Bug #45706 for bind9-public: [PATCH] Bind 9.11.2 doesn't build against OpenSSL 1.1.0

Mon, 07 Aug 2017 16:24:24 -0400 Philip Prindeville <philipp@redfish-solutions.com> - Ticket created

Subject:	Bind 9.11.2 doesn't build against OpenSSL 1.1.0
Date:	Mon, 7 Aug 2017 14:24:17 -0600
To:	bind-bugs@isc.org
From:	"Philip Prindeville" <philipp@redfish-solutions.com>

We’re having a hard time building against OpenSSL 1.1.0 as some of the functions used were deprecated with 1.0.0 and retired with 1.1.0. He’s a patch to build against OpenSSL 1.1.0. I’m running it locally.

003-openssl-1.1.0-thread-fix.patch

Message body not shown because it is not plain text.

Mon, 07 Aug 2017 16:33:53 -0400 Vicky Risk <vicky@isc.org> - Subject changed from 'Bind 9.11.2 doesn't build against OpenSSL 1.1.0' to '[PATCH] Bind 9.11.2 doesn't build against OpenSSL 1.1.0'

Mon, 07 Aug 2017 16:33:53 -0400 Vicky Risk <vicky@isc.org> - Queue changed from #6 to bind9-public

Mon, 07 Aug 2017 16:33:54 -0400 Vicky Risk <vicky@isc.org> - Area bug added

Mon, 07 Aug 2017 23:44:13 -0400 Mark Andrews <marka@isc.org> - Correspondence added

Date:	Tue, 08 Aug 2017 13:44:03 +1000
Subject:	Re: [ISC-Bugs #45706] Bind 9.11.2 doesn't build against OpenSSL 1.1.0
To:	bind9-confidential@isc.org
From:	"Mark Andrews" <marka@isc.org>

In message <rt-4.4.1-67927-1502137464-347.45706-3-0@isc.org>, "Philip Prindeville v ia RT" writes: > We’re having a hard time building against OpenSSL 1.1.0 as some of the > functions used were deprecated with 1.0.0 and retired with 1.1.0. I think you mean you were having a hard time buiding against OpenSSL 1.0.X as CRYPTO_THREADID_set_callback and ERR_remove_thread_state are deprecated in OpenSSL 1.1.0. You are having a hard time building it because you don't have a *complete* build of OpenSSL 1.0.X. Deprecated functions are *part* of OpenSSL 1.0.X. deprecated == to be removed in the future While you can build OpenSSL with -DOPENSSL_NO_DEPRECATED=1, that is a build for testing that you are no longer using deprecated functions in your own code. It should *never* be used with third party code. If your OS vendor is shipping OpenSSL with deprecated functions remove log a bug report with them. Mark > He’s a patch to build against OpenSSL 1.1.0. > > I’m running it locally. -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: marka@isc.org

Mon, 07 Aug 2017 23:44:13 -0400 The RT System itself - Status changed from 'new' to 'open'

Mon, 07 Aug 2017 23:55:19 -0400 Mark Andrews <marka@isc.org> - Correspondence added

rt45706 is ready for testing. This allows named to be built OpenSSL 1.0.2 and OpenSSL 1.1.0 with deprecated functions removed.

Wed, 09 Aug 2017 00:06:22 -0400 Mark Andrews <marka@isc.org> - Status changed from 'open' to 'review'

Wed, 09 Aug 2017 00:06:35 -0400 Mark Andrews <marka@isc.org> - Priority P2 Normal added

Wed, 09 Aug 2017 00:06:36 -0400 Mark Andrews <marka@isc.org> - Severity S2 Normal added

Wed, 09 Aug 2017 03:46:33 -0400 Evan Hunt <Evan_Hunt@isc.org> - Correspondence added

This looks fine, and I confirmed it builds on both 1.1.0 and 1.0.2.

Wed, 09 Aug 2017 03:46:34 -0400 Evan Hunt <Evan_Hunt@isc.org> - Given to Mark Andrews <marka@isc.org>

Wed, 09 Aug 2017 20:18:24 -0400 Mark Andrews <marka@isc.org> - Version Fixed 9.9.12, 9.9.12(sub), 9.10.7, 9.10.7(sub), 9.11.3, 9.12.0 added

Wed, 09 Aug 2017 20:18:24 -0400 Mark Andrews <marka@isc.org> - Correspondence added

4676. [cleanup] Allow BIND to be built using OpenSSL 1.0.X with deprecated functions removed. [RT #45706]

Wed, 09 Aug 2017 20:18:26 -0400 Mark Andrews <marka@isc.org> - Status changed from 'review' to 'resolved'

Wed, 09 Aug 2017 20:18:26 -0400 Mark Andrews <marka@isc.org> - Untaken

Created:	Mon, 07 Aug 2017 16:24:24 -0400
Updated:	Wed, 09 Aug 2017 20:18:26 -0400
Closed:	Wed, 09 Aug 2017 20:18:25 -0400

Bug #45706 for bind9-public: [PATCH] Bind 9.11.2 doesn't build against OpenSSL 1.1.0

This bug tracker is no longer active.