OPENSSL_USE_IPV6 -- bio_dgram, vs travis-ci

classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

OPENSSL_USE_IPV6 -- bio_dgram, vs travis-ci

Michael Richardson

bio_dgram has a bunch of #if on: OPENSSL_USE_IPV6, and I thought that this
might be a common #ifdef, but actually it only occurs in that file.

I looked through Configurations, and I didn't see it at all.

Other usage is #ifdef AF_INET6, but IPv6 code is available, but I want to
build without it.

Fundamentally, I want to turn off IPv6 testing off on travis builds, because
travis has IPv6 turned off, see:
       https://github.com/travis-ci/travis-ci/issues/4964
       https://github.com/travis-ci/travis-ci/issues/3302

You can't even bind ::1 on travis.  I hate this jurassic stuff.

--
]               Never tell me the odds!                 | ipv6 mesh networks [
]   Michael Richardson, Sandelman Software Works        | network architect  [
]     [hidden email]  http://www.sandelman.ca/        |   ruby on rails    [


--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

signature.asc (497 bytes) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: OPENSSL_USE_IPV6 -- bio_dgram, vs travis-ci

Richard Levitte - VMS Whacker-2
In message <[hidden email]> on Mon, 05 Feb 2018 12:34:58 -0500, Michael Richardson <[hidden email]> said:

mcr> bio_dgram has a bunch of #if on: OPENSSL_USE_IPV6, and I thought that this
mcr> might be a common #ifdef, but actually it only occurs in that file.
mcr>
mcr> I looked through Configurations, and I didn't see it at all.

I assume we're talking about OpenSSL 1.1.0 and newer.

It's defined to be 0 or 1 in include/internal/sockets.h, here are the
relevant lines:

    # if !defined(OPENSSL_USE_IPV6)
    #  if defined(AF_INET6)
    #   define OPENSSL_USE_IPV6 1
    #  else
    #   define OPENSSL_USE_IPV6 0
    #  endif
    # endif

You're right, though, that we're sloppy in using this...  and quite
frankly, I'd argue that OPENSSL_USE_IPV6 should be removed entirely,
as it's an artifact from longago, when IPv6 support wasn't the best.

mcr> Other usage is #ifdef AF_INET6, but IPv6 code is available, but I
mcr> want to build without it.

I'm not sure I understand why...  more below.

mcr> Fundamentally, I want to turn off IPv6 testing off on travis builds, because
mcr> travis has IPv6 turned off, see:
mcr>        https://github.com/travis-ci/travis-ci/issues/4964
mcr>        https://github.com/travis-ci/travis-ci/issues/3302
mcr>
mcr> You can't even bind ::1 on travis.  I hate this jurassic stuff.

OK, so here's another possibility...  if you don't want to use IPv6,
then don't use it!  From an OpenSSL perspective, there are many
possibilities to get IPv4 only even if it's built to allow IPv6 as
well.  When creating a socket, regardless of if you use socket() or
BIO_socket(), you can use AF_UNSPEC, AF_INET or AF_INET6 at your
leasure.  When looking up an address with BIO_lookup_ex, you can
specify the address family the same way.  'openssl s_client' and
'openssl s_server' both take options -4 and -6 to say which address
family should be used.

Now, this ties back to your request on building.  Why should you
disable the building of IPv6 code, just because you don't want to use
it?

Cheers,
Richard

--
Richard Levitte         [hidden email]
OpenSSL Project         http://www.openssl.org/~levitte/
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Reply | Threaded
Open this post in threaded view
|

Re: OPENSSL_USE_IPV6 -- bio_dgram, vs travis-ci

Michael Richardson

Richard Levitte <[hidden email]> wrote:
    > It's defined to be 0 or 1 in include/internal/sockets.h, here are the
    > relevant lines:

yeah, my eyes missed that in the grep output.
I saw no place in Configurations/ where it was either set or not set.

    mcr> https://github.com/travis-ci/travis-ci/issues/3302
    mcr>
    mcr> You can't even bind ::1 on travis.  I hate this jurassic stuff.

    > OK, so here's another possibility...  if you don't want to use IPv6,
    > then don't use it!  From an OpenSSL perspective, there are many

Uhm. The point is that my regression test will fail on travis-ci if I try to
test the IPv6 pathways, because you can't bind even ::1 on Travis-ci.

I've done a different hack which is probably equally stupid, which is to put
        - TRAVISCI_NO_IPV6=true

into .travis.yml and test for it in the regression test.  At least that means
that travis will *compile* the code, and we'll know if the IPv6 code fails to
compile at some point, even if we can't run it on travis.

{I should probably have made this a github issue... but... web browsers...}

--
]               Never tell me the odds!                 | ipv6 mesh networks [
]   Michael Richardson, Sandelman Software Works        | network architect  [
]     [hidden email]  http://www.sandelman.ca/        |   ruby on rails    [


--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

signature.asc (497 bytes) Download Attachment