Re: [Openvpn-devel] [PATCH] Fix float comparisons of OPENVPN_VERSION_NUMBER
чт, 20 февр. 2020 г. в 13:44, Arne Schwabe :
> Am 20.02.20 um 09:38 schrieb Arne Schwabe:
> > These checks are probably the result of copying a
> > check from the LibreSSL and modifying it to be
> > a OpenSSL check. For some arcane reason LibreSSL decided
> > that its version number should be a long float (double) rather
> > than an integer.
> >
> > Signed-off-by: Arne Schwabe
> > ---
> > src/openvpn/ssl_openssl.c | 6 +++---
> > 1 file changed, 3 insertions(+), 3 deletions(-)
> >
> > diff --git a/src/openvpn/ssl_openssl.c b/src/openvpn/ssl_openssl.c
> > index 21651a3e..bcdfb543 100644
> > --- a/src/openvpn/ssl_openssl.c
> > +++ b/src/openvpn/ssl_openssl.c
> > @@ -231,7 +231,7 @@ tls_version_max(void)
> > * We only need to check this for OpenSSL versions that can be
> > * upgraded to 1.1.1 without recompile (>= 1.1.0)
> > */
> > -if (OpenSSL_version_num() >= 0x1010100fL)
> > +if (OpenSSL_version_num() >= 0x1010100L)
> > {
> > return TLS_VER_1_3;
> > }
> > @@ -2104,7 +2104,7 @@ show_available_tls_ciphers_list(const char
> *cipher_list,
> > crypto_msg(M_FATAL, "Cannot create SSL object");
> > }
> >
> > -#if (OPENSSL_VERSION_NUMBER < 0x101fL)\
> > +#if (OPENSSL_VERSION_NUMBER < 0x101L)\
> > || (defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER <=
> 0x209fL)
> > STACK_OF(SSL_CIPHER) *sk = SSL_get_ciphers(ssl);
> > #else
> > @@ -2134,7 +2134,7 @@ show_available_tls_ciphers_list(const char
> *cipher_list,
> > printf("%s\n", pair->iana_name);
> > }
> > }
> > -#if (OPENSSL_VERSION_NUMBER >= 0x101fL)
> > +#if (OPENSSL_VERSION_NUMBER >= 0x101L)
> > sk_SSL_CIPHER_free(sk);
> > #endif
> > SSL_free(ssl);
> >
>
>
> Ignore that patch. I am not awake yet. the fL is not a suffix. LibreSSL
> has has its patch version to be 0f.
>
can you also close it here https://patchwork.openvpn.net/patch/1015/ ?
to prevent someone from taking it accidently
>
> Arne
>
> ___
> Openvpn-devel mailing list
> Openvpn-devel@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/openvpn-devel
>
___
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
Re: [Openvpn-devel] [PATCH] Fix float comparisons of OPENVPN_VERSION_NUMBER
Am 20.02.20 um 09:38 schrieb Arne Schwabe:
> These checks are probably the result of copying a
> check from the LibreSSL and modifying it to be
> a OpenSSL check. For some arcane reason LibreSSL decided
> that its version number should be a long float (double) rather
> than an integer.
>
> Signed-off-by: Arne Schwabe
> ---
> src/openvpn/ssl_openssl.c | 6 +++---
> 1 file changed, 3 insertions(+), 3 deletions(-)
>
> diff --git a/src/openvpn/ssl_openssl.c b/src/openvpn/ssl_openssl.c
> index 21651a3e..bcdfb543 100644
> --- a/src/openvpn/ssl_openssl.c
> +++ b/src/openvpn/ssl_openssl.c
> @@ -231,7 +231,7 @@ tls_version_max(void)
> * We only need to check this for OpenSSL versions that can be
> * upgraded to 1.1.1 without recompile (>= 1.1.0)
> */
> -if (OpenSSL_version_num() >= 0x1010100fL)
> +if (OpenSSL_version_num() >= 0x1010100L)
> {
> return TLS_VER_1_3;
> }
> @@ -2104,7 +2104,7 @@ show_available_tls_ciphers_list(const char *cipher_list,
> crypto_msg(M_FATAL, "Cannot create SSL object");
> }
>
> -#if (OPENSSL_VERSION_NUMBER < 0x101fL)\
> +#if (OPENSSL_VERSION_NUMBER < 0x101L)\
> || (defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER <=
> 0x209fL)
> STACK_OF(SSL_CIPHER) *sk = SSL_get_ciphers(ssl);
> #else
> @@ -2134,7 +2134,7 @@ show_available_tls_ciphers_list(const char *cipher_list,
> printf("%s\n", pair->iana_name);
> }
> }
> -#if (OPENSSL_VERSION_NUMBER >= 0x101fL)
> +#if (OPENSSL_VERSION_NUMBER >= 0x101L)
> sk_SSL_CIPHER_free(sk);
> #endif
> SSL_free(ssl);
>
Ignore that patch. I am not awake yet. the fL is not a suffix. LibreSSL
has has its patch version to be 0f.
Arne
signature.asc
Description: OpenPGP digital signature
___
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
[Openvpn-devel] [PATCH] Fix float comparisons of OPENVPN_VERSION_NUMBER
These checks are probably the result of copying a
check from the LibreSSL and modifying it to be
a OpenSSL check. For some arcane reason LibreSSL decided
that its version number should be a long float (double) rather
than an integer.
Signed-off-by: Arne Schwabe
---
src/openvpn/ssl_openssl.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/src/openvpn/ssl_openssl.c b/src/openvpn/ssl_openssl.c
index 21651a3e..bcdfb543 100644
--- a/src/openvpn/ssl_openssl.c
+++ b/src/openvpn/ssl_openssl.c
@@ -231,7 +231,7 @@ tls_version_max(void)
* We only need to check this for OpenSSL versions that can be
* upgraded to 1.1.1 without recompile (>= 1.1.0)
*/
-if (OpenSSL_version_num() >= 0x1010100fL)
+if (OpenSSL_version_num() >= 0x1010100L)
{
return TLS_VER_1_3;
}
@@ -2104,7 +2104,7 @@ show_available_tls_ciphers_list(const char *cipher_list,
crypto_msg(M_FATAL, "Cannot create SSL object");
}
-#if (OPENSSL_VERSION_NUMBER < 0x101fL)\
+#if (OPENSSL_VERSION_NUMBER < 0x101L)\
|| (defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER <=
0x209fL)
STACK_OF(SSL_CIPHER) *sk = SSL_get_ciphers(ssl);
#else
@@ -2134,7 +2134,7 @@ show_available_tls_ciphers_list(const char *cipher_list,
printf("%s\n", pair->iana_name);
}
}
-#if (OPENSSL_VERSION_NUMBER >= 0x101fL)
+#if (OPENSSL_VERSION_NUMBER >= 0x101L)
sk_SSL_CIPHER_free(sk);
#endif
SSL_free(ssl);
--
2.25.0
___
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
