Broken for OpenSSL 1.1

Hal Murray halmurray at
Thu Dec 22 04:03:05 UTC 2022

> but if breaking OpenSSL 1.1 was unintentional, then it needs to  be fixed

I'm not aware of any intententional breakage.  I'm pretty sure we would have 
done it at configure time.

I have git head building on several older systems that are still using 1.1
I'm pretty sure that at least one of them is running but I'd have to poke 
around a bit to verify that.

What version of 1.1 is MacPorts using?  Are they doing anything non-standard?

The CMAC stuff was never supported and is now deprecated.  If we are going to 
have troubles like this, that's a likely corner.

devel at said:
> Undefined symbols:
>    "_EVP_CIPHER_key_length", referenced from:
>        _check_key_length in libntp.a(authreadkeys.c.1.o)
>        _check_mac_length in libntp.a(authreadkeys.c.1.o)
>    "_SSL_get_peer_certificate", referenced from:
>        _check_certificate in nts_client.c.1.o ld: symbol(s) not found
> collect2: ld returned 1 exit status 

Those are underbar symbols.  I don't think we use any of them directly.  
Current man page says:
[big long list]
       functions were renamed to include "get" or "get0" in their names in
       OpenSSL 3.0, respectively. The old names are kept as non-deprecated
       alias macros.

These are my opinions.  I hate spam.

More information about the devel mailing list