git-compat-util: really support openssl as a source of entropy

05cd988dce (wrapper: add a helper to generate numbers from a CSPRNG,
2022-01-17), configure openssl as the source for entropy in NON-STOP
but doesn't add the needed header or link options.

Since the only system that is configured to use openssl as a source
of entropy is NON-STOP, add the header unconditionally, and -lcrypto
to the list of external libraries.

An additional change is required to make sure a NO_OPENSSL=1 build
will be able to work as well (tested on Linux with a modified value
of CSPRNG_METHOD = openssl), and the more complex logic that allows
for compatibility with APPLE_COMMON_CRYPTO or allowing for simpler
ways to link (without libssl) has been punted for now.

Reported-by: Randall Becker <rsbecker@nexbridge.com>
Signed-off-by: Carlo Marcelo Arenas Belón <carenas@gmail.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
pull/1234/head
Carlo Marcelo Arenas Belón 6 months ago committed by Junio C Hamano
parent 47efda967c
commit 5b52d9f15e
  1. 1
      Makefile
  2. 4
      git-compat-util.h
  3. 2
      imap-send.c

@ -1940,6 +1940,7 @@ endif
ifneq ($(findstring openssl,$(CSPRNG_METHOD)),)
BASIC_CFLAGS += -DHAVE_OPENSSL_CSPRNG
EXTLIBS += -lcrypto -lssl
endif
ifneq ($(PROCFS_EXECUTABLE_PATH),)

@ -521,6 +521,10 @@ void warning_errno(const char *err, ...) __attribute__((format (printf, 1, 2)));
#include <openssl/x509v3.h>
#endif /* NO_OPENSSL */
#ifdef HAVE_OPENSSL_CSPRNG
#include <openssl/rand.h>
#endif
/*
* Let callers be aware of the constant return value; this can help
* gcc with -Wuninitialized analysis. We restrict this trick to gcc, though,

@ -27,7 +27,7 @@
#include "exec-cmd.h"
#include "run-command.h"
#include "parse-options.h"
#ifdef NO_OPENSSL
#if defined(NO_OPENSSL) && !defined(HAVE_OPENSSL_CSPRNG)
typedef void *SSL;
#endif
#ifdef USE_CURL_FOR_IMAP_SEND

Loading…
Cancel
Save