You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
84 lines
3.2 KiB
84 lines
3.2 KiB
From 202ff1372a40a8adf9aac74bfe8a39141b0c57e5 Mon Sep 17 00:00:00 2001 |
|
From: Kazuki Yamaguchi <k@rhe.jp> |
|
Date: Mon, 27 Sep 2021 00:38:38 +0900 |
|
Subject: [PATCH] ext/openssl/extconf.rb: require OpenSSL version >= 1.0.1, < 3 |
|
|
|
Ruby/OpenSSL 2.1.x and 2.2.x will not support OpenSSL 3.0 API. Let's |
|
make extconf.rb explicitly check the version number to be within the |
|
acceptable range, since it will not compile anyway. |
|
|
|
Reference: https://bugs.ruby-lang.org/issues/18192 |
|
--- |
|
ext/openssl/extconf.rb | 43 ++++++++++++++++++++++++------------------ |
|
1 file changed, 25 insertions(+), 18 deletions(-) |
|
|
|
diff --git a/ext/openssl/extconf.rb b/ext/openssl/extconf.rb |
|
index 264130bb..7e817ae2 100644 |
|
--- a/ext/openssl/extconf.rb |
|
+++ b/ext/openssl/extconf.rb |
|
@@ -33,9 +33,6 @@ |
|
have_library("ws2_32") |
|
end |
|
|
|
-Logging::message "=== Checking for required stuff... ===\n" |
|
-result = pkg_config("openssl") && have_header("openssl/ssl.h") |
|
- |
|
if $mingw |
|
append_cflags '-D_FORTIFY_SOURCE=2' |
|
append_ldflags '-fstack-protector' |
|
@@ -92,19 +89,33 @@ def find_openssl_library |
|
return false |
|
end |
|
|
|
-unless result |
|
- unless find_openssl_library |
|
- Logging::message "=== Checking for required stuff failed. ===\n" |
|
- Logging::message "Makefile wasn't created. Fix the errors above.\n" |
|
- raise "OpenSSL library could not be found. You might want to use " \ |
|
- "--with-openssl-dir=<dir> option to specify the prefix where OpenSSL " \ |
|
- "is installed." |
|
- end |
|
+Logging::message "=== Checking for required stuff... ===\n" |
|
+pkg_config_found = pkg_config("openssl") && have_header("openssl/ssl.h") |
|
+ |
|
+if !pkg_config_found && !find_openssl_library |
|
+ Logging::message "=== Checking for required stuff failed. ===\n" |
|
+ Logging::message "Makefile wasn't created. Fix the errors above.\n" |
|
+ raise "OpenSSL library could not be found. You might want to use " \ |
|
+ "--with-openssl-dir=<dir> option to specify the prefix where OpenSSL " \ |
|
+ "is installed." |
|
end |
|
|
|
-unless checking_for("OpenSSL version is 1.0.1 or later") { |
|
- try_static_assert("OPENSSL_VERSION_NUMBER >= 0x10001000L", "openssl/opensslv.h") } |
|
- raise "OpenSSL >= 1.0.1 or LibreSSL is required" |
|
+version_ok = if have_macro("LIBRESSL_VERSION_NUMBER", "openssl/opensslv.h") |
|
+ is_libressl = true |
|
+ checking_for("LibreSSL version >= 2.5.0") { |
|
+ try_static_assert("LIBRESSL_VERSION_NUMBER >= 0x20500000L", "openssl/opensslv.h") } |
|
+else |
|
+ checking_for("OpenSSL version >= 1.0.1 and < 3.0.0") { |
|
+ try_static_assert("OPENSSL_VERSION_NUMBER >= 0x10001000L", "openssl/opensslv.h") && |
|
+ !try_static_assert("OPENSSL_VERSION_MAJOR >= 3", "openssl/opensslv.h") } |
|
+end |
|
+unless version_ok |
|
+ raise "OpenSSL >= 1.0.1, < 3.0.0 or LibreSSL >= 2.5.0 is required" |
|
+end |
|
+ |
|
+# Prevent wincrypt.h from being included, which defines conflicting macro with openssl/x509.h |
|
+if is_libressl && ($mswin || $mingw) |
|
+ $defs.push("-DNOCRYPT") |
|
end |
|
|
|
Logging::message "=== Checking for OpenSSL features... ===\n" |
|
@@ -116,10 +127,6 @@ def find_openssl_library |
|
have_func("ENGINE_load_#{name}()", "openssl/engine.h") |
|
} |
|
|
|
-if ($mswin || $mingw) && have_macro("LIBRESSL_VERSION_NUMBER", "openssl/opensslv.h") |
|
- $defs.push("-DNOCRYPT") |
|
-end |
|
- |
|
# added in 1.0.2 |
|
have_func("EC_curve_nist2nid") |
|
have_func("X509_REVOKED_dup")
|
|
|