheers, -Enji --Apple-Mail=_736430BD-4CA6-48CB-8F24-727A6A6C6C83 Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename=signature.asc Content-Type: application/pgp-signature; name=signature.asc Content-Description: Message signed with OpenPGP -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEtvtxN6kOllEF3nmX5JFNMZeDGN4FAmRycyUACgkQ5JFNMZeD GN5OkxAAhzG3uUStzaUFSYfkyf3vlYKWKigxAuI1gStU4hTMvbsQImLzgquKiJEG eO3xYPJ7RJc6TppSofFEqdGHR7I1bM0P/aBZ6eMt2Eq30sJEELuhqGc3eJztcD+b GDdCSC+5El59HL2uaHX5O6cM3I5OAJCNdoUehVTBmhE656FqyV1MTp+TtnA5MwN6 XgDfv/d0iFSoXfCGwWLGHbJFyHKg/g5CmaAaqmkDvABH3HPHvSeV7mNfiLHb6E2T jmILX7Wmxfe1fJHkQdraN+IfqAHUs/AHpAeul+d941xMmqv0DVOMoCX6k6lvhS3J wieSfz4ZT6a9jx2rT0h1rB1TjJ8TWoQfVAq10Cn4Z/52N0X1xfTQstIi+cp+pbMV VyK73CiqAqsqTfTcH8EdK7ZbctVh7XBD00Tu7EwuvpqSpptoEFisO+iM/TCsB5cN 7bvyiaV/BmEnanE71hff2kT8XxomDaSE5XM//eY1wOPaR7gkwmE0DY8K+ZjBqYvN 8V1yCZo1ST2UUzaRi300FUXEa0CrOluZPHe4qlQulL0KiauyQxEIZiN8SYqxCHOq KlTwnSpTppVRCN3F8uAwGPVTXIRU+/rCU2R6TxGFxVV1z1p8uhiBpasBonNOdKn9 wBcDvkgYk6eSi7/d909QE5jpc9koe8BhP/cb0hlGGG128N4xDgQ= =Dxup -----END PGP SIGNATURE----- --Apple-Mail=_736430BD-4CA6-48CB-8F24-727A6A6C6C83--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?7F042D0C-F994-40A6-B5AB-4710052815DA>