DPDK patches and discussions
 help / color / mirror / Atom feed
From: Didier Pallard <didier.pallard@6wind.com>
To: Thomas Monjalon <thomas@monjalon.net>
Cc: Kai Ji <kai.ji@intel.com>,
	gakhil@marvell.com, dev@dpdk.org, stable@dpdk.org,
	Daniel Mrzyglod <danielx.t.mrzyglod@intel.com>,
	Tomasz Kulasek <tomaszx.kulasek@intel.com>,
	 Michal Kobylinski <michalx.kobylinski@intel.com>,
	 Pablo de Lara <pablo.de.lara.guarch@intel.com>,
	 Slawomir Mrozowicz <slawomirx.mrozowicz@intel.com>
Subject: Re: [PATCH] crypto/openssl: do not build useless workaround
Date: Mon, 26 Jun 2023 12:39:44 +0200	[thread overview]
Message-ID: <CAMinK25Z_C_FemtptBoZv8y3KM-gNh+75cnWwB0ZjZ4Xr1PR2Q@mail.gmail.com> (raw)
In-Reply-To: <1720411.yIU609i1g2@thomas>

[-- Attachment #1: Type: text/plain, Size: 1675 bytes --]

On Mon, Jun 26, 2023 at 12:04 PM Thomas Monjalon <thomas@monjalon.net>
wrote:

> 26/06/2023 11:13, Didier Pallard:
> > HI,
> > not sure to understand how it is possible.
> > If build  OPENSSL_VERSION_NUMBER <  0x10100000L, linker should link
> binary
> > with libcrypto.so.1.0.0.
> > libcrypto.so.1.1 if build for 0x10100000L and libcrypto.so.3 for
> > 0x30000000L
> > loader should not allow to link with a library different from the one
> used
> > at build time, no?
>
> You are probably right.
> libcrypto.so.1.1 and libcrypto.so.1.0 are incompatible versions?
>
I think so. Can someone else confirm?


> If we are linking against libcrypto.so.1.1 and you did exactly
> a check for lower than libcrypto.so.1.1, then it should be OK.
>
>
> > On Sun, Jun 25, 2023 at 9:22 PM Thomas Monjalon <thomas@monjalon.net>
> wrote:
> >
> > > 18/04/2023 16:56, Didier Pallard:
> > > > This workaround was needed before version 1.0.1f. Do not build it for
> > > > versions >= 1.1.
> > > >
> > > > Fixes: d61f70b4c918 ("crypto/libcrypto: add driver for OpenSSL
> library")
> > > > Signed-off-by: Didier Pallard <didier.pallard@6wind.com>
> > > > Cc: stable@dpdk.org
> > > [...]
> > > > +#if OPENSSL_VERSION_NUMBER < 0x10100000L
> > > >       /* Workaround open ssl bug in version less then 1.0.1f */
> > > >       if (EVP_EncryptUpdate(ctx, empty, &unused, empty, 0) <= 0)
> > > >               goto process_auth_encryption_gcm_err;
> > > > +#endif
> > >
> > > What happens if we build with OpenSSL 1.1 and run with OpenSSL 1.0?
> > > Can we have a runtime check?
> > > Or is it better doing the workaround always as before?
>
>
>
>

[-- Attachment #2: Type: text/html, Size: 2592 bytes --]

      reply	other threads:[~2023-06-26 10:39 UTC|newest]

Thread overview: 7+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2023-04-18 14:56 Didier Pallard
2023-06-20  9:29 ` Ji, Kai
2023-06-20 11:00   ` Akhil Goyal
2023-06-25 19:22 ` Thomas Monjalon
2023-06-26  9:13   ` Didier Pallard
2023-06-26 10:04     ` Thomas Monjalon
2023-06-26 10:39       ` Didier Pallard [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=CAMinK25Z_C_FemtptBoZv8y3KM-gNh+75cnWwB0ZjZ4Xr1PR2Q@mail.gmail.com \
    --to=didier.pallard@6wind.com \
    --cc=danielx.t.mrzyglod@intel.com \
    --cc=dev@dpdk.org \
    --cc=gakhil@marvell.com \
    --cc=kai.ji@intel.com \
    --cc=michalx.kobylinski@intel.com \
    --cc=pablo.de.lara.guarch@intel.com \
    --cc=slawomirx.mrozowicz@intel.com \
    --cc=stable@dpdk.org \
    --cc=thomas@monjalon.net \
    --cc=tomaszx.kulasek@intel.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).