[U-Boot] tools/mxsimage: Support building with LibreSSL

Marek Vasut marex at denx.de
Sat Mar 17 16:24:47 UTC 2018 

On 03/17/2018 04:09 PM, Hauke Mehrtens wrote:
> On 03/17/2018 03:47 PM, Marek Vasut wrote:
>> On 03/17/2018 01:23 PM, Hauke Mehrtens wrote:
>>> The mxsimage utility fails to compile against LibreSSL because LibreSSL
>>> says it is OpenSSL 2.0, but it does not support the complete OpenSSL 1.1
>>> interface.
>>
>> The mxsimage does support OpenSSL 1.1 , the commit message is confusing.
>> Can you elaborate on that and reword the last part ?
> 
> libressl defines the following in version 2.7.4:
> #define OPENSSL_VERSION_NUMBER	0x20000000L
> #define LIBRESSL_VERSION_NUMBER	0x2060400fL
> see here:
> https://github.com/libressl-portable/openbsd/blob/OPENBSD_6_2/src/lib/libcrypto/opensslv.h
> 
> But OPENSSL_zalloc() is not provided by libressl, that is only available
> in OpeSSL 1.1.0 and later.

So it's libressl that's API-incompatible and thus broken ? OK

I guess the commit message should mention that and then yes, if
LIBRESSL_VERSION_NUMBER is defined, we should treat it as old version of
OpenSSL.

Thanks for the explanation

> I do not know if libressl plans to add  functions like OPENSSL_zalloc()
> in the future, but currently it is not included and we always have to
> use the backward compatible code when compiling against libressl.
> 
>>> Signed-off-by: Hauke Mehrtens <hauke at hauke-m.de>
>>> ---
>>>  tools/mxsimage.c | 2 +-
>>>  1 file changed, 1 insertion(+), 1 deletion(-)
>>>
>>> diff --git a/tools/mxsimage.c b/tools/mxsimage.c
>>> index 32a7978cae..0cbf007dff 100644
>>> --- a/tools/mxsimage.c
>>> +++ b/tools/mxsimage.c
>>> @@ -26,7 +26,7 @@
>>>   * OpenSSL 1.1.0 and newer compatibility functions:
>>>   * https://wiki.openssl.org/index.php/1.1_API_Changes
>>>   */
>>> -#if OPENSSL_VERSION_NUMBER < 0x10100000L
>>> +#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
>>
>> This should check for the libressl version number value too I think?
>>
>>>  static void *OPENSSL_zalloc(size_t num)
>>>  {
>>>  	void *ret = OPENSSL_malloc(num);
>>>
>>
>>
> 


-- 
Best regards,
Marek Vasut

More information about the U-Boot mailing list