Update the existing heimdal implementation for OpenSSL 1.1.
Existing work is underway to import a newer version of heimdal, but this patchset gets us to a fully working tree to enable more wide spread testing of OpenSSL 1.1 for now. I've also enabled WARNS=1 for kerberos (which is the reason for the change in libroken). Having -Werror enabled was useful during the 1.1 updates and we probably should have warnings enabled by default for kerberos anyway. This passes make tinderbox, and I have also done some very light runtime testing on amd64. Reviewed by: bjk, jkim, emaste Differential Revision: https://reviews.freebsd.org/D17276
This commit is contained in:
@@ -8,6 +8,10 @@ KRB5DIR= ${SRCTOP}/crypto/heimdal
|
||||
|
||||
CFLAGS+= -DHAVE_CONFIG_H -I${.CURDIR:H:H}/include
|
||||
|
||||
WARNS?= 1
|
||||
CWARNFLAGS.clang+= -Wno-error=absolute-value
|
||||
CWARNFLAGS+= -Wno-error=deprecated-declarations
|
||||
|
||||
.if ${MK_OPENLDAP} != "no" && !defined(COMPAT_32BIT)
|
||||
OPENLDAPBASE?= /usr/local
|
||||
LDAPLDADD= -lldap -llber
|
||||
|
||||
@@ -18,9 +18,5 @@
|
||||
#include <openssl/ec.h>
|
||||
#include <openssl/ecdsa.h>
|
||||
#include <openssl/ecdh.h>
|
||||
#ifndef BN_is_negative
|
||||
#define BN_set_negative(bn, flag) ((bn)->neg=(flag)?1:0)
|
||||
#define BN_is_negative(bn) ((bn)->neg != 0)
|
||||
#endif
|
||||
|
||||
#endif /* __crypto_headers_h__ */
|
||||
|
||||
Reference in New Issue
Block a user