Skip to content

Fix linking ext/curl against OpenSSL #13262

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Feb 14, 2024
Merged

Fix linking ext/curl against OpenSSL #13262

merged 1 commit into from
Feb 14, 2024

Conversation

petk
Copy link
Member

@petk petk commented Jan 28, 2024
edited
Loading

Following 68f6ab7, the ext/curl doesn't need to be linked against OpenSSL anymore, if curl_version_info_data ssl_version is OpenSSL/1.1 or later.

With OpenSSL 3 and later the check for old SSL crypto locking callbacks was detected here.

This also uses a common PHP_SETUP_OPENSSL macro for checking OpenSSL and syncs the minimum OpenSSL version (currently 1.0.2 or later) across the PHP build system.

@petk petk requested a review from adoy as a code owner January 28, 2024 15:00
@petk
Fix linking ext/curl against OpenSSL
6536414 
Following 68f6ab7, the ext/curl doesn't
need to be linked against OpenSSL anymore, if curl_version_info_data
ssl_version is OpenSSL/1.1 or later.

With OpenSSL 3 and later the check for old SSL crypto locking callbacks
was detected here.

This also uses a common PHP_SETUP_OPENSSL macro for checking OpenSSL and
syncs the minimum OpenSSL version (currently 1.0.2 or later) across the
PHP build system.
@petk petk force-pushed the patch-openssl-min-version branch from 0f35b17 to 6536414 Compare January 29, 2024 07:33
@petk
Copy link
Member Author

petk commented Jan 29, 2024

Edit: I've reworded the commit message in the last push to not mention when this check could potentially be removed since it depends on the curl minimum version.

devnexen
devnexen approved these changes Jan 29, 2024
View reviewed changes
Copy link
Member

@devnexen devnexen left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Making sense to me.

@petk
Copy link
Member Author

petk commented Feb 12, 2024

If @adoy is fine with this, I'll merge this in the following days. Probably the test program could be simplified even more here with some C-fu, but I'm not sure how to do that at this point and I think it's fine for now.

@devnexen
Copy link
Member

I'd say since it s master if it needs further improvements, it can always be done later on.

@petk petk merged commit b222c02 into php:master Feb 14, 2024
@petk petk deleted the patch-openssl-min-version branch February 14, 2024 12:52
@adoy
Copy link
Member

adoy commented Feb 14, 2024

Looks good to me :) Thanks. Sorry about the late check but I don't have much time those days.

@bukka
Copy link
Member

bukka commented Jun 6, 2025

I just came accross this when checking that we should disable the old version as locking should not be used on any supported OpenSSL library. This is actually a bug fix as the check incorrectly checks for OpenSSL 3+ so currently on 8.3 the locking is still being used which is wrong. 8.4 contains this so it just needs backport to 8.3.

bukka pushed a commit that referenced this pull request Jun 6, 2025
@petk @bukka
Fix linking ext/curl against OpenSSL (#13262)
ae92b85 
This is backport for 8.3 of b222c02
that originally targeted only 8.4+. This is however a bug fix.

Following 68f6ab7, the ext/curl doesn't
need to be linked against OpenSSL anymore, if curl_version_info_data
ssl_version is OpenSSL/1.1 or later.

With OpenSSL 3 and later the check for old SSL crypto locking callbacks
was detected here.

This also uses a common PHP_SETUP_OPENSSL macro for checking OpenSSL and
syncs the minimum OpenSSL version (currently 1.0.2 or later) across the
PHP build system.
@bukka
Copy link
Member

bukka commented Jun 6, 2025

Back ported in ae92b85

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@devnexen devnexen devnexen approved these changes

@adoy adoy Awaiting requested review from adoy adoy is a code owner

Assignees
No one assigned
Labels
Category: Build System Extension: curl
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@petk @devnexen @adoy @bukka