From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id 5881442D59 for ; Mon, 26 Jun 2023 11:13:33 +0200 (CEST) Received: from mails.dpdk.org (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id 4F98F42D37; Mon, 26 Jun 2023 11:13:33 +0200 (CEST) Received: from mail-oa1-f51.google.com (mail-oa1-f51.google.com [209.85.160.51]) by mails.dpdk.org (Postfix) with ESMTP id 0BA0441149 for ; Mon, 26 Jun 2023 11:13:31 +0200 (CEST) Received: by mail-oa1-f51.google.com with SMTP id 586e51a60fabf-1b038d7a5faso744711fac.1 for ; Mon, 26 Jun 2023 02:13:30 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=6wind.com; s=google; t=1687770810; x=1690362810; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=TaYg1Hp0PkowkCKBemDNYNDqhquEJcvR0M570bkwHsY=; b=X/YREa2y0WlwLH4U3vGhIKZPYWPYhdt4pSRL5xTShySFUdHvdtPZdExv1tKgaochod UqSBVDyx+Uc6VkkxhwdTXoBtQbIbgx4/fqQ8+MMmVlDaTD97cmSTAJorCl86dbK6HKuo Gmx94adiJ7AWI30JGeLKcJi3lQKP4x010yB9mN1fQJzLH9KOQ9TkFul1+tsLP+rpXaVG MVsgEhjQ7tpjr1t515YOgeQrmmi9PQsN9KY9WlXnVeCj6AHHldvE89cvoN+OLqDZ4Gpz iP5zbDuTmvyvUL+j0DFRGMEUnrnL98vQdpexuT2KzfnmE80ewXH2CuVv8HMtOrxegqE0 zj+g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1687770810; x=1690362810; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=TaYg1Hp0PkowkCKBemDNYNDqhquEJcvR0M570bkwHsY=; b=FalZIncg4vk/LIp7sgJ9R1QJ+Wf0ZhdALW3Twe9hUgndhIEt/Mp49bzZ1SY4B+SNkl odap6ADLQrl74NFswDtUpqTzAPuixepBK7IvIl+7FnyZ3G24hiw7wy9HtF0pXKglNW26 sCEjCLw9uxMdEXx3S4QKJvYIo28xY5oDWhYDmyvkVL7EoqiaRR5sBO2RSGgx4jsd2xb3 ylhbRu7uJcko6gWtLixQP1dOU1hXLgC3meNryG0DaeSyL+oIDd77iyFQS6xf0sXXmyMU NWfH8raUi3MFIjILFw/+J2lMbs4nMUKJQzDNHCoT2aYy6uf/xCf9Cg3kEaGMHajhXXgj liPg== X-Gm-Message-State: AC+VfDw3bdAJwxT3T6ub70DqNnaPJRyjAl5t9YVBVAjDXFUt+aVtbLvM mRm/kgUmY+NXcrEN+wivSZtfMKS+nNyPbk+7f0CG2A== X-Google-Smtp-Source: ACHHUZ4njaxCcLVTndcMZoxEtQzcyHGvThNOvzkOWWGBdMfb8xN6z8603r6btGVqN24FasRONbFPm/5Xxf53AaTo8kE= X-Received: by 2002:a05:6808:3009:b0:39d:f03e:71ca with SMTP id ay9-20020a056808300900b0039df03e71camr28711106oib.53.1687770810242; Mon, 26 Jun 2023 02:13:30 -0700 (PDT) MIME-Version: 1.0 References: <20230418145619.2648068-1-didier.pallard@6wind.com> <2809888.Y6S9NjorxK@thomas> In-Reply-To: <2809888.Y6S9NjorxK@thomas> From: Didier Pallard Date: Mon, 26 Jun 2023 11:13:19 +0200 Message-ID: Subject: Re: [PATCH] crypto/openssl: do not build useless workaround To: Thomas Monjalon Cc: Kai Ji , gakhil@marvell.com, dev@dpdk.org, stable@dpdk.org, Daniel Mrzyglod , Tomasz Kulasek , Michal Kobylinski , Pablo de Lara , Slawomir Mrozowicz Content-Type: multipart/alternative; boundary="0000000000009b6e6505ff04c37c" X-BeenThere: stable@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: patches for DPDK stable branches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: stable-bounces@dpdk.org --0000000000009b6e6505ff04c37c Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable HI, not sure to understand how it is possible. If build OPENSSL_VERSION_NUMBER < 0x10100000L, linker should link binary with libcrypto.so.1.0.0. libcrypto.so.1.1 if build for 0x10100000L and libcrypto.so.3 for 0x30000000L loader should not allow to link with a library different from the one used at build time, no? didier On Sun, Jun 25, 2023 at 9:22=E2=80=AFPM Thomas Monjalon wrote: > 18/04/2023 16:56, Didier Pallard: > > This workaround was needed before version 1.0.1f. Do not build it for > > versions >=3D 1.1. > > > > Fixes: d61f70b4c918 ("crypto/libcrypto: add driver for OpenSSL library"= ) > > Signed-off-by: Didier Pallard > > Cc: stable@dpdk.org > [...] > > +#if OPENSSL_VERSION_NUMBER < 0x10100000L > > /* Workaround open ssl bug in version less then 1.0.1f */ > > if (EVP_EncryptUpdate(ctx, empty, &unused, empty, 0) <=3D 0) > > goto process_auth_encryption_gcm_err; > > +#endif > > What happens if we build with OpenSSL 1.1 and run with OpenSSL 1.0? > Can we have a runtime check? > Or is it better doing the workaround always as before? > > > --0000000000009b6e6505ff04c37c Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
HI,
not sure to understand how it is possib= le.
If build=C2=A0 OPENSSL_VERSION_NUMBER <=C2=A0 0x10100000L, linker should link binary with libcrypto.so.1.0.0.
<= div>libcrypto.so.1.1 if build for 0x10100000L and=20 libcrypto.so.3 for 0x30000000L
loader should not allow to li= nk with a library different from the one used at build time, no?
=
didier

On Sun, Jun 25, 2023 at 9:22=E2=80=AFPM Thom= as Monjalon <th= omas@monjalon.net> wrote:
18/04/2023 16:56, Didier Pallard:
> This workaround was needed before version 1.0.1f. Do not build it for<= br> > versions >=3D 1.1.
>
> Fixes: d61f70b4c918 ("crypto/libcrypto: add driver for OpenSSL li= brary")
> Signed-off-by: Didier Pallard <didier.pallard@6wind.com>
> Cc: stable@dpdk.o= rg
[...]
> +#if OPENSSL_VERSION_NUMBER < 0x10100000L
>=C2=A0 =C2=A0 =C2=A0 =C2=A0/* Workaround open ssl bug in version less t= hen 1.0.1f */
>=C2=A0 =C2=A0 =C2=A0 =C2=A0if (EVP_EncryptUpdate(ctx, empty, &unuse= d, empty, 0) <=3D 0)
>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0goto process_aut= h_encryption_gcm_err;
> +#endif

What happens if we build with OpenSSL 1.1 and run with OpenSSL 1.0?
Can we have a runtime check?
Or is it better doing the workaround always as before?


--0000000000009b6e6505ff04c37c--