Hi, I noticed the LibreSSL configure test in unbound 1.5.4 does not detect LibreSSL 2.2.2:
if grep OPENSSL_VERSION_TEXT $ssldir/include/openssl/opensslv.h | grep "LibreSSL" >/dev/null then However, LibreSSL 2.2.2 ships /usr/include/openssl/opensslv.h with /* These will change with each release of LibreSSL-portable */ #define LIBRESSL_VERSION_NUMBER 0x20020002L #define LIBRESSL_VERSION_TEXT "LibreSSL 2.2.2" /* These will never change */ #define OPENSSL_VERSION_NUMBER 0x20000000L #define OPENSSL_VERSION_TEXT LIBRESSL_VERSION_TEXT #define OPENSSL_VERSION_PTEXT " part of " OPENSSL_VERSION_TEXT Perhaps you just want to check for any mention of LibreSSL in /usr/include/openssl/opensslv.h at all, or do it properly and check if LIBRESSL_VERSION_NUMBER is defined as a macro. (This misdetection results in the unfortunate behavior that reallocarray is used without prototype (because the prototypes are guarded by HAVE_LIBRESSL), resulting in truncated address return values on 64-bit machines.) Found by Void Linux: https://github.com/voidlinux/void-packages/pull/2232. cu, -- Christian Neukirchen <[email protected]> http://chneukirchen.org
