Skip to content

Conversation

@petk
Copy link
Member

@petk petk commented Jan 28, 2024

Following 68f6ab7, the ext/curl doesn't need to be linked against OpenSSL anymore, if curl_version_info_data ssl_version is OpenSSL/1.1 or later.

With OpenSSL 3 and later the check for old SSL crypto locking callbacks was detected here.

This also uses a common PHP_SETUP_OPENSSL macro for checking OpenSSL and syncs the minimum OpenSSL version (currently 1.0.2 or later) across the PHP build system.

Following 68f6ab7, the ext/curl doesn't
need to be linked against OpenSSL anymore, if curl_version_info_data
ssl_version is OpenSSL/1.1 or later.

With OpenSSL 3 and later the check for old SSL crypto locking callbacks
was detected here.

This also uses a common PHP_SETUP_OPENSSL macro for checking OpenSSL and
syncs the minimum OpenSSL version (currently 1.0.2 or later) across the
PHP build system.
@petk petk force-pushed the patch-openssl-min-version branch from 0f35b17 to 6536414 Compare January 29, 2024 07:33
@petk
Copy link
Member Author

petk commented Jan 29, 2024

Edit: I've reworded the commit message in the last push to not mention when this check could potentially be removed since it depends on the curl minimum version.

Copy link
Member

@devnexen devnexen left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Making sense to me.

@petk
Copy link
Member Author

petk commented Feb 12, 2024

If @adoy is fine with this, I'll merge this in the following days. Probably the test program could be simplified even more here with some C-fu, but I'm not sure how to do that at this point and I think it's fine for now.

@devnexen
Copy link
Member

I'd say since it s master if it needs further improvements, it can always be done later on.

@petk petk merged commit b222c02 into php:master Feb 14, 2024
@petk petk deleted the patch-openssl-min-version branch February 14, 2024 12:52
@adoy
Copy link
Member

adoy commented Feb 14, 2024

Looks good to me :) Thanks. Sorry about the late check but I don't have much time those days.

@bukka
Copy link
Member

bukka commented Jun 6, 2025

I just came accross this when checking that we should disable the old version as locking should not be used on any supported OpenSSL library. This is actually a bug fix as the check incorrectly checks for OpenSSL 3+ so currently on 8.3 the locking is still being used which is wrong. 8.4 contains this so it just needs backport to 8.3.

bukka pushed a commit that referenced this pull request Jun 6, 2025
This is backport for 8.3 of b222c02
that originally targeted only 8.4+. This is however a bug fix.

Following 68f6ab7, the ext/curl doesn't
need to be linked against OpenSSL anymore, if curl_version_info_data
ssl_version is OpenSSL/1.1 or later.

With OpenSSL 3 and later the check for old SSL crypto locking callbacks
was detected here.

This also uses a common PHP_SETUP_OPENSSL macro for checking OpenSSL and
syncs the minimum OpenSSL version (currently 1.0.2 or later) across the
PHP build system.
@bukka
Copy link
Member

bukka commented Jun 6, 2025

Back ported in ae92b85

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Projects

None yet

Development

Successfully merging this pull request may close these issues.

4 participants