[PATCH 1/1] tools: fix building with OpenSSL 4.0
Sebastian Andrzej Siewior
sebastian at breakpoint.cc
Mon Jun 15 21:46:32 CEST 2026
On 2026-06-15 18:07:18 [+0200], Heinrich Schuchardt wrote:
> Add -DOPENSSL_ENGINE_STUBS -Wno-deprecated-declarations to the
> rsa-sign.c build flags.
…
> Link: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1138297
> Reported-by: Sebastian Andrzej Siewior <sebastian at breakpoint.cc>
> Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt at canonical.com>
> --- a/tools/Makefile
> +++ b/tools/Makefile
> @@ -90,6 +90,9 @@ RSA_OBJS-$(CONFIG_TOOLS_LIBCRYPTO) := $(addprefix generated/lib/rsa/, \
> HOSTCFLAGS_generated/lib/rsa/rsa-sign.o += \
> $(shell pkg-config --cflags libssl libcrypto 2> /dev/null || echo "")
>
> +HOSTCFLAGS_generated/lib/rsa/rsa-sign.o += \
> + -DOPENSSL_ENGINE_STUBS -Wno-deprecated-declarations
> +
I suggest to ifdef the engine support for OpenSSL >3 away. Also maybe
removing it since the "provider interface" is available since the 3.0
series. And since 1.1 receives no FOSS support it might not hurt anyone
to drop it and keep only the provider interface around.
If the engine support was introduced due to $HW then there should be
matching provider support.
> ECDSA_OBJS-$(CONFIG_TOOLS_LIBCRYPTO) := $(addprefix generated/lib/ecdsa/, ecdsa-libcrypto.o)
> HOSTCFLAGS_generated/lib/ecdsa/ecdsa-libcrypto.o += \
> $(shell pkg-config --cflags libssl libcrypto 2> /dev/null || echo "")
Sebastian
More information about the U-Boot
mailing list