[Bug 68910] New: Improve LibreSSL version check in tcnative.m4

bugzilla Wed, 17 Apr 2024 03:10:46 -0700

https://bz.apache.org/bugzilla/show_bug.cgi?id=68910


            Bug ID: 68910
           Summary: Improve LibreSSL version check in tcnative.m4
           Product: Tomcat Native
           Version: 2.0.7
          Hardware: All
                OS: All
            Status: NEW
          Severity: enhancement
          Priority: P2
         Component: Library
          Assignee: dev@tomcat.apache.org
          Reporter: micha...@apache.org
  Target Milestone: ---

Note: Applies to 1.3.x as well and is a followup to
29f0cc900310b1982b462b16fc308cbfeade79d4.

since we also do support LibreSSL I see a few problems here:

> AC_MSG_CHECKING(OpenSSL library version >= 3.0.0)

Does not reflect the minimum LibreSSL version (3.5.2)

Guarantees:
* from 2.2.2 LIBRESSL_VERSION_NUMBER is bumped with each release:
https://github.com/libressl/portable/blob/64e0f7c5d644e55e0bbbf985335e42c4f59e615d/ChangeLog#L2761-L2762
* from 2.3.2 LIBRESSL_VERSION_NUMBER matches the output format of
OPENSSL_VERSION_NUMBER:
https://github.com/libressl/portable/blob/64e0f7c5d644e55e0bbbf985335e42c4f59e615d/ChangeLog#L2589-L2591

So I believe
https://github.com/apache/tomcat-native/blob/d1cc229db7416b59f7d6ba2d7bcb8188b5ebffc6/native/build/tcnative.m4#L228-L239
can/should be rewritten to properly print the actual reqiured version number
instead of hardcoded 3.0.0. If you run LibreSSL 3.4.x the error output would be
confusing.

-- 
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 68910] New: Improve LibreSSL version check in tcnative.m4

Reply via email to