Re: [PATCH v2] sign-file: Convert API usage to support OpenSSL v3
From: Shuah Khan
Date: Wed May 18 2022 - 19:00:41 EST
On 5/18/22 3:51 PM, Kees Cook wrote:
OpenSSL's ENGINE API is deprecated in OpenSSL v3.0, along with some
other functions. Remove the ENGINE use and a macro work-around for
ERR_get_error_line().
Cc: David Howells <dhowells@xxxxxxxxxx>
Cc: David Woodhouse <dwmw2@xxxxxxxxxxxxx>
Cc: Eric Biggers <ebiggers@xxxxxxxxxx>
Cc: Shuah Khan <skhan@xxxxxxxxxxxxxxxxxxx>
Cc: Salvatore Bonaccorso <carnil@xxxxxxxxxx>
Cc: keyrings@xxxxxxxxxxxxxxx
Suggested-by: Adam Langley <agl@xxxxxxxxxx>
Co-developed-by: Lee Jones <lee.jones@xxxxxxxxxx>
Signed-off-by: Lee Jones <lee.jones@xxxxxxxxxx>
Signed-off-by: Kees Cook <keescook@xxxxxxxxxxxx>
---
v1: https://lore.kernel.org/lkml/20211005161833.1522737-1-lee.jones@xxxxxxxxxx/
v2: https://lore.kernel.org/lkml/Yicwb+Ceiu8JjVIS@xxxxxxxxxx/
v3:
- Eliminate all the build warnings with OpenSSL 3
- Fully remove ENGINE usage, if it can be optional, just drop it.
---
scripts/sign-file.c | 49 ++++++++++-----------------------------------
1 file changed, 11 insertions(+), 38 deletions(-)
Worked for me on OpenSSL v3 and older version .
Tested-by: Shuah Khan <skhan@xxxxxxxxxxxxxxxxxxx>
thanks,
-- Shuah