Some package (e.g. libunbound) depend on OPENSSL_WITH_DEPRECATED. In some
situations it may happen that libunbound and openssl are only pulled in as
build dependencies, but are not enabled in .config.
In such cases, the defaults of symbols like OPENSSL_WITH_DEPRECATED are
ignored (as the whole symbol depends on PACKAGE_libopenssl), and config
symbol dependencies of libunbound aren't effective either (as libunbound
is not actually enabled).
This commit works around the issue by introducing a hidden negated symbol
OPENSSL_NO_DEPRECATED, which is always disabled when PACKAGE_libopenssl is
disabled, and ensures that OpenSSL is built with deprecated APIs in this
case. A user can still manage to break the build by explicitly enabling
libopenssl and disabling OPENSSL_WITH_DEPRECATED; the interaction between
build dependencies and config symbols will require further discussion.
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
(backported from
dd9da5146299b769fad874d32a8ae110312cb68f)
default y
prompt "Include deprecated APIs"
+config OPENSSL_NO_DEPRECATED
+ bool
+ default !OPENSSL_WITH_DEPRECATED
+
config OPENSSL_WITH_DTLS
bool
default n
CONFIG_OPENSSL_WITH_EC2M \
CONFIG_OPENSSL_WITH_SSL3 \
CONFIG_OPENSSL_HARDWARE_SUPPORT \
- CONFIG_OPENSSL_WITH_DEPRECATED \
+ CONFIG_OPENSSL_NO_DEPRECATED \
CONFIG_OPENSSL_WITH_DTLS \
CONFIG_OPENSSL_WITH_COMPRESSION \
CONFIG_OPENSSL_WITH_NPN \
OPENSSL_OPTIONS += no-hw
endif
-ifndef CONFIG_OPENSSL_WITH_DEPRECATED
+ifdef CONFIG_OPENSSL_NO_DEPRECATED
OPENSSL_OPTIONS += no-deprecated
endif