-
-
Notifications
You must be signed in to change notification settings - Fork 6.4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
add OpenSSL 1.1.0-pre3 compatibility #650
Conversation
Here's a successful log building openssl-master, libssh2-master, curl-master: Binaries:
|
Just wondering; have you tried building OpenSSL 1.1.0-pre3-dev using MSVC-2015? I am (+ other people too) getting an "Internal Compiler Error" when I try. |
I haven't made tests with MSVC, sorry. If said MSVC is patched up with the latest update, it could only be coded around, which is not always trivial and almost always a maintenance liability — unless the code is unnecessarily twisted. Either way, it'd be worth reporting this to the compiler devs. |
OpenSSL code "twisted"? No way 😄 . |
I understand your desire to build with OpenSSL master but I hesitate to do this because anything we mark TODO seems to end up there for a long while without a fix. Also although it's not policy here personally I'd appreciate it if your builds available for public dl kept using the latest stable release version of OpenSSL. That pre alpha beta has all sorts of bugs, only recently did they fix a very serious one. |
These are test builds. They are clearly (I hope) marked as such. They are not advertised anywhere. Without any place to download those from, I couldn't verify the builds, so they need to exist somewhere. As for the TODOs, at the current state of things there is no documented way (at least my search didn't reveal anything) to extract these internals from OpenSSL, so they might as well just be converted to no-ops. Not sure how these affect curl functionality. Either way, if curl wants to support 1.1.0, these issues will have to be dealt with in some ways. If this is not wanted here, I'll keep it local till official support comes in curl. |
I'm not sharing @jay 's concern. The 1.1.0-pre (or openssl git master) compile errors we get are just early warnings of what will come anyway, so fixing them now is better as it allows us to try out curl earlier and in fact also help out to test openssl. I'm in favor of merging. |
That said, I don't think removing features like this is the correct way to adapt. I'm pretty sure we can find the right way to maintain functionality. And if not, we discuss with the openssl team. |
For example, my own personal attempt (that is far from completed) to do this started out like this:
|
I admit I haven't even checked if the RSA (and friends) structure was kept open, just assumed it was made opaque like the rest of them. If it remained so, like your patch suggests, there is no issue, and most of my patch can be dialed back and TODOs resolved. I'll verify this tomorrow and get back with the results. |
Commit 3aeb93486588 in openssl's git tree is what made EVP_PKEY opaque, and looking at their own changes for that was quite educational in finding fixes. |
Didn't want to suggest that losing features is fine. Let's regard this as a work in progress. |
No harm done, that's why we review and discuss. I value your work and efforts put into this! |
Thanks @bagder! Quick check shows that RSA structure is opaque. (which would be inline with ongoing efforts and general good practice) Anyhow I'll revisit this on a bigger screen. |
@vszakats I apologize that was unclear. What I meant was your builds that are linked to on the curl download page I have a personal opinion that it should be built from the stable release of OpenSSL. I think this will be better for users that are downloading what they believe to be stable. I recall in the past there was an issue where the release was rebuilt with the latest dependencies, which is why I thought that could become an issue if you have switched that build link to OpenSSL master. What else you do with your builds I have no opinion! |
The linked/published versions are strictly built against the latest available stable versions. Test builds are uploaded into separate buckets, plus development sources always have Having said that, the practice to update the packages under their published URLs continues, but only in case there is a stable update of any dependency (or maybe if there is something crucial to fix in the build process). I hope these clear out any concern. Suggestions to improve the process are welcome of course. |
One more thought on that: starting yesterday, LibreSSL dependent builds are published of curl. I chose to use 2.3.2 of LibreSSL, which is called "snapshot" release, not stable. It seemed like the right thing to do (f.e. Homebrew regards it as stable too), but 2.2.x can be built as well, if this was a wrong decision. You can find them here: |
Okay, so it turns out I mistook Also included @bagder's |
#if OPENSSL_VERSION_NUMBER >= 0x10100000L && \ | ||
!defined(LIBRESSL_VERSION_NUMBER) | ||
rsa = EVP_PKEY_get0_RSA(pubkey); | ||
BN_print(mem, rsa->n); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@bagder But why are we calling BN_print directly to print n now instead of BN_num_bits like the old way below? Does that do the same thing because it doesn't look like it. Isn't n
printed a few lines down print_pubkey_BN(rsa, n, i);
? I don't have a working OpenSSL 1.1.0 setup but that looks inconsistent, at that point shouldn't we be retrieving the number of bits so when it's output it looks like for example:
RSA Public Key:2048
2048 being the number of bits in this case
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I did that because I thought it would do the comparable thing, if not we should fix it. Remember that my fix was not complete! (and I didn't compare old/new output)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@vszakats Can you please give it a run on OpenSSL 1.1.0 using the certinfo.c example and see what shows for 'RSA Public Key:' when you connect to a website like ssllabs.com or something. It should show the number of bits, like
RSA Public Key:2048
rsa(n):a whole lot of hex digits should be here, but not on on the line above.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@jay Here's the output:
2 certs!
Subject:C = US, ST = California, L = Los Angeles, O = Internet Corporation for Assigned Names and Numbers, OU = Technology, CN = www.example.org
Issuer:C = US, O = DigiCert Inc, OU = www.digicert.com, CN = DigiCert SHA2 High Assurance Server CA
Version:2
Serial Number:0e64c5fbc236ade14b172aeb41c78cb0
Public Key Algorithm: Signature Algorithm: sha256WithRSAEncryption
sha256WithRSAEncryption
X509v3 Authority Key Identifier:keyid:51:68:FF:90:AF:02:07:75:3C:CC:D9:65:64:62:A2:12:B8:59:72:3B
X509v3 Subject Key Identifier:A6:4F:60:1E:1F:2D:D1:E7:F1:23:A0:2A:95:16:E4:E8:9A:EA:6E:48
X509v3 Subject Alternative Name:DNS:www.example.org,DNS:example.com,DNS:example.edu,DNS:example.net,DNS:example.org,DNS:www.example.com,DNS:www.example.edu,DNS:www.example.net
X509v3 Key Usage:DigitalSignature,KeyEncipherment
X509v3 Extended Key Usage:TLSWebServerAuthentication,TLSWebClientAuthentication
X509v3 CRL Distribution Points:, FullName:, URI:http://crl3.digicert.com/sha2-ha-server-g4.crl,
FullName:, URI:http://crl4.digicert.com/sha2-ha-server-g4.crl
X509v3 Certificate Policies:Policy:2.16.840.1.114412.1.1, CPS:https://www.digicert.com/CPS, Policy:2.23.140.1.2.2
Authority Information Access:OCSP-URI:http://ocsp.digicert.com, CAIssuers-URI:http://cacerts.digicert.com/DigiCertSHA2HighAssuranceServerCA.crt
X509v3 Basic Constraints:CA:FALSE
Start date:Nov 3 00:00:00 2015 GMT
Expire date:Nov 28 12:00:00 2018 GMT
RSA Public Key:B340962F61633E25C197AD6545FBEF1342B32C9986F4B5800B76DC06382C1FA362555A3676DEAE5DFCE2E5B4E6EC5DCAEECADF5016242CEEFC9AB68CF6A8B3AC7A087B2A1FAD5FE7FA965925AB90B0F8C23F13042674680FC6782A958A5F42F20EED52A6EB682389E543F86D121B62427BA805F359C45ED6C5CC46C04B19B92D4A7172241E5E554493AB78A1474DA5DC075A9C67F41168122FD32871BCAD72053C1675D4F87258BA19F1DC09EDF118C6922F7DBC160B378D8AEF1B6F4FB9E07A5498BFB5B6CFBBAA937F0A7F1F56EBA9D8E1DBD539D8185BD1F26433D0D6C423FF09AB6D71CEDACFC1179C23BE2CAF2F921C3F90088958F2B1E1106F832EF79F
rsa(n):B340962F61633E25C197AD6545FBEF1342B32C9986F4B5800B76DC06382C1FA362555A3676DEAE5DFCE2E5B4E6EC5DCAEECADF5016242CEEFC9AB68CF6A8B3AC7A087B2A1FAD5FE7FA965925AB90B0F8C23F13042674680FC6782A958A5F42F20EED52A6EB682389E543F86D121B62427BA805F359C45ED6C5CC46C04B19B92D4A7172241E5E554493AB78A1474DA5DC075A9C67F41168122FD32871BCAD72053C1675D4F87258BA19F1DC09EDF118C6922F7DBC160B378D8AEF1B6F4FB9E07A5498BFB5B6CFBBAA937F0A7F1F56EBA9D8E1DBD539D8185BD1F26433D0D6C423FF09AB6D71CEDACFC1179C23BE2CAF2F921C3F90088958F2B1E1106F832EF79F
rsa(e):10001
Signature:84:a8:9a:11:a7:d8:bd:0b:26:7e:52:24:7b:b2:55:9d:ea:30:89:51:08:87:6f:a9:ed:10:ea:5b:3e:0b:c7:2d:47:04:4e:dd:45:37:c7:ca:bc:38:7f:b6:6a:1c:65:42:6a:73:74:2e:5a:97:85:d0:cc:92:e2:2e:38:89:d9:0d:69:fa:1b:9b:f0:c1:62:32:65:4f:3d:98:db:da:d6:66:da:2a:56:56:e3:11:33:ec:e0:a5:15:4c:ea:75:49:f4:5d:ef:15:f5:12:1c:e6:f8:fc:9b:04:21:4b:cf:63:e7:7c:fc:aa:dc:fa:43:d0:c0:bb:f2:89:ea:91:6d:cb:85:8e:6a:9f:c8:f9:94:bf:55:3d:42:82:38:4d:08:a4:a7:0e:d3:65:4d:33:61:90:0d:3f:80:bf:82:3e:11:cb:8f:3f:ce:79:94:69:1b:f2:da:4b:c8:97:b8:11:43:6d:6a:25:32:b9:b2:ea:22:62:86:0d:a3:72:7d:4f:ea:57:3c:65:3b:2f:27:73:fc:7c:16:fb:0d:03:a4:0a:ed:01:ab:a4:23:c6:8d:5f:8a:21:15:42:92:c0:34:a2:20:85:88:58:98:89:19:b1:1e:20:ed:13:20:5c:04:55:64:ce:9d:b3:65:fd:f6:8f:5e:99:39:21:15:e2:71:aa:6a:88:82:
Cert:-----BEGIN CERTIFICATE-----
MIIF8jCCBNqgAwIBAgIQDmTF+8I2reFLFyrrQceMsDANBgkqhkiG9w0BAQsFADBw
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
d3cuZGlnaWNlcnQuY29tMS8wLQYDVQQDEyZEaWdpQ2VydCBTSEEyIEhpZ2ggQXNz
dXJhbmNlIFNlcnZlciBDQTAeFw0xNTExMDMwMDAwMDBaFw0xODExMjgxMjAwMDBa
MIGlMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEUMBIGA1UEBxML
TG9zIEFuZ2VsZXMxPDA6BgNVBAoTM0ludGVybmV0IENvcnBvcmF0aW9uIGZvciBB
c3NpZ25lZCBOYW1lcyBhbmQgTnVtYmVyczETMBEGA1UECxMKVGVjaG5vbG9neTEY
MBYGA1UEAxMPd3d3LmV4YW1wbGUub3JnMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEAs0CWL2FjPiXBl61lRfvvE0KzLJmG9LWAC3bcBjgsH6NiVVo2dt6u
Xfzi5bTm7F3K7srfUBYkLO78mraM9qizrHoIeyofrV/n+pZZJauQsPjCPxMEJnRo
D8Z4KpWKX0LyDu1SputoI4nlQ/htEhtiQnuoBfNZxF7WxcxGwEsZuS1KcXIkHl5V
RJOreKFHTaXcB1qcZ/QRaBIv0yhxvK1yBTwWddT4cli6GfHcCe3xGMaSL328Fgs3
jYrvG29PueB6VJi/tbbPu6qTfwp/H1brqdjh29U52Bhb0fJkM9DWxCP/Cattcc7a
z8EXnCO+LK8vkhw/kAiJWPKx4RBvgy73nwIDAQABo4ICUDCCAkwwHwYDVR0jBBgw
FoAUUWj/kK8CB3U8zNllZGKiErhZcjswHQYDVR0OBBYEFKZPYB4fLdHn8SOgKpUW
5Oia6m5IMIGBBgNVHREEejB4gg93d3cuZXhhbXBsZS5vcmeCC2V4YW1wbGUuY29t
ggtleGFtcGxlLmVkdYILZXhhbXBsZS5uZXSCC2V4YW1wbGUub3Jngg93d3cuZXhh
bXBsZS5jb22CD3d3dy5leGFtcGxlLmVkdYIPd3d3LmV4YW1wbGUubmV0MA4GA1Ud
DwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwdQYDVR0f
BG4wbDA0oDKgMIYuaHR0cDovL2NybDMuZGlnaWNlcnQuY29tL3NoYTItaGEtc2Vy
dmVyLWc0LmNybDA0oDKgMIYuaHR0cDovL2NybDQuZGlnaWNlcnQuY29tL3NoYTIt
aGEtc2VydmVyLWc0LmNybDBMBgNVHSAERTBDMDcGCWCGSAGG/WwBATAqMCgGCCsG
AQUFBwIBFhxodHRwczovL3d3dy5kaWdpY2VydC5jb20vQ1BTMAgGBmeBDAECAjCB
gwYIKwYBBQUHAQEEdzB1MCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2Vy
dC5jb20wTQYIKwYBBQUHMAKGQWh0dHA6Ly9jYWNlcnRzLmRpZ2ljZXJ0LmNvbS9E
aWdpQ2VydFNIQTJIaWdoQXNzdXJhbmNlU2VydmVyQ0EuY3J0MAwGA1UdEwEB/wQC
MAAwDQYJKoZIhvcNAQELBQADggEBAISomhGn2L0LJn5SJHuyVZ3qMIlRCIdvqe0Q
6ls+C8ctRwRO3UU3x8q8OH+2ahxlQmpzdC5al4XQzJLiLjiJ2Q1p+hub8MFiMmVP
PZjb2tZm2ipWVuMRM+zgpRVM6nVJ9F3vFfUSHOb4/JsEIUvPY+d8/Krc+kPQwLvy
ieqRbcuFjmqfyPmUv1U9QoI4TQikpw7TZU0zYZANP4C/gj4Ry48/znmUaRvy2kvI
l7gRQ21qJTK5suoiYoYNo3J9T+pXPGU7Lydz/HwW+w0DpArtAaukI8aNX4ohFUKS
wDSiIIWIWJiJGbEeIO0TIFwEVWTOnbNl/faPXpk5IRXicapqiII=
-----END CERTIFICATE-----
Subject:C = US, O = DigiCert Inc, OU = www.digicert.com, CN = DigiCert SHA2 High Assurance Server CA
Issuer:C = US, O = DigiCert Inc, OU = www.digicert.com, CN = DigiCert High Assurance EV Root CA
Version:2
Serial Number:04e1e7a4dc5cf2f36dc02b42b85d159f
Public Key Algorithm: Signature Algorithm: sha256WithRSAEncryption
sha256WithRSAEncryption
X509v3 Basic Constraints:CA:TRUE,pathlen:0
X509v3 Key Usage:DigitalSignature,CertificateSign,CRLSign
X509v3 Extended Key Usage:TLSWebServerAuthentication,TLSWebClientAuthentication
Authority Information Access:OCSP-URI:http://ocsp.digicert.com
X509v3 CRL Distribution Points:, FullName:, URI:http://crl4.digicert.com/DigiCertHighAssuranceEVRootCA.crl
X509v3 Certificate Policies:Policy:X509v3AnyPolicy, CPS:https://www.digicert.com/CPS
X509v3 Subject Key Identifier:51:68:FF:90:AF:02:07:75:3C:CC:D9:65:64:62:A2:12:B8:59:72:3B
X509v3 Authority Key Identifier:keyid:B1:3E:C3:69:03:F8:BF:47:01:D4:98:26:1A:08:02:EF:63:64:2B:C3
Start date:Oct 22 12:00:00 2013 GMT
Expire date:Oct 22 12:00:00 2028 GMT
RSA Public Key:B6E02FC22406C86D045FD7EF0A6406B27D22266516AE42409BCEDC9F9F76073EC330558719B94F940E5A941F5556B4C2022AAFD098EE0B40D7C4D03B72C8149EEF90B111A9AED2C8B8433AD90B0BD5D595F540AFC81DED4D9C5F57B786506899F58ADAD2C7051FA897C9DCA4B182842DC6ADA59CC71982A6850F5E44582A378FFD35F10B0827325AF5BB8B9EA4BD51D027E2DD3B4233A30528C4BB28CC9AAC2B230D78C67BE65E71B74A3E08FB81B71616A19D23124DE5D79208AC75A49CBACD17B21E4435657F532539D11C0A9A631B199274680A37C2C25248CB395AA2B6E15DC1DDA020B821A293266F144A2141C7ED6D9BF2482FF303F5A26892532F5EE3
rsa(n):B6E02FC22406C86D045FD7EF0A6406B27D22266516AE42409BCEDC9F9F76073EC330558719B94F940E5A941F5556B4C2022AAFD098EE0B40D7C4D03B72C8149EEF90B111A9AED2C8B8433AD90B0BD5D595F540AFC81DED4D9C5F57B786506899F58ADAD2C7051FA897C9DCA4B182842DC6ADA59CC71982A6850F5E44582A378FFD35F10B0827325AF5BB8B9EA4BD51D027E2DD3B4233A30528C4BB28CC9AAC2B230D78C67BE65E71B74A3E08FB81B71616A19D23124DE5D79208AC75A49CBACD17B21E4435657F532539D11C0A9A631B199274680A37C2C25248CB395AA2B6E15DC1DDA020B821A293266F144A2141C7ED6D9BF2482FF303F5A26892532F5EE3
rsa(e):10001
Signature:18:8a:95:89:03:e6:6d:df:5c:fc:1d:68:ea:4a:8f:83:d6:51:2f:8d:6b:44:16:9e:ac:63:f5:d2:6e:6c:84:99:8b:aa:81:71:84:5b:ed:34:4e:b0:b7:79:92:29:cc:2d:80:6a:f0:8e:20:e1:79:a4:fe:03:47:13:ea:f5:86:ca:59:71:7d:f4:04:96:6b:d3:59:58:3d:fe:d3:31:25:5c:18:38:84:a3:e6:9f:82:fd:8c:5b:98:31:4e:cd:78:9e:1a:fd:85:cb:49:aa:f2:27:8b:99:72:fc:3e:aa:d5:41:0b:da:d5:36:a1:bf:1c:6e:47:49:7f:5e:d9:48:7c:03:d9:fd:8b:49:a0:98:26:42:40:eb:d6:92:11:a4:64:0a:57:54:c4:f5:1d:d6:02:5e:6b:ac:ee:c4:80:9a:12:72:fa:56:93:d7:ff:bf:30:85:06:30:bf:0b:7f:4e:ff:57:05:9d:24:ed:85:c3:2b:fb:a6:75:a8:ac:2d:16:ef:7d:79:27:b2:eb:c2:9d:0b:07:ea:aa:85:d3:01:a3:20:28:41:59:43:28:d2:81:e3:aa:f6:ec:7b:3b:77:b6:40:62:80:05:41:45:01:ef:17:06:3e:de:c0:33:9b:67:d3:61:2e:72:87:e4:69:fc:12:00:57:40:1e:70:f5:1e:c9:b4:
Cert:-----BEGIN CERTIFICATE-----
MIIEsTCCA5mgAwIBAgIQBOHnpNxc8vNtwCtCuF0VnzANBgkqhkiG9w0BAQsFADBs
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
d3cuZGlnaWNlcnQuY29tMSswKQYDVQQDEyJEaWdpQ2VydCBIaWdoIEFzc3VyYW5j
ZSBFViBSb290IENBMB4XDTEzMTAyMjEyMDAwMFoXDTI4MTAyMjEyMDAwMFowcDEL
MAkGA1UEBhMCVVMxFTATBgNVBAoTDERpZ2lDZXJ0IEluYzEZMBcGA1UECxMQd3d3
LmRpZ2ljZXJ0LmNvbTEvMC0GA1UEAxMmRGlnaUNlcnQgU0hBMiBIaWdoIEFzc3Vy
YW5jZSBTZXJ2ZXIgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2
4C/CJAbIbQRf1+8KZAayfSImZRauQkCbztyfn3YHPsMwVYcZuU+UDlqUH1VWtMIC
Kq/QmO4LQNfE0DtyyBSe75CxEamu0si4QzrZCwvV1ZX1QK/IHe1NnF9Xt4ZQaJn1
itrSxwUfqJfJ3KSxgoQtxq2lnMcZgqaFD15EWCo3j/018QsIJzJa9buLnqS9UdAn
4t07QjOjBSjEuyjMmqwrIw14xnvmXnG3Sj4I+4G3FhahnSMSTeXXkgisdaScus0X
sh5ENWV/UyU50RwKmmMbGZJ0aAo3wsJSSMs5WqK24V3B3aAguCGikyZvFEohQcft
bZvySC/zA/WiaJJTL17jAgMBAAGjggFJMIIBRTASBgNVHRMBAf8ECDAGAQH/AgEA
MA4GA1UdDwEB/wQEAwIBhjAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIw
NAYIKwYBBQUHAQEEKDAmMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2Vy
dC5jb20wSwYDVR0fBEQwQjBAoD6gPIY6aHR0cDovL2NybDQuZGlnaWNlcnQuY29t
L0RpZ2lDZXJ0SGlnaEFzc3VyYW5jZUVWUm9vdENBLmNybDA9BgNVHSAENjA0MDIG
BFUdIAAwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cuZGlnaWNlcnQuY29tL0NQ
UzAdBgNVHQ4EFgQUUWj/kK8CB3U8zNllZGKiErhZcjswHwYDVR0jBBgwFoAUsT7D
aQP4v0cB1JgmGggC72NkK8MwDQYJKoZIhvcNAQELBQADggEBABiKlYkD5m3fXPwd
aOpKj4PWUS+Na0QWnqxj9dJubISZi6qBcYRb7TROsLd5kinMLYBq8I4g4Xmk/gNH
E+r1hspZcX30BJZr01lYPf7TMSVcGDiEo+afgv2MW5gxTs14nhr9hctJqvIni5ly
/D6q1UEL2tU2ob8cbkdJf17ZSHwD2f2LSaCYJkJA69aSEaRkCldUxPUd1gJea6zu
xICaEnL6VpPX/78whQYwvwt/Tv9XBZ0k7YXDK/umdaisLRbvfXknsuvCnQsH6qqF
0wGjIChBWUMo0oHjqvbsezt3tkBigAVBRQHvFwY+3sAzm2fTYS5yh+Rp/BIAV0Ae
cPUeybQ=
-----END CERTIFICATE-----
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Aren't macros supposed to be in upper case? So IMHO:
print_pubkey_BN -> PRINT_PUBKEY_BN
Also remember OpenSSL could have a #define OPENSSL_NO_RSA
in it's opensslconf.h
. Hence num-bits should be 0
, or?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
(It means a revert is needed for that line.)
After reverting that line:
|
Patch reverted to the original version: BIO_printf(mem, "%d", RSA_bits(rsa)); With result as seen above. |
by using API instead of accessing an internal structure. This is required starting OpenSSL 1.1.0-pre3.
Updates done. Removed |
Thanks! Can I ask that you make that into a
... or similar at the top of the file and then just use |
Done that. Settled on |
Thanks! |
by using API instead of accessing an internal structure.