Thanks to visit codestin.com
Credit goes to github.com

Skip to content

OpenSSL legacy API cleanups #4608

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 4 commits into from
Apr 30, 2018
Merged

OpenSSL legacy API cleanups #4608

merged 4 commits into from
Apr 30, 2018

Conversation

pks-t
Copy link
Member

@pks-t pks-t commented Apr 3, 2018

Some follow-ups for #4607.

pks-t added 3 commits April 3, 2018 12:07
@pks-t
streams: openssl: move OpenSSL compat layer into implementation
2505cbf 
OpenSSL version 1.1 has broken its API in quite a few ways. To avoid
having to use ifdef's everywhere, we have implemented the BIO functions
added in version 1.1 ourselves in case we are using the legacy API. We
were implementing them in the header file, though, which doesn't make a
lot of sense, since these functions are only ever being used the the
openssl stream implementation.

Move these functions to the implementation file and mark them static.
@pks-t
streams: openssl: unify version checks into single define
ede63b9 
By now, we have several locations where we are checking the version of
OpenSSL to determine whether we can use the new "modern" API or need to
use the pre-1.1 legacy API. As we have multiple implementations of
OpenSSL with the rather recent libressl implementation, these checks
need to honor versions of both implementations, which is rather tedious.
Instead, we can just check once for the correct versions and define
`OPENSSL_LEGACY_API` in case we cannot use the modern API.
@pks-t
streams: openssl: provide OPENSSL_init_ssl for legacy API
dd9de88 
In order to further avoid using ifdef's in our code flow, provide the
function `OPENSSL_init_ssl` in case we are using the legacy OpenSSL API.
@pks-t pks-t force-pushed the pks/openssl-api-cleanup branch from 14481fa to dd9de88 Compare April 3, 2018 11:12
@pks-t
Copy link
Member Author

pks-t commented Apr 3, 2018

/cc @Sp1l Would be cool if you could have a stab at this PR to check I'm not breaking libressl again. I've verified with libressl 2.6.3, but didn't check with 2.7 this time.

@pks-t
Copy link
Member Author

pks-t commented Apr 3, 2018

Which brings me to something different: it would be cool to have different CI jobs for OpenSSL 1.0, OpenSSL 1.1 and libressl 2.6 or 2.7.

@ethomson
Copy link
Member

ethomson commented Apr 3, 2018

Which brings me to something different: it would be cool to have different CI jobs for OpenSSL 1.0, OpenSSL 1.1 and libressl 2.6 or 2.7.

Maybe, but our CI is already slow. I would also like to see us have an improved test matrix, but we need to think seriously about both the continuing degradation in speed for pull requests.

I suggest we start thinking about splitting out the platform matrix into the highest priority platforms that will give us a high confidence in the PR (probably a single Linux, Windows and macOS installation) and then do nightlies for the entire set of systems that we want to test.

@pks-t
Copy link
Member Author

pks-t commented Apr 6, 2018
edited
Loading

Yeah. I feel like GitLab CI would be a lot faster than Travis -- all builds I had were run completely in parallel, so additional jobs didn't really impact us. It does have a shortcoming, though: there are no "real" 32 bit containers available, as nearly all Docker images are 64 bit only. One thought that occurred to me was to thus use both CI systems:

  • Travis will build every PR/merge on our highest priority Unix platforms. These are Ubuntu 14.04 32/64 bit and mac OS.
  • GitLab will do "variation" builds of mid-priority platforms, probably nightly. These include builds with OpenSSL 1.1 (Fedora?), libressl (Alpine?), a "cutting edge" distro (Arch?) to check with other recent library versions. Furthermore, GitLab should include building high-priority bindings.

Edit: GitLab should also include a recent Ubuntu, like 17.10, as Travis does not support anything different than Ubuntu 14.04

@pks-t pks-t mentioned this pull request Apr 6, 2018
Closed
@tiennou
Copy link
Contributor

tiennou commented Apr 11, 2018

I like the cleanup !

I have one related dangling commit, which might be integrated in this (already on top of this branch 😉).

@tiennou @pks-t
openssl: remove leftover #ifdef
173a037 
This is the "OpenSSL available" global init function after all
@pks-t
Copy link
Member Author

pks-t commented Apr 30, 2018

Thanks @tiennou, amended your commit to this PR

@carlosmn carlosmn merged commit 26a09a9 into libgit2:master Apr 30, 2018
@pks-t pks-t deleted the pks/openssl-api-cleanup branch July 11, 2019 19:03
@snyk-bot snyk-bot mentioned this pull request Feb 23, 2020
Open
@snyk-bot snyk-bot mentioned this pull request Apr 22, 2020
Open
@snyk-bot snyk-bot mentioned this pull request May 5, 2020
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@pks-t @ethomson @tiennou @carlosmn