OpenSSLWiki - User contributions [en]

Talk:OpenSSL 1.1.0 Changes

2016-09-23T13:33:57Z

Edwintorok: the #ifdef mention is enough

== Converting code to be compatible with both OpenSSL 1.0.x and 1.1.x ==

Small correction to the example at [[1.1_API_Changes#Adding_forward-compatible_code_to_older_versions]]:

<tt>HMAC_CTX_reset</tt>, and <tt>EVP_MD_CTX_free</tt> are OpenSSL 1.1 APIs themselves so their use should be avoided in the <tt>#if</tt> section.

Suggested example:

<code>
#if (OPENSSL_VERSION_NUMBER < 0x10100000L) || defined (LIBRESSL_VERSION_NUMBER)
static HMAC_CTX *HMAC_CTX_new(void)
{
HMAC_CTX *ctx = OPENSSL_malloc(sizeof(*ctx));
if (ctx != NULL)
HMAC_CTX_init(ctx);
return ctx;
}

static void HMAC_CTX_free(HMAC_CTX *ctx)
{
if (ctx != NULL) {
HMAC_CTX_cleanup(ctx);
OPENSSL_free(ctx);
}
}
#endif
</code>

Similarly examples for other APIs that I encountered:
<code>
#if (OPENSSL_VERSION_NUMBER < 0x10100000L) || defined (LIBRESSL_VERSION_NUMBER)
#define EVP_MD_CTX_new EVP_MD_CTX_create
#define EVP_MD_CTX_free EVP_MD_CTX_destroy
#endif

#if (OPENSSL_VERSION_NUMBER < 0x10100000L) || defined(LIBRESSL_VERSION_NUMBER)
#define ASN1_STRING_get0_data(x) ASN1_STRING_data(x)
#endif
</code>
--[[User:Edwintorok|Edwintorok]] ([[User talk:Edwintorok|talk]]) 13:30, 23 September 2016 (UTC)

Talk:OpenSSL 1.1.0 Changes

2016-09-23T13:30:09Z

Edwintorok: sign my edit

== Converting code to be compatible with both OpenSSL 1.0.x and 1.1.x ==

Small correction to the example at [[1.1_API_Changes#Adding_forward-compatible_code_to_older_versions]]:

<tt>HMAC_CTX_reset</tt>, and <tt>EVP_MD_CTX_free</tt> are OpenSSL 1.1 APIs themselves so their use should be avoided in the <tt>#if</tt> section.
Also LibreSSL claims to be <tt>OPENSSL_VERSION_NUMBER 0x20000000L</tt>, but doesn't support the new OpenSSL 1.1.0 API yet.

Suggested example:

<code>
#if (OPENSSL_VERSION_NUMBER < 0x10100000L) || defined (LIBRESSL_VERSION_NUMBER)
static HMAC_CTX *HMAC_CTX_new(void)
{
HMAC_CTX *ctx = OPENSSL_malloc(sizeof(*ctx));
if (ctx != NULL)
HMAC_CTX_init(ctx);
return ctx;
}

static void HMAC_CTX_free(HMAC_CTX *ctx)
{
if (ctx != NULL) {
HMAC_CTX_cleanup(ctx);
OPENSSL_free(ctx);
}
}
#endif
</code>

Similarly examples for other APIs that I encountered:
<code>
#if (OPENSSL_VERSION_NUMBER < 0x10100000L) || defined (LIBRESSL_VERSION_NUMBER)
#define EVP_MD_CTX_new EVP_MD_CTX_create
#define EVP_MD_CTX_free EVP_MD_CTX_destroy
#endif

#if (OPENSSL_VERSION_NUMBER < 0x10100000L) || defined(LIBRESSL_VERSION_NUMBER)
#define ASN1_STRING_get0_data(x) ASN1_STRING_data(x)
#endif
</code>
--[[User:Edwintorok|Edwintorok]] ([[User talk:Edwintorok|talk]]) 13:30, 23 September 2016 (UTC)

Talk:OpenSSL 1.1.0 Changes

2016-09-23T13:29:38Z

Edwintorok: Correction to 1.0.x/1.1.x compatibility example

== Converting code to be compatible with both OpenSSL 1.0.x and 1.1.x ==

Small correction to the example at [[1.1_API_Changes#Adding_forward-compatible_code_to_older_versions]]:

<tt>HMAC_CTX_reset</tt>, and <tt>EVP_MD_CTX_free</tt> are OpenSSL 1.1 APIs themselves so their use should be avoided in the <tt>#if</tt> section.
Also LibreSSL claims to be <tt>OPENSSL_VERSION_NUMBER 0x20000000L</tt>, but doesn't support the new OpenSSL 1.1.0 API yet.

Suggested example:

<code>
#if (OPENSSL_VERSION_NUMBER < 0x10100000L) || defined (LIBRESSL_VERSION_NUMBER)
static HMAC_CTX *HMAC_CTX_new(void)
{
HMAC_CTX *ctx = OPENSSL_malloc(sizeof(*ctx));
if (ctx != NULL)
HMAC_CTX_init(ctx);
return ctx;
}

static void HMAC_CTX_free(HMAC_CTX *ctx)
{
if (ctx != NULL) {
HMAC_CTX_cleanup(ctx);
OPENSSL_free(ctx);
}
}
#endif
</code>

Similarly examples for other APIs that I encountered:
<code>
#if (OPENSSL_VERSION_NUMBER < 0x10100000L) || defined (LIBRESSL_VERSION_NUMBER)
#define EVP_MD_CTX_new EVP_MD_CTX_create
#define EVP_MD_CTX_free EVP_MD_CTX_destroy
#endif

#if (OPENSSL_VERSION_NUMBER < 0x10100000L) || defined(LIBRESSL_VERSION_NUMBER)
#define ASN1_STRING_get0_data(x) ASN1_STRING_data(x)
#endif
</code>