-
Notifications
You must be signed in to change notification settings - Fork 109
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Support for openssl 1.0.1 #159
Comments
@groeges @andrew-m-leonard @sxa555 @ashbm5 @jerrylui803 |
@pshipton How urgent is it to get the support for OpenSSL 1.0.1 added? |
1.0.1 appears to work ok if I disable the version checks in
|
@groeges It's too late to be adding features to the quarterly release, it should go into the next release. However the change seems simple, we should try it asap to determine the effort involved. Supporting 1.0.1 only at runtime is fine with me. @sxa555 note the CryptoTest just ensures the library can load, it doesn't actually do any crypto operations. |
The fact that the library was loaded does indicate that all the symbols have been found and the crypto operations should be OK. Will await any testing from Shelley to determine if this is working as expected. |
This is also needed for JDK8, 12 and next (13). PR's for each of these releases are: |
These PRs have all been merged now, so closing the issue. |
Support was added for openssl 1.0.2, however some older OSes like RHEL 6 and Debian 8 are still using the 1.0.1 version. When OpenJDK + OpenJ9 runs on these older OSes, a supported version of openssl is unlikely to be found. The crypto will revert to the java implementation which doesn't perform well with OpenJ9.
There is a version check in the openssl support code. This can be modified to accept the 1.0.1 version as well, and then run testing to confirm if it is working.
openj9-openjdk-jdk11/closed/src/java.base/share/native/libjncrypto/NativeCrypto.c
Line 196 in 5c13382
See also adoptium/temurin-build#1039
The text was updated successfully, but these errors were encountered: