67683 – C source code is not compatible with OpenSSL 1.0.2

Bug 67683 - C source code is not compatible with OpenSSL 1.0.2

Summary: C source code is not compatible with OpenSSL 1.0.2

Status:	NEW

Alias:	None

Product:	Tomcat Native
Classification:	Unclassified
Component:	Library (show other bugs)
Version:	1.2.39
Hardware:	All All

Importance:	P2 normal (vote)
Target Milestone:	---
Assignee:	Tomcat Developers Mailing List

URL:
Keywords:

Depends on:
Blocks:

Reported:	2023-10-11 17:00 UTC by Michael Osipov
Modified:	2024-02-06 11:22 UTC (History)
CC List:	1 user (show)

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Michael Osipov 2023-10-11 17:00:46 UTC

Important: I do not expect anything to make this code run with OpenSSL 1.0.2, I just want to outline the following incompat from an example:
Here [1] we say that our code run with 1.0.2 or newer. Let's consider we'd try, then let's have a look at 2c22764c49c06c4a6ccbbcc08021be43de7eba49 SSL#version() and SSL#versionString() use functions in C which aren't listed here [2], so I need to assume that the code isn't compatible anymore.

If my understanding is correct, we should abandon 1.2.x soon and start with 1.3.x, raise to 1.1.1 minimum and remove old pre-1.1.1 checks.

Again: I don't expect or want someone to use it with 1.0.2, but pointing out that our setup is incorrect.

[1] https://github.com/apache/tomcat-native/blob/a2aa5aff32ab1fee2bcdd2fce1446786633eb0ee/native/build/tcnative.m4#L247-L254
[2] https://www.openssl.org/docs/man1.0.2/man3/