From: Dennis Clarke <dclarke@blastwave.org>
To: James Bottomley <James.Bottomley@HansenPartnership.com>,
Bagas Sanjaya <bagasdotme@gmail.com>,
Linux Kernel Mailing List <linux-kernel@vger.kernel.org>,
Linux Kernel Build System <linux-kbuild@vger.kernel.org>,
Linux Kernel Keyrings <keyrings@vger.kernel.org>
Cc: David Howells <dhowells@redhat.com>,
David Woodhouse <dwmw2@infradead.org>,
Masahiro Yamada <masahiroy@kernel.org>
Subject: Re: Fwd: sign-file.c:149:17: warning: implicit declaration of function ‘ENGINE_load_builtin_engines’
Date: Thu, 30 Nov 2023 15:30:17 -0500 [thread overview]
Message-ID: <8cb7186f-6346-7997-13b3-8f5a1d71bc3d@blastwave.org> (raw)
In-Reply-To: <ce0c752cd1ed482bff97c6c62266440e3ff8f937.camel@HansenPartnership.com>
On 11/23/23 20:05, James Bottomley wrote:
> On Thu, 2023-11-23 at 18:42 -0500, Dennis Clarke wrote:
>> On 11/23/23 09:53, James Bottomley wrote:
>>> On Fri, 2023-11-17 at 00:34 -0500, Dennis Clarke wrote:
>>>> On 11/16/23 18:41, Bagas Sanjaya wrote:
>>>>> Hi,
>>>>>
>>>>> I notice a bug report on Bugzilla [1]. Quoting from it:
>>>>>
>>>> <snip>
>>>>>> Not related to
>>>>>> https://bugzilla.kernel.org/show_bug.cgi?id=215750 but I
.
. <snip>
.
>>
>> I am looking into this. The code will likely age into some deprecated
>> calls and I think that I may be way out on the edge here.
>
> So you did build without engine support ...
Yep.
--prefix=/usr/local no-asm shared no-engine no-hw threads zlib
sctp enable-weak-ssl-ciphers -DPEDANTIC -D_REENTRANT
So there we see the "no-engine" option. That pretty much kicks the
sign-file.c code to the curb.
>> However the code will need a pile of ifndef stuff and then call the
>> correct future looking calls for OpenSSL 3.x etc etc etc ... the
>> usual stuff
>
> Well, not really: openssl is highly configurable and if it gets
> configured wrongly, stuff like this happens.
Well, not "wrongly". More like "not the usual off the shelf stuff".
> That's why distros have a
> fairly inclusive configuration and they stick to it. No-one can cope
> with the combinatoric explosion of openssl configuration possibilities
> (even though they have ifdefs for most of them) so the only way is
> really to fix a standard configuration and assume you're building for
> it.
Seems clear to me.
> Openssl has been talking for ages about removing engine support, but
> they've been unable to do so due to the rather slow pace of conversion
> of their own engines. I anticipate this code can be removed in favour
> of the pkcs11 provider long before openssl actually manages to remove
> engines.
>
> James
Well I thank you for the clarity here. I still feel that sign-file.c
needs a bit of a rewrite and I guess the old expression "patches are
welcome" works here.
Dennis Clarke
RISC-V/SPARC/PPC/ARM/CISC
UNIX and Linux spoken
next prev parent reply other threads:[~2023-11-30 20:30 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-11-16 23:41 Fwd: sign-file.c:149:17: warning: implicit declaration of function ‘ENGINE_load_builtin_engines’ Bagas Sanjaya
2023-11-17 5:34 ` Dennis Clarke
2023-11-22 4:55 ` Bagas Sanjaya
2023-11-23 14:37 ` Dennis Clarke
2023-11-23 14:53 ` James Bottomley
2023-11-23 23:42 ` Dennis Clarke
2023-11-24 1:05 ` James Bottomley
2023-11-30 20:30 ` Dennis Clarke [this message]
2023-11-24 2:28 ` Dennis Clarke
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=8cb7186f-6346-7997-13b3-8f5a1d71bc3d@blastwave.org \
--to=dclarke@blastwave.org \
--cc=James.Bottomley@HansenPartnership.com \
--cc=bagasdotme@gmail.com \
--cc=dhowells@redhat.com \
--cc=dwmw2@infradead.org \
--cc=keyrings@vger.kernel.org \
--cc=linux-kbuild@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=masahiroy@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).