HI,

not sure to understand how it is possible.

If build OPENSSL_VERSION_NUMBER < 0x10100000L, linker should link binary with libcrypto.so.1.0.0.

libcrypto.so.1.1 if build for 0x10100000L and libcrypto.so.3 for 0x30000000L

loader should not allow to link with a library different from the one used at build time, no?

didier

On Sun, Jun 25, 2023 at 9:22 PM Thomas Monjalon <thomas@monjalon.net> wrote:

18/04/2023 16:56, Didier Pallard:
> This workaround was needed before version 1.0.1f. Do not build it for
> versions >= 1.1.
>
> Fixes: d61f70b4c918 ("crypto/libcrypto: add driver for OpenSSL library")
> Signed-off-by: Didier Pallard <didier.pallard@6wind.com>
> Cc: stable@dpdk.org
[...]
> +#if OPENSSL_VERSION_NUMBER < 0x10100000L
> /* Workaround open ssl bug in version less then 1.0.1f */
> if (EVP_EncryptUpdate(ctx, empty, &unused, empty, 0) <= 0)
> goto process_auth_encryption_gcm_err;
> +#endif

What happens if we build with OpenSSL 1.1 and run with OpenSSL 1.0?
Can we have a runtime check?
Or is it better doing the workaround always as before?