openssl: enable OPENSSL_WITH_DEPRECATED when OpenSSL is built as a build dep

Some package (e.g. libunbound) depend on OPENSSL_WITH_DEPRECATED. In some
situations it may happen that libunbound and openssl are only pulled in as
build dependencies, but are not enabled in .config.

In such cases, the defaults of symbols like OPENSSL_WITH_DEPRECATED are
ignored (as the whole symbol depends on PACKAGE_libopenssl), and config
symbol dependencies of libunbound aren't effective either (as libunbound
is not actually enabled).

This commit works around the issue by introducing a hidden negated symbol
OPENSSL_NO_DEPRECATED, which is always disabled when PACKAGE_libopenssl is
disabled, and ensures that OpenSSL is built with deprecated APIs in this
case. A user can still manage to break the build by explicitly enabling
libopenssl and disabling OPENSSL_WITH_DEPRECATED; the interaction between
build dependencies and config symbols will require further discussion.

Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
This commit is contained in:
Matthias Schiffer 2018-10-30 20:38:34 +01:00
parent 3dba852547
commit dd9da51462
No known key found for this signature in database
GPG key ID: 16EF3F64CB201D9C
2 changed files with 6 additions and 2 deletions

View file

@ -20,6 +20,10 @@ config OPENSSL_WITH_DEPRECATED
default y
prompt "Include deprecated APIs"
config OPENSSL_NO_DEPRECATED
bool
default !OPENSSL_WITH_DEPRECATED
config OPENSSL_WITH_DTLS
bool
default n

View file

@ -36,7 +36,7 @@ PKG_CONFIG_DEPENDS:= \
CONFIG_OPENSSL_WITH_EC2M \
CONFIG_OPENSSL_WITH_SSL3 \
CONFIG_OPENSSL_HARDWARE_SUPPORT \
CONFIG_OPENSSL_WITH_DEPRECATED \
CONFIG_OPENSSL_NO_DEPRECATED \
CONFIG_OPENSSL_WITH_DTLS \
CONFIG_OPENSSL_WITH_COMPRESSION \
CONFIG_OPENSSL_WITH_NPN \
@ -130,7 +130,7 @@ ifndef CONFIG_OPENSSL_HARDWARE_SUPPORT
OPENSSL_OPTIONS += no-hw
endif
ifndef CONFIG_OPENSSL_WITH_DEPRECATED
ifdef CONFIG_OPENSSL_NO_DEPRECATED
OPENSSL_OPTIONS += no-deprecated
endif