Talk:OpenSSL 1.1.0 Changes

From OpenSSLWiki
Jump to navigationJump to search
The printable version is no longer supported and may have rendering errors. Please update your browser bookmarks and please use the default browser print function instead.

Converting code to be compatible with both OpenSSL 1.0.x and 1.1.x

Small correction to the example at 1.1_API_Changes#Adding_forward-compatible_code_to_older_versions:

HMAC_CTX_reset, and EVP_MD_CTX_free are OpenSSL 1.1 APIs themselves so their use should be avoided in the #if section.

Suggested example:

#if (OPENSSL_VERSION_NUMBER < 0x10100000L) || defined (LIBRESSL_VERSION_NUMBER)
static HMAC_CTX *HMAC_CTX_new(void)
{
   HMAC_CTX *ctx = OPENSSL_malloc(sizeof(*ctx));
   if (ctx != NULL)
       HMAC_CTX_init(ctx);
   return ctx;
}

static void HMAC_CTX_free(HMAC_CTX *ctx)
{
   if (ctx != NULL) {
       HMAC_CTX_cleanup(ctx);
       OPENSSL_free(ctx);
   }
}
#endif

Similarly examples for other APIs that I encountered:

#if (OPENSSL_VERSION_NUMBER < 0x10100000L) || defined (LIBRESSL_VERSION_NUMBER)
#define EVP_MD_CTX_new EVP_MD_CTX_create
#define EVP_MD_CTX_free EVP_MD_CTX_destroy
#endif

#if (OPENSSL_VERSION_NUMBER < 0x10100000L) || defined(LIBRESSL_VERSION_NUMBER)
#define ASN1_STRING_get0_data(x) ASN1_STRING_data(x)
#endif

--Edwintorok (talk) 13:30, 23 September 2016 (UTC)


Please update the "No longer works" section

That section is seriously outdated.

--Levitte (talk) 06:51, 27 March 2020 (UTC)