-
-
Notifications
You must be signed in to change notification settings - Fork 10.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fix safestack #12781
Fix safestack #12781
Conversation
This is marked as WIP because |
Do you need to tweak doc/man3/DEFINE_STACK_OF.pod? |
Yeah, possibly. I'll check. |
I would like to conduct a build test of this on NonStop, when it's available. |
Please do! |
Does this address the 'make update' issue?
|
Nope. The C parser doesn't understand the perl snippet. |
I've pushed a few commits (one squash) that should fix the 'make update' issues |
3140f95
to
de5197d
Compare
Awesome! Thanks. |
I re-read it, and I think its still accurate. The original macros still remain, and should still be used for generating custom stacks. Its only for our own stacks that appear in public headers where take a slightly different approach. So from an API perspective, nothing has changed. |
I'm going to try cloning your branch, adding my port changes, and see what happens. |
Configurations/unix-Makefile.tmpl
Outdated
@@ -1098,7 +1098,6 @@ errors: | |||
$base = $base_in; | |||
$dir = catfile($config{builddir}, $d); | |||
} | |||
my $parent = |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Oops... good catch
The safestack compile issue went away on NonStop, however, the argument list too long problem is back. This was fixed at 1.1.1 but has returned. Is it possible that when this PR is merged that the build changes will return?
|
I wonder if @levitte can comment on that |
Looks like doc-nits is complaining. It doesn't like all the new macros |
I did try a whole bunch of shell tricks to try to put $? into a file, but it's just too large for the platform's environment space to handle. I'm open to trying suggestions. |
Fixup pushed to ignore them. We document them as |
#12706 should help with the ar problem |
Yes, we are using that in the 1.1.1 port, I believe. Perhaps we should wait for that to be merged in. @mattcaswell do you think this PR is compatible with your changes? |
I don't expect there to be any significant conflict |
I am able to build OpenSSL 3.0.0 on HPE NonStop using this fix and #12706 plus a hack to the Makefile for building libcrypto.so (same issue as with |
One of the Travis jobs complains:
I believe, but am not entirely sure that the quick fix is this: diff --git a/crypto/ex_data.c b/crypto/ex_data.c
index 80a136164a..f241b53f4e 100644
--- a/crypto/ex_data.c
+++ b/crypto/ex_data.c
@@ -447,7 +447,7 @@ int CRYPTO_set_ex_data(CRYPTO_EX_DATA *ad, int idx, void *val)
return 0;
}
}
- sk_void_set(ad->sk, idx, val);
+ (void)sk_void_set(ad->sk, idx, val);
return 1;
}
|
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from #12781)
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from #12781)
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from #12781)
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from #12781)
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from #12781)
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from #12781)
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from #12781)
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from #12781)
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from #12781)
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from #12781)
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from #12781)
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from #12781)
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from #12781)
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from #12781)
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from #12781)
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from #12781)
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from #12781)
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from #12781)
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from #12781)
... and add SKM_DEFINE_STACK_OF_INTERNAL Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from #12781)
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from #12781)
The safestack code generation was generating a little too much. Some of it could be done with a normal macro. Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from #12781)
'or' has lower priority than '||' in perl, which affects evaluation order. Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from #12781)
'make ordinals' assumed that all headers reside in the source tree, which is no longer true, now that we generate a number of them. This needed some refactoring. Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from #12781)
util/mkerr.pl detects if a header is now a '.in' template, and adjusts the header file it reads accordingly. Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from #12781)
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from #12781)
Some compilers are very picky about unused return values. Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from #12781)
Thank you for finishing this off (er, doing it correctly). I had no idea it would be so much work. |
We fix 3 problems with safestack:
can cause compilation failures (even if the app does not otherwise need
to link against libcrypto). See issue The story of safestack.h and lhash.h #8102
to include additional macro calls in the source code for all stacks that
they need to use - which is an API break. This changes avoids that
necessity.
no-deprecated and a normal build of OpenSSL. See issue sk_GENERAL_NAME_num not defined if compiled with no-deprecated #12707.
Fixes #12707
Contains a partial fix for #8102. A similar PR will be needed for hash to
fully fix.