[Bug 68080] OPENSSL_NO_ENGINE from openssl/opensslconf.h ignored
https://bz.apache.org/bugzilla/show_bug.cgi?id=68080 Graham Leggett changed: What|Removed |Added Resolution|--- |FIXED Status|NEW |RESOLVED --- Comment #10 from Graham Leggett --- Backported to v2.4.59. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 68080] OPENSSL_NO_ENGINE from openssl/opensslconf.h ignored
https://bz.apache.org/bugzilla/show_bug.cgi?id=68080 --- Comment #9 from Yann Ylavic --- Proposed for backport to 2.4.x (r1913834). -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 68080] OPENSSL_NO_ENGINE from openssl/opensslconf.h ignored
https://bz.apache.org/bugzilla/show_bug.cgi?id=68080 --- Comment #8 from Yann Ylavic --- > There is https://github.com/apache/httpd/pull/381 which is a backport I plan > to propose for the next release. r1913815 is now included in this PR, so the full patch would be: https://patch-diff.githubusercontent.com/raw/apache/httpd/pull/381.diff -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 68080] OPENSSL_NO_ENGINE from openssl/opensslconf.h ignored
https://bz.apache.org/bugzilla/show_bug.cgi?id=68080 Yann Ylavic changed: What|Removed |Added Keywords||FixedInTrunk --- Comment #7 from Yann Ylavic --- (In reply to Joe Orton from comment #4) > Created attachment 39370 [details] > allow SSLCryptoDevice builtin to be configured w/o any ENGINE support in > openSSL Thanks Joe, I pushed the whole in r1913815. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 68080] OPENSSL_NO_ENGINE from openssl/opensslconf.h ignored
https://bz.apache.org/bugzilla/show_bug.cgi?id=68080 --- Comment #6 from Yann Ylavic --- (In reply to Bernard Spil from comment #5) > (In reply to Yann Ylavic from comment #2) > > Created attachment 39349 [details] > > Unset MODSSL_HAVE_ENGINE_API for OPENSSL_NO_ENGINE > > > > I'm wondering if we still want to allow for "SSLCryptoDevice builtin" when > > OPENSSL_NO_ENGINE is set. I don't know how much this setting is used nor if > > we should care, but given that "builtin" is the same as no SSLCryptoDevice > > maybe we could still let httpd start even if it's built against openssl >= 3 > > or OPENSSL_NO_ENGINE. > > The ENGINE api is deprecated in openssl >= 3 so in r1908537 we defined/used > > MODSSL_HAVE_ENGINE_API to compile out any code using it, maybe we could do > > that too for OPENSSL_NO_ENGINE like in the this patch? Does it work for your > > case? > > The 2.4.x branch does not have MODSSL_HAVE_ENGINE_API at all, any hint on > what branch to test that is similar to what I can expect to see as 2.4.59? There is https://github.com/apache/httpd/pull/381 which is a backport I plan to propose for the next release. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 68080] OPENSSL_NO_ENGINE from openssl/opensslconf.h ignored
https://bz.apache.org/bugzilla/show_bug.cgi?id=68080 --- Comment #5 from Bernard Spil --- (In reply to Yann Ylavic from comment #2) > Created attachment 39349 [details] > Unset MODSSL_HAVE_ENGINE_API for OPENSSL_NO_ENGINE > > I'm wondering if we still want to allow for "SSLCryptoDevice builtin" when > OPENSSL_NO_ENGINE is set. I don't know how much this setting is used nor if > we should care, but given that "builtin" is the same as no SSLCryptoDevice > maybe we could still let httpd start even if it's built against openssl >= 3 > or OPENSSL_NO_ENGINE. > The ENGINE api is deprecated in openssl >= 3 so in r1908537 we defined/used > MODSSL_HAVE_ENGINE_API to compile out any code using it, maybe we could do > that too for OPENSSL_NO_ENGINE like in the this patch? Does it work for your > case? The 2.4.x branch does not have MODSSL_HAVE_ENGINE_API at all, any hint on what branch to test that is similar to what I can expect to see as 2.4.59? I'm trying to create a patch for the FreeBSD port (I'm part of the apache team in FreeBSD ports). May well go with OpenBSD's solution: settubg ac_cv_func_ENGINE_init=no in configure's env. (https://cvsweb.openbsd.org/cgi-bin/cvsweb/~checkout~/ports/www/apache-httpd/Makefile?rev=1.126.2.2=text/plain). -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 68080] OPENSSL_NO_ENGINE from openssl/opensslconf.h ignored
https://bz.apache.org/bugzilla/show_bug.cgi?id=68080 --- Comment #4 from Joe Orton --- Created attachment 39370 --> https://bz.apache.org/bugzilla/attachment.cgi?id=39370=edit allow SSLCryptoDevice builtin to be configured w/o any ENGINE support in openSSL -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 68080] OPENSSL_NO_ENGINE from openssl/opensslconf.h ignored
https://bz.apache.org/bugzilla/show_bug.cgi?id=68080 --- Comment #3 from Joe Orton --- (In reply to Yann Ylavic from comment #2) > Created attachment 39349 [details] > Unset MODSSL_HAVE_ENGINE_API for OPENSSL_NO_ENGINE +1 > I'm wondering if we still want to allow for "SSLCryptoDevice builtin" when > OPENSSL_NO_ENGINE is set. I don't know how much this setting is used nor if > we should care, but given that "builtin" is the same as no SSLCryptoDevice > maybe we could still let httpd start even if it's built against openssl >= 3 > or OPENSSL_NO_ENGINE. +1, and removing the: #if defined(HAVE_OPENSSL_ENGINE_H) && defined(HAVE_ENGINE_INIT) should do it? > The ENGINE api is deprecated in openssl >= 3 so in r1908537 we defined/used > MODSSL_HAVE_ENGINE_API to compile out any code using it, maybe we could do > that too for OPENSSL_NO_ENGINE like in the this patch? Does it work for your > case? -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 68080] OPENSSL_NO_ENGINE from openssl/opensslconf.h ignored
https://bz.apache.org/bugzilla/show_bug.cgi?id=68080 --- Comment #2 from Yann Ylavic --- Created attachment 39349 --> https://bz.apache.org/bugzilla/attachment.cgi?id=39349=edit Unset MODSSL_HAVE_ENGINE_API for OPENSSL_NO_ENGINE I'm wondering if we still want to allow for "SSLCryptoDevice builtin" when OPENSSL_NO_ENGINE is set. I don't know how much this setting is used nor if we should care, but given that "builtin" is the same as no SSLCryptoDevice maybe we could still let httpd start even if it's built against openssl >= 3 or OPENSSL_NO_ENGINE. The ENGINE api is deprecated in openssl >= 3 so in r1908537 we defined/used MODSSL_HAVE_ENGINE_API to compile out any code using it, maybe we could do that too for OPENSSL_NO_ENGINE like in the this patch? Does it work for your case? -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org
[Bug 68080] OPENSSL_NO_ENGINE from openssl/opensslconf.h ignored
https://bz.apache.org/bugzilla/show_bug.cgi?id=68080 Bernard Spil changed: What|Removed |Added OS||All Summary|OPENSSL_NO_ENGINE from |OPENSSL_NO_ENGINE from |openssl/opensslconf.h |openssl/opensslconf.h ||ignored -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org