3์ 21์ผ์ ์ถ์๋ LibreSSL 2.7.0์ผ๋ก H2O๋ฅผ ๊ตฌ์ถํด ๋ณด์์ต๋๋ค.
๊ทธ๋ฐ ๋ค์ ์๋ ์ค๋ฅ ๋ฉ์์ง์ ํจ๊ป ๋น๋ ํ๋ก์ธ์ค๊ฐ ์คํจํฉ๋๋ค.
(๋ง์คํฐ ๋ธ๋์น(์ปค๋ฐ 0376131) ๋ฐ H2O v2.2.4 ๋ชจ๋)
In file included from //rpmbuild/BUILD/repo/include/h2o/socket.h:34:0,
from //rpmbuild/BUILD/repo/include/h2o/multithread.h:27,
from //rpmbuild/BUILD/repo/include/h2o/hostinfo.h:32,
from //rpmbuild/BUILD/repo/lib/common/hostinfo.c:22:
//rpmbuild/BUILD/repo/include/h2o/openssl_backport.h:37:27: error: static declaration of 'BIO_meth_new' follows non-static declaration
static inline BIO_METHOD *BIO_meth_new(int type, const char *name)
^~~~~~~~~~~~
In file included from /var/tmp/h2o-nightly-2.3.0-0.nightly20180323t195237.git0376131.el7.jp3cki-libressl-2.7.0-root/include/openssl/evp.h:67:0,
from /var/tmp/h2o-nightly-2.3.0-0.nightly20180323t195237.git0376131.el7.jp3cki-libressl-2.7.0-root/include/openssl/hmac.h:67,
from /var/tmp/h2o-nightly-2.3.0-0.nightly20180323t195237.git0376131.el7.jp3cki-libressl-2.7.0-root/include/openssl/ssl.h:149,
from //rpmbuild/BUILD/repo/include/h2o/socket.h:31,
from //rpmbuild/BUILD/repo/include/h2o/multithread.h:27,
from //rpmbuild/BUILD/repo/include/h2o/hostinfo.h:32,
from //rpmbuild/BUILD/repo/lib/common/hostinfo.c:22:
/var/tmp/h2o-nightly-2.3.0-0.nightly20180323t195237.git0376131.el7.jp3cki-libressl-2.7.0-root/include/openssl/bio.h:338:13: note: previous declaration of 'BIO_meth_new' was here
BIO_METHOD *BIO_meth_new(int type, const char *name);
^~~~~~~~~~~~
make[2]: *** [CMakeFiles/libh2o-evloop.dir/lib/common/hostinfo.c.o] Error 1
make[2]: *** Waiting for unfinished jobs....
LibreSSL์ ๋ฆด๋ฆฌ์ค ๋ ธํธ์๋ "๋ง์ OpenSSL 1.0.2 ๋ฐ 1.1 API์ ๋ํ ์ง์์ด ์ถ๊ฐ๋์์ต๋๋ค"๋ผ๊ณ ๋์ ์์ผ๋ฉฐ H2O์ ๋ฐฑํฌํธ ์ฝ๋๊ฐ ํธํ๋์ง ์๋ ๊ฒ์ผ๋ก ๋ณด์ ๋๋ค.
๋๋ ์ด ๋ฌธ์ ๊ฐ ํ๊ฒฝ์ ์์กดํ๋ค๊ณ ์๊ฐํ์ง ์์ง๋ง ๋ด ํ๊ฒฝ์ ์ค๋ช ํฉ๋๋ค.
cmake -DWITH_MRUBY=on -DCMAKE_INSTALL_PREFIX=%{_prefix} -DCMAKE_INCLUDE_PATH=%{libressl_root}/include -DCMAKE_LIBRARY_PATH=%{libressl_root}/lib
LibreSSL 2.6.4์ ๋์ผํ ๋น๋ ์คํฌ๋ฆฝํธ๋ก ๋น๋ํ ์ ์์ต๋๋ค.
์๋ 3๊ฐ์ ํจ์น๋ฅผ ์ ์ฉํ๋ฉด ์๋ํ ์ ์์ต๋๋ค.
diff --git a/include/h2o/openssl_backport.h b/include/h2o/openssl_backport.h
index b24440e..b59a519 100644
--- a/include/h2o/openssl_backport.h
+++ b/include/h2o/openssl_backport.h
@@ -25,7 +25,7 @@
#include <stdlib.h>
/* backports for OpenSSL 1.0.2 */
-#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
+#if OPENSSL_VERSION_NUMBER < 0x10100000L || (defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x2070000fL)
#define BIO_get_data(bio) ((bio)->ptr)
#define BIO_set_data(bio, p) ((bio)->ptr = (p))
@@ -57,7 +58,7 @@ static inline BIO_METHOD *BIO_meth_new(int type, const char *name)
#endif
/* backports for OpenSSL 1.0.1 and LibreSSL */
-#if OPENSSL_VERSION_NUMBER < 0x10002000L || defined(LIBRESSL_VERSION_NUMBER)
+#if OPENSSL_VERSION_NUMBER < 0x10002000L || (defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x2070000fL)
#define SSL_is_server(ssl) ((ssl)->server)
```ํจ์น
diff --git a/deps/neverbleed/neverbleed.cb/deps/neverbleed/neverbleed.c
์์ธ 29b35a9..42356a6 100644
--- a/deps/neverbleed/neverbleed.c
+++ b/deps/neverbleed/neverbleed.c
@@ -547,7 +547,7 @@ static int sign_stub(๊ตฌ์กฐ์ฒด expbuf_t *buf)
๋ฐํ 0;
}
-#if !OPENSSL_1_1_API
+#if !OPENSSL_1_1_API && (!์ ์(LIBRESSL_VERSION_NUMBER) || LIBRESSL_VERSION_NUMBER < 0x2070000fL)
์ ์ ๋ฌดํจ RSA_get0_key(const RSA rsa, const BIGNUM * n, const BIGNUM *e, const BIGNUM * d)
{
```patch
diff --git a/deps/picotls/lib/openssl.c b/deps/picotls/lib/openssl.c
index a19a29a..c4dfccb 100644
--- a/deps/picotls/lib/openssl.c
+++ b/deps/picotls/lib/openssl.c
@@ -41,13 +41,15 @@
#include "picotls.h"
#include "picotls/openssl.h"
-#if (OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER))
-#define OPENSSL_1_0_API 1
+#if !defined(LIBRESSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER >= 0x10100000L
+#define OPENSSL_1_1_API 1
+#elif defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER >= 0x2070000fL
+#define OPENSSL_1_1_API 1
#else
-#define OPENSSL_1_0_API 0
+#define OPENSSL_1_1_API 0
#endif
-#if OPENSSL_1_0_API
+#if !OPENSSL_1_1_API
#define EVP_PKEY_up_ref(p) CRYPTO_add(&(p)->references, 1, CRYPTO_LOCK_EVP_PKEY)
#define X509_STORE_up_ref(p) CRYPTO_add(&(p)->references, 1, CRYPTO_LOCK_X509_STORE)
(์ฐธ๊ณ : "H2O 2.2.4+"๋ "H2O 2.2.4 + ํจ์น"๋ฅผ ์๋ฏธํฉ๋๋ค)
์ข์ ์บ์น!
LibreSSL < 2.7.0์์ ํ ์คํธ๋์ง ์์
OpenBSD 6.2์์ LibreSSL 2.6.3์ ์ฌ์ฉํ์ฌ H2O 2.2.4 ๋ฐ ๋ง์คํฐ ํจ์น๋ฅผ ์ฑ๊ณต์ ์ผ๋ก ๋น๋ํ ์ ์์์ ํ์ธํ์ต๋๋ค.
์ด๊ฒ์ด LibreSSL 2.7.1์ด ์๋ FreeBSD์์ ์๋ํ๋์ง ํ์ธํ์ญ์์ค.
์ฌ๊ธฐ์์ ํจ์น
H2O-HEAD ๋ฐ๋๋ผ + LibreSSL 2.7.2๋ฅผ ๊ตฌ์ถํ์ผ๋ฉฐ ์๋ํฉ๋๋ค.
์ง๊ธ ์ด ๋ฌธ์ ๋ฅผ ๋ซ์ต๋๋ค.
์์ง ์ถ์๋์ง ์์์ต๋๋ค.
๋ฆด๋ฆฌ์ค ๋ฒ์ (v2.2.4) + LibreSSL 2.7.x๋ฅผ ๋น๋ํ๋ ๊ฒฝ์ฐ ์ฌ์ ํ ์์ ํจ์น๊ฐ ํ์ํฉ๋๋ค.
@kazuho ์์ ์ ๊ฐ์ฌ๋๋ฆฝ๋๋ค.
๊ฐ์ฅ ์ ์ฉํ ๋๊ธ
์๋ 3๊ฐ์ ํจ์น๋ฅผ ์ ์ฉํ๋ฉด ์๋ํ ์ ์์ต๋๋ค.
```ํจ์น
diff --git a/deps/neverbleed/neverbleed.cb/deps/neverbleed/neverbleed.c
์์ธ 29b35a9..42356a6 100644
--- a/deps/neverbleed/neverbleed.c
+++ b/deps/neverbleed/neverbleed.c
@@ -547,7 +547,7 @@ static int sign_stub(๊ตฌ์กฐ์ฒด expbuf_t *buf)
๋ฐํ 0;
}
-#if !OPENSSL_1_1_API
+#if !OPENSSL_1_1_API && (!์ ์(LIBRESSL_VERSION_NUMBER) || LIBRESSL_VERSION_NUMBER < 0x2070000fL)
์ ์ ๋ฌดํจ RSA_get0_key(const RSA rsa, const BIGNUM * n, const BIGNUM *e, const BIGNUM * d)
{
(์ฐธ๊ณ : "H2O 2.2.4+"๋ "H2O 2.2.4 + ํจ์น"๋ฅผ ์๋ฏธํฉ๋๋ค)