add openssl 3 compat and ubuntu 22.04 #604
Conversation
| @@ -1238,7 +1238,7 @@ void tlsio_openssl_deinit(void) | |||
| { | |||
| openssl_dynamic_locks_uninstall(); | |||
| openssl_static_locks_uninstall(); | |||
| #if (OPENSSL_VERSION_NUMBER >= 0x00907000L) && (OPENSSL_VERSION_NUMBER < 0x20000000L) && (FIPS_mode_set) | |||
| #if (OPENSSL_VERSION_NUMBER >= 0x00907000L) && (FIPS_mode_set) | |||
There was a problem hiding this comment.
Should we just change the check to < 0x30000000L ?
There was a problem hiding this comment.
You know, so we get a notification somehow if a new version comes out. Gives us the chance to check it out and make sure it works.
There was a problem hiding this comment.
Same comment in all the checks that were modified.
There was a problem hiding this comment.
We could but I would say we keep it removed until there comes a version that actually removes these APIs. At which point we can set the guard on that version. Otherwise it's a constantly moving goal post.
| @@ -75,7 +75,7 @@ static int load_certificate_chain(SSL_CTX* ssl_ctx, const char* certificate) | |||
| // certificates. | |||
|
|
|||
| /* Codes_SRS_X509_OPENSSL_07_006: [ If successful x509_openssl_add_ecc_credentials shall to import each certificate in the cert chain. ] */ | |||
| #if (OPENSSL_VERSION_NUMBER >= 0x10100000L) && (OPENSSL_VERSION_NUMBER < 0x20000000L) || defined(LIBRESSL_VERSION_NUMBER) | |||
| #if (OPENSSL_VERSION_NUMBER >= 0x10100000L) || defined(LIBRESSL_VERSION_NUMBER) | |||
There was a problem hiding this comment.
Also, is any version of LIBRESSL ok with these API calls?
There was a problem hiding this comment.
So far yes. I've seen this kind of behavior in other places as well.
No description provided.