[prev in list] [next in list] [prev in thread] [next in thread]
List: linux-keyrings
Subject: Re: [PATCH 1/1] sign-file: Use OpenSSL provided define to compile out deprecated APIs
From: Lee Jones <lee.jones () linaro ! org>
Date: 2021-10-05 18:11:02
Message-ID: YVyVNkijABL7CxnM () google ! com
[Download RAW message or body]
On Tue, 05 Oct 2021, Eric Biggers wrote:
> On Tue, Oct 05, 2021 at 10:14:58AM -0700, Adam Langley wrote:
> > On Tue, Oct 5, 2021 at 10:01 AM Eric Biggers <ebiggers@kernel.org> wrote:
> > > I ran into these same -Wdeprecated-declarations compiler warnings on another
> > > project that uses the ENGINE API to access OpenSSL's support for PKCS#11 tokens.
> > > The conclusion was that in OpenSSL 3.0, the new API for PKCS#11 support isn't
> > > actually ready yet, so we had to keep using the ENGINE API and just add
> > > -Wno-deprecated-declarations to the compiler flags.
> > >
> > > Your patch just removes support for PKCS#11 in that case, which seems
> > > undesirable. (Unless no one is actually using it?)
> >
> > The patch removes support when OPENSSL_NO_ENGINE is defined, but
> > that's not defined by default in OpenSSL 3.0. (Unless something
> > changed recently.)
> >
> > When OPENSSL_NO_ENGINE is defined, ENGINE support is not compiled into
> > OpenSSL and the headers don't include the functions:
> > https://github.com/openssl/openssl/blob/master/include/openssl/engine.h
> > .
>
> Okay so this patch is actually a build fix for when OpenSSL doesn't include
> ENGINE support?
Correct.
> Currently this patch claims that it's removing the use of a
> "deprecated" API, which is something entirely different.
I see your point.
Happy to rejig the commit message if that would help.
--
Lee Jones [李琼斯]
Senior Technical Lead - Developer Services
Linaro.org │ Open source software for Arm SoCs
Follow Linaro: Facebook | Twitter | Blog
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic