Opened 16 months ago

Closed 16 months ago

Last modified 12 months ago

#67762 closed defect (invalid)

Enable QUIC in OpenSSL 3

Reported by: barracuda156 Owned by: neverpanic (Clemens Lang)
Priority: Normal Milestone:
Component: ports Version: 2.8.1
Keywords: Cc: larryv (Lawrence Velázquez), catap (Kirill A. Korinsky)
Port: openssl3

Description

My ngtcp2 port disables QUIC, complaining re missing support in OpenSSL: 

-- Found OpenSSL: /opt/local/libexec/openssl3/lib/libcrypto.dylib (found suitable version "3.1.1", minimum required is "1.1.1")  
-- Found Jemalloc: /opt/local/lib/libjemalloc.dylib (found version "5.3.0-0-g54eaed1d8b56b1aa528be3bdd1877e59c56fa90c") 
-- Found Libev: /opt/local/lib/libev.dylib (found suitable version "4.33", minimum required is "4.11") 
-- Found Libnghttp3: /opt/local/lib/libnghttp3.dylib (found suitable version "0.12.0", minimum required is "0.0.0") 
-- Found CUnit: /opt/local/lib/libcunit.dylib (found suitable version "2.1-3", minimum required is "2.1") 
-- Looking for SSL_is_quic
-- Looking for SSL_is_quic - not found
CMake Warning at CMakeLists.txt:154 (message):
  Disabling OpenSSL due to lack of QUIC support in
  /opt/local/libexec/openssl3/lib/libssl.dylib;/opt/local/libexec/openssl3/lib/libcrypto.dylib

Could we enable it?

Change History (6)

comment:1 Changed 16 months ago by neverpanic (Clemens Lang)

Resolution: invalid
Status: assignedclosed

SSL_is_quic() was only recently added and is not in a release yet: https://www.openssl.org/docs/manmaster/man3/SSL_is_quic.html (note that the sidebar does not link to manpages for this function in the 3.1 and 3.0 releases).

See also the changelog for the unreleased 3.2 version: https://github.com/openssl/openssl/blob/master/NEWS.md#openssl-32

  • Added client side support for QUIC.

This will appear automatically when we update to 3.2.

comment:2 Changed 16 months ago by barracuda156

Got it, thanks.

comment:3 Changed 12 months ago by neverpanic (Clemens Lang)

ngtcp2 may need a rev-bump after the OpenSSL update to enable this for all users.

comment:4 Changed 12 months ago by neverpanic (Clemens Lang)

In 959845548b0dcf19985aeba7bfa1366bc2f4d55e/macports-ports (master):

openssl3: Update to 3.2.0

The changelog is available at

https://github.com/openssl/openssl/blob/openssl-3.2.0/CHANGES.md#openssl-32

See: #67762

comment:5 in reply to:  3 Changed 12 months ago by barracuda156

Replying to neverpanic:

ngtcp2 may need a rev-bump after the OpenSSL update to enable this for all users.

So should we revbump it now?

comment:6 Changed 12 months ago by neverpanic (Clemens Lang)

Sure, if you want to. You're the maintainer as far as I can see, so it's your call.

Note: See TracTickets for help on using tickets.