Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Stop complaining about deprecated OpenSSL functions #322

Closed
wants to merge 1 commit into from

Conversation

Rtoax
Copy link

@Rtoax Rtoax commented Jun 9, 2022

 sshbuf-getput-crypto.c: In function ‘sshbuf_get_eckey’:
 sshbuf-getput-crypto.c:97:9: warning: ‘EC_KEY_get0_group’ is deprecated: Since OpenSSL 3.0 [-Wdeprecated-declarations]
    97 |         EC_POINT *pt = EC_POINT_new(EC_KEY_get0_group(v));
       |         ^~~~~~~~
 In file included from sshbuf-getput-crypto.c:29:
 /usr/include/openssl/ec.h:1032:39: note: declared here
  1032 | OSSL_DEPRECATEDIN_3_0 const EC_GROUP *EC_KEY_get0_group(const EC_KEY *key);
       |                                       ^~~~~~~~~~~~~~~~~

Ref: torvalds/linux@6bfb56e

 sshbuf-getput-crypto.c: In function ‘sshbuf_get_eckey’:
 sshbuf-getput-crypto.c:97:9: warning: ‘EC_KEY_get0_group’ is deprecated: Since OpenSSL 3.0 [-Wdeprecated-declarations]
    97 |         EC_POINT *pt = EC_POINT_new(EC_KEY_get0_group(v));
       |         ^~~~~~~~
 In file included from sshbuf-getput-crypto.c:29:
 /usr/include/openssl/ec.h:1032:39: note: declared here
  1032 | OSSL_DEPRECATEDIN_3_0 const EC_GROUP *EC_KEY_get0_group(const EC_KEY *key);
       |                                       ^~~~~~~~~~~~~~~~~

 Ref: torvalds/linux@6bfb56e
@martelletto
Copy link
Contributor

martelletto commented Jun 9, 2022

Instead of a pragma that suppresses the warning, would it make sense to go with something along the lines of:

diff --git a/configure.ac b/configure.ac
index e7459ee1a..dcf108fa9 100644
--- a/configure.ac
+++ b/configure.ac
@@ -2801,7 +2801,9 @@ if test "x$openssl" = "xyes" ; then
                                ;;
                        101*)   ;; # 1.1.x
                        200*)   ;; # LibreSSL
-                       300*)   ;; # OpenSSL 3
+                       300*)
+                               CPPFLAGS="$CPPFLAGS -DOPENSSL_API_COMPAT=0x10100000L"
+                               ;;
                        301*)   ;; # OpenSSL development branch.
                        *)
                                AC_MSG_ERROR([Unknown/unsupported OpenSSL version ("$ssl_library_ver")])

Ref: https://www.openssl.org/docs/manmaster/man7/OPENSSL_API_COMPAT.html

@djmdjm
Copy link
Contributor

djmdjm commented Jun 24, 2022

Thanks @martelletto - similar patch applied in f51423b

@djmdjm djmdjm closed this Jun 24, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants