|
 |
a56c8e |
From 090a10a69340dc0825f611eceac60bf3f904a5ec Mon Sep 17 00:00:00 2001
|
|
|
a56c8e |
From: Petr Gotthard <petr.gotthard@centrum.cz>
|
|
|
a56c8e |
Date: Sat, 17 Jul 2021 22:43:00 +0200
|
|
|
a56c8e |
Subject: Require OpenSSL >= 1.1.0
|
|
|
a56c8e |
MIME-Version: 1.0
|
|
|
a56c8e |
Content-Type: text/plain; charset=UTF-8
|
|
|
a56c8e |
Content-Transfer-Encoding: 8bit
|
|
|
a56c8e |
|
|
|
a56c8e |
To reduce the amount of version-specific code we drop support for
|
|
|
a56c8e |
OpenSSL prior 1.1.0, including all forks such as LibreSSL, which are
|
|
|
a56c8e |
not API compatible with OpenSSL >= 1.1.0.
|
|
|
a56c8e |
|
|
|
a56c8e |
Python 3.10 will even require OpenSSL >= 1.1.1. The corresponding
|
|
|
a56c8e |
PEP 644 contains a detailed impact analysis which is also relevant
|
|
|
a56c8e |
here.
|
|
|
a56c8e |
|
|
|
a56c8e |
Signed-off-by: Petr Gotthard <petr.gotthard@centrum.cz>
|
|
|
a56c8e |
---
|
|
|
a56c8e |
INSTALL.md | 3 +--
|
|
|
a56c8e |
configure.ac | 6 +++++-
|
|
|
a56c8e |
2 files changed, 6 insertions(+), 3 deletions(-)
|
|
|
a56c8e |
|
|
|
a56c8e |
diff --git a/INSTALL.md b/INSTALL.md
|
|
|
a56c8e |
index eec94c45..658e1f28 100644
|
|
|
a56c8e |
--- a/INSTALL.md
|
|
|
a56c8e |
+++ b/INSTALL.md
|
|
|
a56c8e |
@@ -14,7 +14,7 @@ following sections describe them for the supported platforms.
|
|
|
a56c8e |
* C library development libraries and header files
|
|
|
a56c8e |
* pkg-config
|
|
|
a56c8e |
* doxygen
|
|
|
a56c8e |
-* OpenSSL development libraries and header files
|
|
|
a56c8e |
+* OpenSSL development libraries and header files, version >= 1.1.0
|
|
|
a56c8e |
* libcurl development libraries
|
|
|
a56c8e |
|
|
|
a56c8e |
The following are dependencies only required when building test suites.
|
|
|
a56c8e |
@@ -71,7 +71,6 @@ C Runtime (UCRT) version 10.0.16299.0. Building the type marshaling library
|
|
|
a56c8e |
(tss2-mu.dll) and the system API (tss2-sapi.dll) should be as simple as
|
|
|
a56c8e |
loading the tpm2-tss solution (tpm2-tss.sln) with a compatible and properly
|
|
|
a56c8e |
configured version of Visual Studio 2017 and pressing the 'build' button.
|
|
|
a56c8e |
-Windows build setup requires OpenSSL >= v1.0.2 crypto library.
|
|
|
a56c8e |
|
|
|
a56c8e |
### References
|
|
|
a56c8e |
Visual Studio 2017 with "Clang for Windows": https://blogs.msdn.microsoft.com/vcblog/2017/03/07/use-any-c-compiler-with-visual-studio/
|
|
|
a56c8e |
diff --git a/configure.ac b/configure.ac
|
|
|
a56c8e |
index d4324c9a..12baa257 100755
|
|
|
a56c8e |
--- a/configure.ac
|
|
|
a56c8e |
+++ b/configure.ac
|
|
|
a56c8e |
@@ -132,9 +132,13 @@ AC_ARG_WITH([crypto],
|
|
|
a56c8e |
AM_CONDITIONAL(ESYS_OSSL, test "x$with_crypto" = "xossl")
|
|
|
a56c8e |
AM_CONDITIONAL(ESYS_MBED, test "x$with_crypto" = "xmbed")
|
|
|
a56c8e |
|
|
|
a56c8e |
+m4_define([ossl_min_version], [1.1.0])
|
|
|
a56c8e |
+m4_define([ossl_err], [OpenSSL libcrypto is missing or version requirements not met. OpenSSL version must be >= ossl_min_version])
|
|
|
a56c8e |
AS_IF([test "x$enable_esys" = xyes],
|
|
|
a56c8e |
[AS_IF([test "x$with_crypto" = xossl], [
|
|
|
a56c8e |
- PKG_CHECK_MODULES([LIBCRYPTO], [libcrypto])
|
|
|
a56c8e |
+ PKG_CHECK_MODULES([LIBCRYPTO],
|
|
|
a56c8e |
+ [libcrypto >= ossl_min_version],,
|
|
|
a56c8e |
+ [AC_MSG_ERROR([ossl_err])])
|
|
|
a56c8e |
AC_DEFINE([OSSL], [1], [OpenSSL cryptographic backend])
|
|
|
a56c8e |
TSS2_ESYS_CFLAGS_CRYPTO="$LIBCRYPTO_CFLAGS"
|
|
|
a56c8e |
TSS2_ESYS_LDFLAGS_CRYPTO="$LIBCRYPTO_LIBS"
|
|
|
a56c8e |
--
|
|
|
a56c8e |
2.26.3
|
|
|
a56c8e |
|