X-RT-Original-Encoding: utf-8 Message-ID: <20170808034403.3ED4C8158279@rock.dv.isc.org> X-RT-Interface: Email In-Reply-To: Your message of "Mon, 07 Aug 2017 20:24:24 +0000." Return-Path: Date: Tue, 08 Aug 2017 13:44:03 +1000 Subject: Re: [ISC-Bugs #45706] Bind 9.11.2 doesn't build against OpenSSL 1.1.0 X-RT-Incoming-Encryption: Not encrypted X-Spam-Checker-Version: SpamAssassin 3.4.1 (2015-04-28) on mx.ams1.isc.org content-type: text/plain; charset="utf-8" To: bind9-confidential@isc.org X-Spam-Status: No, score=-2.4 required=5.0 tests=ALL_TRUSTED,BAYES_00, PP_MIME_FAKE_ASCII_TEXT,RP_MATCHES_RCVD autolearn=no autolearn_force=no version=3.4.1 Received: from mx.ams1.isc.org (mx.ams1.isc.org [199.6.1.65]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "mx.ams1.isc.org", Issuer "COMODO RSA Organization Validation Secure Server CA" (not verified)) by bugs.isc.org (Postfix) with ESMTPS id 35F75D78AD2 for ; Tue, 8 Aug 2017 03:44:12 +0000 (UTC) Received: from zmx1.isc.org (zmx1.isc.org [149.20.0.20]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx.ams1.isc.org (Postfix) with ESMTPS id 4884124AE27 for ; Tue, 8 Aug 2017 03:44:02 +0000 (UTC) Received: from zmx1.isc.org (localhost [127.0.0.1]) by zmx1.isc.org (Postfix) with ESMTPS id B50A3160070 for ; Tue, 8 Aug 2017 03:44:07 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by zmx1.isc.org (Postfix) with ESMTP id A31C6160071 for ; Tue, 8 Aug 2017 03:44:07 +0000 (UTC) Received: from zmx1.isc.org ([127.0.0.1]) by localhost (zmx1.isc.org [127.0.0.1]) (amavisd-new, port 10026) with ESMTP id i5rkvAxAhhQ1 for ; Tue, 8 Aug 2017 03:44:07 +0000 (UTC) Received: from rock.dv.isc.org (c27-253-115-14.carlnfd2.nsw.optusnet.com.au [27.253.115.14]) by zmx1.isc.org (Postfix) with ESMTPSA id 5A844160070 for ; Tue, 8 Aug 2017 03:44:07 +0000 (UTC) Received: from rock.dv.isc.org (localhost [IPv6:::1]) by rock.dv.isc.org (Postfix) with ESMTP id 3ED4C8158279 for ; Tue, 8 Aug 2017 13:44:03 +1000 (AEST) References: <99AA2BE6-3CB5-4DFE-AE6E-0BA2891D3A64@redfish-solutions.com> From: "Mark Andrews" X-Original-To: bind9-confidential@bugs.isc.org From marka@isc.org Tue Aug 8 03:44:12 2017 Delivered-To: bind9-confidential@bugs.isc.org RT-Message-ID: Content-Length: 1138 In message , "Philip Prindeville v ia RT" writes: > We’re having a hard time building against OpenSSL 1.1.0 as some of the > functions used were deprecated with 1.0.0 and retired with 1.1.0. I think you mean you were having a hard time buiding against OpenSSL 1.0.X as CRYPTO_THREADID_set_callback and ERR_remove_thread_state are deprecated in OpenSSL 1.1.0. You are having a hard time building it because you don't have a *complete* build of OpenSSL 1.0.X. Deprecated functions are *part* of OpenSSL 1.0.X. deprecated == to be removed in the future While you can build OpenSSL with -DOPENSSL_NO_DEPRECATED=1, that is a build for testing that you are no longer using deprecated functions in your own code. It should *never* be used with third party code. If your OS vendor is shipping OpenSSL with deprecated functions remove log a bug report with them. Mark > He’s a patch to build against OpenSSL 1.1.0. > > I’m running it locally. -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: marka@isc.org