Can you suggest any technical name for changing sources from openssl-1.0.2 to openssl-1.1.0?

classic Classic list List threaded Threaded
9 messages Options
Reply | Threaded
Open this post in threaded view
|

Can you suggest any technical name for changing sources from openssl-1.0.2 to openssl-1.1.0?

Gupta, Saurabh

Can you please suggest any technical name for changing sources from openssl-1.0.2 to openssl-1.1.0 because we are supporting both openssl versions and To maintain these sources we are using #ifdef and #else preprocessor statement.


We are looking some technical <name> to make the difference between these sources.

#ifdef <name>

// openssl 1.1.0 sources

#else

// openssl 1.0.2 sources

#endif


--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Reply | Threaded
Open this post in threaded view
|

Re: Can you suggest any technical name for changing sources from openssl-1.0.2 to openssl-1.1.0?

Salz, Rich

Look at the OPENSSL version define.


--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Reply | Threaded
Open this post in threaded view
|

Re: Can you suggest any technical name for changing sources from openssl-1.0.2 to openssl-1.1.0?

Kenneth Goldman
I'd like an answer to this one also.  I could not find that define.  I
did find about 10 variations, all uncommented.

Could someone simply post the definitive answer?

On 11/23/2016 8:50 AM, Salz, Rich wrote:
> Look at the OPENSSL version define.
>
>
>


--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Reply | Threaded
Open this post in threaded view
|

Re: Can you suggest any technical name for changing sources from openssl-1.0.2 to openssl-1.1.0?

Salz, Rich
Perhaps I didn't understand the original question.  If all you want to do is compare 1.0.2 and 1.1.0, then look at OPENSSL_VERSION_NUMBER; if defined at it's 0x10101000L or greater, then you;'re on the 1.1.x branch, otherwise you are not and therefore on 1.0.2 or earlier.

--  
Senior Architect, Akamai Technologies
Member, OpenSSL Dev Team
IM: [hidden email] Twitter: RichSalz
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Reply | Threaded
Open this post in threaded view
|

Re: Can you suggest any technical name for changing sources from openssl-1.0.2 to openssl-1.1.0?

Viktor Dukhovni

> On Nov 28, 2016, at 3:40 PM, Salz, Rich <[hidden email]> wrote:
>
> Perhaps I didn't understand the original question.  If all you want to do is compare 1.0.2 and 1.1.0, then look at OPENSSL_VERSION_NUMBER; if defined at it's 0x10101000L or greater, then you;'re on the 1.1.x branch, otherwise you are not and therefore on 1.0.2 or earlier.

The OPENSSL_VERSION_NUMBER macro dates back to some of the earliest
OpenSSL releases, and is therefore always defined.  Postfix has the
following comment in src/tls/tls_misc.c which covers the relevant
history:

    /*
     * OPENSSL_VERSION_NUMBER(3):
     *
     * OPENSSL_VERSION_NUMBER is a numeric release version identifier:
     *
     * MMNNFFPPS: major minor fix patch status
     *
     * The status nibble has one of the values 0 for development, 1 to e for
     * betas 1 to 14, and f for release. Parsed OpenSSL version number. for
     * example
     *
     * 0x000906000 == 0.9.6 dev 0x000906023 == 0.9.6b beta 3 0x00090605f ==
     * 0.9.6e release
     *
     * Versions prior to 0.9.3 have identifiers < 0x0930.  Versions between
     * 0.9.3 and 0.9.5 had a version identifier with this interpretation:
     *
     * MMNNFFRBB major minor fix final beta/patch
     *
     * for example
     *
     * 0x000904100 == 0.9.4 release 0x000905000 == 0.9.5 dev
     *
     * Version 0.9.5a had an interim interpretation that is like the current
     * one, except the patch level got the highest bit set, to keep continu-
     * ity.  The number was therefore 0x0090581f.
     */

--
        Viktor.

--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Reply | Threaded
Open this post in threaded view
|

Re: Can you suggest any technical name for changing sources from openssl-1.0.2 to openssl-1.1.0?

Kenneth Goldman
In reply to this post by Salz, Rich
On 11/28/2016 3:40 PM, Salz, Rich wrote:
> Perhaps I didn't understand the original question.  If all you want
> to do is compare 1.0.2 and 1.1.0, then look at
> OPENSSL_VERSION_NUMBER; if defined at it's 0x10101000L or greater,
> then you;'re on the 1.1.x branch, otherwise you are not and therefore
> on 1.0.2 or earlier.

I want to compare pre 1.1 (typically 1.0) and 1.1 and up.

My 1.0 has

./opensslv.h:#define OPENSSL_VERSION_NUMBER 0x1000105fL

My 1.1 has

./openssl/opensslv.h:# define OPENSSL_VERSION_NUMBER  0x1010003fL

Neither agree with your example, but would comparing to 0x10100000  work?

--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Reply | Threaded
Open this post in threaded view
|

Re: Can you suggest any technical name for changing sources from openssl-1.0.2 to openssl-1.1.0?

Viktor Dukhovni
On Mon, Nov 28, 2016 at 04:06:33PM -0500, Ken Goldman wrote:

> On 11/28/2016 3:40 PM, Salz, Rich wrote:
> >Perhaps I didn't understand the original question.  If all you want
> >to do is compare 1.0.2 and 1.1.0, then look at
> >OPENSSL_VERSION_NUMBER; if defined at it's 0x10101000L or greater,
> >then you;'re on the 1.1.x branch, otherwise you are not and therefore
> >on 1.0.2 or earlier.
>
> I want to compare pre 1.1 (typically 1.0) and 1.1 and up.
>
> My 1.0 has
>
> ./opensslv.h:#define OPENSSL_VERSION_NUMBER 0x1000105fL
>
> My 1.1 has
>
> ./openssl/opensslv.h:# define OPENSSL_VERSION_NUMBER  0x1010003fL
>
> Neither agree with your example, but would comparing to 0x10100000  work?

To test for 1.1.0 and up:

        #if OPENSSL_VERSION_NUMBER > 0x10100000
        ...
        #endif

(testing for equality is not needed, that would be a a dev release
that predates all the betas).

--
        Viktor.
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Reply | Threaded
Open this post in threaded view
|

Re: Can you suggest any technical name for changing sources from openssl-1.0.2 to openssl-1.1.0?

Jakob Bohm-7
In reply to this post by Viktor Dukhovni
On 28/11/2016 21:50, Viktor Dukhovni wrote:

>> On Nov 28, 2016, at 3:40 PM, Salz, Rich <[hidden email]> wrote:
>>
>> Perhaps I didn't understand the original question.  If all you want to do is compare 1.0.2 and 1.1.0, then look at OPENSSL_VERSION_NUMBER; if defined at it's 0x10101000L or greater, then you;'re on the 1.1.x branch, otherwise you are not and therefore on 1.0.2 or earlier.
> The OPENSSL_VERSION_NUMBER macro dates back to some of the earliest
> OpenSSL releases, and is therefore always defined.  Postfix has the
> following comment in src/tls/tls_misc.c which covers the relevant
> history:
>
>      /*
>       * OPENSSL_VERSION_NUMBER(3):
>       *
>       * OPENSSL_VERSION_NUMBER is a numeric release version identifier:
>       *
>       * MMNNFFPPS: major minor fix patch status
>       *
Shouldn't this be
MNNFFPPS: major minor fix patch status (only 1 nibble for major)

>       * The status nibble has one of the values 0 for development, 1 to e for
>       * betas 1 to 14, and f for release. Parsed OpenSSL version number. for
>       * example
>       *
>       * 0x000906000 == 0.9.6 dev 0x000906023 == 0.9.6b beta 3 0x00090605f ==
>       * 0.9.6e release
>       *
>       * Versions prior to 0.9.3 have identifiers < 0x0930.  Versions between
>       * 0.9.3 and 0.9.5 had a version identifier with this interpretation:
>       *
>       * MMNNFFRBB major minor fix final beta/patch
>       *
>       * for example
>       *
>       * 0x000904100 == 0.9.4 release 0x000905000 == 0.9.5 dev
>       *
>       * Version 0.9.5a had an interim interpretation that is like the current
>       * one, except the patch level got the highest bit set, to keep continu-
>       * ity.  The number was therefore 0x0090581f.
>       */
>



Enjoy

Jakob
--
Jakob Bohm, CIO, Partner, WiseMo A/S.  https://www.wisemo.com
Transformervej 29, 2860 Søborg, Denmark.  Direct +45 31 13 16 10
This public discussion message is non-binding and may contain errors.
WiseMo - Remote Service Management for PCs, Phones and Embedded

--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Reply | Threaded
Open this post in threaded view
|

Re: Can you suggest any technical name for changing sources from openssl-1.0.2 to openssl-1.1.0?

Viktor Dukhovni

> On Nov 29, 2016, at 10:12 AM, Jakob Bohm <[hidden email]> wrote:
>
>>     /*
>>      * OPENSSL_VERSION_NUMBER(3):
>>      *
>>      * OPENSSL_VERSION_NUMBER is a numeric release version identifier:
>>      *
>>      * MMNNFFPPS: major minor fix patch status
>>      *
>
> Shouldn't this be
> MNNFFPPS: major minor fix patch status (only 1 nibble for major)

Yes, the comment in that file has an extra nibble for the major number,
but for portability reasons the version number is only 32 bits.

The code below the comment parses the unsigned long version number as
follows:

    if (version < 0x0930) {
        info->status = 0;
        info->patch = version & 0x0f;
        version >>= 4;
        info->micro = version & 0x0f;
        version >>= 4;
        info->minor = version & 0x0f;
        version >>= 4;
        info->major = version & 0x0f;
    } else if (version < 0x00905800L) {
        info->patch = version & 0xff;
        version >>= 8;
        info->status = version & 0xf;
        version >>= 4;
        info->micro = version & 0xff;
        version >>= 8;
        info->minor = version & 0xff;
        version >>= 8;
        info->major = version & 0xff;
    } else {
        info->status = version & 0xf;
        version >>= 4;
        info->patch = version & 0xff;
        version >>= 8;
        info->micro = version & 0xff;
        version >>= 8;
        info->minor = version & 0xff;
        version >>= 8;
        info->major = version & 0xff;
        if (version < 0x00906000L)
            info->patch &= ~0x80;
    }

So it could produce a major version > 15 on systems where long
is > 32 bits, but that's unlikely on the OpenSSL side at present.

--
        Viktor.

--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users