Linux-mtd Archive on lore.kernel.org
 help / color / Atom feed
* [PATCH] mkfs.ubifs: remove OPENSSL_no_config()
@ 2020-07-24  7:47 bage
  2020-07-25  8:24 ` Richard Weinberger
  0 siblings, 1 reply; 6+ messages in thread
From: bage @ 2020-07-24  7:47 UTC (permalink / raw)
  To: linux-mtd; +Cc: Bastian Germann, Torben Hohn

From: Torben Hohn <torben.hohn@linutronix.de>

Especially for the pkcs11 engine, a configuration is required
because the provider has to be configured.

Its not clear why OPENSSL_no_config() is called.

Remove OPENSSL_no_config() and call OPENSSL_config(NULL)
instead.

Signed-off-by: Torben Hohn <torben.hohn@linutronix.de>
Signed-off-by: Bastian Germann <bage@linutronix.de>
---
 ubifs-utils/mkfs.ubifs/sign.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/ubifs-utils/mkfs.ubifs/sign.c b/ubifs-utils/mkfs.ubifs/sign.c
index b7ad7ef..7f284f8 100644
--- a/ubifs-utils/mkfs.ubifs/sign.c
+++ b/ubifs-utils/mkfs.ubifs/sign.c
@@ -388,7 +388,8 @@ int init_authentication(void)
 	if (!c->hash_algo_name)
 		return err_msg("Hash algorithm not given (--hash-algo)");
 
-	OPENSSL_no_config();
+	OPENSSL_config(NULL);
+
 	OpenSSL_add_all_algorithms();
 	ERR_load_crypto_strings();
 
-- 
2.27.0


______________________________________________________
Linux MTD discussion mailing list
http://lists.infradead.org/mailman/listinfo/linux-mtd/

^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: [PATCH] mkfs.ubifs: remove OPENSSL_no_config()
  2020-07-24  7:47 [PATCH] mkfs.ubifs: remove OPENSSL_no_config() bage
@ 2020-07-25  8:24 ` Richard Weinberger
  2020-09-24 16:40   ` Bastian Germann
  0 siblings, 1 reply; 6+ messages in thread
From: Richard Weinberger @ 2020-07-25  8:24 UTC (permalink / raw)
  To: bage; +Cc: linux-mtd, David Oberhollenzer, Torben Hohn

On Fri, Jul 24, 2020 at 10:00 AM <bage@linutronix.de> wrote:
>
> From: Torben Hohn <torben.hohn@linutronix.de>
>
> Especially for the pkcs11 engine, a configuration is required
> because the provider has to be configured.
>
> Its not clear why OPENSSL_no_config() is called.

My best guess is because on old openssl versions it used to work.

> Remove OPENSSL_no_config() and call OPENSSL_config(NULL)
> instead.

David, can you please check whether this change works with all openssl versions
we want to support?

-- 
Thanks,
//richard

______________________________________________________
Linux MTD discussion mailing list
http://lists.infradead.org/mailman/listinfo/linux-mtd/

^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: [PATCH] mkfs.ubifs: remove OPENSSL_no_config()
  2020-07-25  8:24 ` Richard Weinberger
@ 2020-09-24 16:40   ` Bastian Germann
  2020-09-25  3:15     ` David Oberhollenzer
  0 siblings, 1 reply; 6+ messages in thread
From: Bastian Germann @ 2020-09-24 16:40 UTC (permalink / raw)
  To: Richard Weinberger; +Cc: linux-mtd, David Oberhollenzer

Am 25.07.20 um 10:24 schrieb Richard Weinberger:
> On Fri, Jul 24, 2020 at 10:00 AM <bage@linutronix.de> wrote:
>>
>> From: Torben Hohn <torben.hohn@linutronix.de>
>>
>> Especially for the pkcs11 engine, a configuration is required
>> because the provider has to be configured.
>>
>> Its not clear why OPENSSL_no_config() is called.
> 
> My best guess is because on old openssl versions it used to work.
> 
>> Remove OPENSSL_no_config() and call OPENSSL_config(NULL)
>> instead.
> 
> David, can you please check whether this change works with all openssl versions
> we want to support?
> 

Are there any news on this?

______________________________________________________
Linux MTD discussion mailing list
http://lists.infradead.org/mailman/listinfo/linux-mtd/

^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: [PATCH] mkfs.ubifs: remove OPENSSL_no_config()
  2020-09-24 16:40   ` Bastian Germann
@ 2020-09-25  3:15     ` David Oberhollenzer
  2020-09-29 14:05       ` Bastian Germann
  0 siblings, 1 reply; 6+ messages in thread
From: David Oberhollenzer @ 2020-09-25  3:15 UTC (permalink / raw)
  To: Bastian Germann, Richard Weinberger; +Cc: linux-mtd

On 9/24/20 6:40 PM, Bastian Germann wrote:
> Am 25.07.20 um 10:24 schrieb Richard Weinberger:
>> On Fri, Jul 24, 2020 at 10:00 AM <bage@linutronix.de> wrote:
>>>
>>> From: Torben Hohn <torben.hohn@linutronix.de>
>>>
>>> Especially for the pkcs11 engine, a configuration is required
>>> because the provider has to be configured.
>>>
>>> Its not clear why OPENSSL_no_config() is called.
>>
>> My best guess is because on old openssl versions it used to work.
>>
>>> Remove OPENSSL_no_config() and call OPENSSL_config(NULL)
>>> instead.
>>
>> David, can you please check whether this change works with all openssl versions
>> we want to support?
>>
> 
> Are there any news on this?
> 

Sorry for the delay. I did some research on this in August but being busy at
the time eventually forgot about the thread.

The latest changes that I found in the change log dated back to OpenSSL 0.9.7.
Walking through the git log for the implementation seems to confirm that.

However, recent man pages say, that the OPENSSL_config functions are deprecated
since OpenSSL 1.1.0 and OPENSSL_init_crypto should be used now, so the patch
might require an extra #if for newer OpenSSL versions.

______________________________________________________
Linux MTD discussion mailing list
http://lists.infradead.org/mailman/listinfo/linux-mtd/

^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: [PATCH] mkfs.ubifs: remove OPENSSL_no_config()
  2020-09-25  3:15     ` David Oberhollenzer
@ 2020-09-29 14:05       ` Bastian Germann
  2020-10-18 20:44         ` David Oberhollenzer
  0 siblings, 1 reply; 6+ messages in thread
From: Bastian Germann @ 2020-09-29 14:05 UTC (permalink / raw)
  To: David Oberhollenzer, Richard Weinberger; +Cc: linux-mtd

Am 25.09.20 um 05:15 schrieb David Oberhollenzer:
> On 9/24/20 6:40 PM, Bastian Germann wrote:
>> Am 25.07.20 um 10:24 schrieb Richard Weinberger:
>>> On Fri, Jul 24, 2020 at 10:00 AM <bage@linutronix.de> wrote:
>>>>
>>>> From: Torben Hohn <torben.hohn@linutronix.de>
>>>>
>>>> Especially for the pkcs11 engine, a configuration is required
>>>> because the provider has to be configured.
>>>>
>>>> Its not clear why OPENSSL_no_config() is called.
>>>
>>> My best guess is because on old openssl versions it used to work.
>>>
>>>> Remove OPENSSL_no_config() and call OPENSSL_config(NULL)
>>>> instead.
>>>
>>> David, can you please check whether this change works with all openssl versions
>>> we want to support?
>>>
>>
>> Are there any news on this?
>>
> 
> Sorry for the delay. I did some research on this in August but being busy at
> the time eventually forgot about the thread.
> 
> The latest changes that I found in the change log dated back to OpenSSL 0.9.7.
> Walking through the git log for the implementation seems to confirm that.
> 
> However, recent man pages say, that the OPENSSL_config functions are deprecated
> since OpenSSL 1.1.0 and OPENSSL_init_crypto should be used now, so the patch
> might require an extra #if for newer OpenSSL versions.
> 

That would be another patch but does not invalidate this one. mtd-utils
also uses other functions which are deprecated in OpenSSL >= 1.1.0:

OPENSSL_no_config
OpenSSL_add_all_digests
OpenSSL_add_all_algorithms
EVP_cleanup
ERR_free_strings
ERR_load_crypto_strings

You can yield this list via compiling with -DOPENSSL_API_COMPAT=0x10100000L.

______________________________________________________
Linux MTD discussion mailing list
http://lists.infradead.org/mailman/listinfo/linux-mtd/

^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: [PATCH] mkfs.ubifs: remove OPENSSL_no_config()
  2020-09-29 14:05       ` Bastian Germann
@ 2020-10-18 20:44         ` David Oberhollenzer
  0 siblings, 0 replies; 6+ messages in thread
From: David Oberhollenzer @ 2020-10-18 20:44 UTC (permalink / raw)
  To: Bastian Germann, Richard Weinberger; +Cc: linux-mtd

On 9/29/20 4:05 PM, Bastian Germann wrote:
>> However, recent man pages say, that the OPENSSL_config functions are deprecated
>> since OpenSSL 1.1.0 and OPENSSL_init_crypto should be used now, so the patch
>> might require an extra #if for newer OpenSSL versions.
>>
> 
> That would be another patch but does not invalidate this one. mtd-utils
> also uses other functions which are deprecated in OpenSSL >= 1.1.0:
> 
> OPENSSL_no_config
> OpenSSL_add_all_digests
> OpenSSL_add_all_algorithms
> EVP_cleanup
> ERR_free_strings
> ERR_load_crypto_strings
> 
> You can yield this list via compiling with -DOPENSSL_API_COMPAT=0x10100000L.
> 

I agree. Given that there is a longer list of other things to take care of anyway
and since it builds just fine with recent OpenSSL on my end as well, I'll just
apply the patch upstream for now.

______________________________________________________
Linux MTD discussion mailing list
http://lists.infradead.org/mailman/listinfo/linux-mtd/

^ permalink raw reply	[flat|nested] 6+ messages in thread

end of thread, back to index

Thread overview: 6+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-07-24  7:47 [PATCH] mkfs.ubifs: remove OPENSSL_no_config() bage
2020-07-25  8:24 ` Richard Weinberger
2020-09-24 16:40   ` Bastian Germann
2020-09-25  3:15     ` David Oberhollenzer
2020-09-29 14:05       ` Bastian Germann
2020-10-18 20:44         ` David Oberhollenzer

Linux-mtd Archive on lore.kernel.org

Archives are clonable:
	git clone --mirror https://lore.kernel.org/linux-mtd/0 linux-mtd/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 linux-mtd linux-mtd/ https://lore.kernel.org/linux-mtd \
		linux-mtd@lists.infradead.org
	public-inbox-index linux-mtd

Example config snippet for mirrors

Newsgroup available over NNTP:
	nntp://nntp.lore.kernel.org/org.infradead.lists.linux-mtd


AGPL code for this site: git clone https://public-inbox.org/public-inbox.git