Fix build with OpenSSL 3.5+ where ENGINE API is removed#585
Fix build with OpenSSL 3.5+ where ENGINE API is removed#585kazuho merged 2 commits intoh2o:masterfrom
Conversation
OpenSSL removed the ENGINE API in version 3.5. The engine.h header still exists but is empty, causing implicit function declaration errors for ENGINE_by_id, ENGINE_free, etc. Guard all ENGINE usage in the test with a PICOTLS_HAVE_ENGINE macro that checks both OPENSSL_NO_ENGINE and OPENSSL_VERSION_MAJOR. The affected code is only used for QAT hardware accelerator benchmarks and loading built-in engines on pre-3.0 OpenSSL, so no test coverage is lost on modern OpenSSL. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
|
Thank you for the pull request. I'd be happy to add conditional guards around the use of the engine API, but I'm not sure how I can reproduce it. The CI matrix covers OpenSSL 3.5, and engine.h still exists in OpenSSL 3.6 (https://github.com/openssl/openssl/blob/openssl-3.6/include/openssl/engine.h). Could it be due to you using a different build setting for OpenSSL? If so, I'd appreciate you describing how, as it might make sense for us to have that build setting covered in the CI matrix. |
This was on a CentOS stream-10 host. Maybe the system ssl was compiled with engine APIs off? |
|
Thank you! I haven't checked exactly why, but AI did reproduce the issue and provided me a Dockerfile that we can use to automate testing on CentOS Stream 10. |
Co-Authored-By: OpenCode with Qwen3.5-27B <kazuhooku+opencode@gmail.com>
2 participants
OpenSSL removed the ENGINE API in version 3.5. The engine.h header still exists but is empty, causing implicit function declaration errors for ENGINE_by_id, ENGINE_free, etc.
Guard all ENGINE usage in the test with a PICOTLS_HAVE_ENGINE macro that checks both OPENSSL_NO_ENGINE and OPENSSL_VERSION_MAJOR. The affected code is only used for QAT hardware accelerator benchmarks and loading built-in engines on pre-3.0 OpenSSL, so no test coverage is lost on modern OpenSSL.