)]}'
{"/PATCHSET_LEVEL":[{"author":{"_account_id":1000001,"name":"flichtenheld","display_name":"Frank Lichtenheld","email":"frank@lichtenheld.com","username":"flichtenheld","status":"OpenVPN Inc."},"change_message_id":"c9267e9210cb6dbb1b4c07e12068e0f9ad46ee32","unresolved":false,"context_lines":[],"source_content_type":"","patch_set":8,"id":"82f8ab7c_3dfd15c8","updated":"2023-11-28 12:39:41.000000000","message":"Don\u0027t like the libressl preprocessor check","commit_id":"2741e9c43f0574036132a8cee6ea072261b10c5a"}],"src/openvpn/ssl_openssl.c":[{"author":{"_account_id":1000001,"name":"flichtenheld","display_name":"Frank Lichtenheld","email":"frank@lichtenheld.com","username":"flichtenheld","status":"OpenVPN Inc."},"change_message_id":"1b3c19c6102d84a44bf0e10c105673e453ef4fb0","unresolved":true,"context_lines":[{"line_number":2163,"context_line":"    char pkeybuf[128] \u003d { 0 };"},{"line_number":2164,"context_line":"    print_pkey_details(pkey, pkeybuf, sizeof(pkeybuf));"},{"line_number":2165,"context_line":""},{"line_number":2166,"context_line":"    openvpn_snprintf(buf, buflen, \", peer temporary key: %s\","},{"line_number":2167,"context_line":"                     pkeybuf);"},{"line_number":2168,"context_line":""},{"line_number":2169,"context_line":"    EVP_PKEY_free(pkey);"}],"source_content_type":"text/x-csrc","patch_set":5,"id":"fd0ca587_1da0ef2f","line":2166,"updated":"2023-10-08 11:53:12.000000000","message":"This probably belongs in the previous commit.","commit_id":"a465e4658bcc96b27eee6e5de5e82046560abf96"},{"author":{"_account_id":1000001,"name":"flichtenheld","display_name":"Frank Lichtenheld","email":"frank@lichtenheld.com","username":"flichtenheld","status":"OpenVPN Inc."},"change_message_id":"bfc2b91cbfb9eb622dbc4c9110ed592765fe96a8","unresolved":false,"context_lines":[{"line_number":2163,"context_line":"    char pkeybuf[128] \u003d { 0 };"},{"line_number":2164,"context_line":"    print_pkey_details(pkey, pkeybuf, sizeof(pkeybuf));"},{"line_number":2165,"context_line":""},{"line_number":2166,"context_line":"    openvpn_snprintf(buf, buflen, \", peer temporary key: %s\","},{"line_number":2167,"context_line":"                     pkeybuf);"},{"line_number":2168,"context_line":""},{"line_number":2169,"context_line":"    EVP_PKEY_free(pkey);"}],"source_content_type":"text/x-csrc","patch_set":5,"id":"3b343ee7_423d9351","line":2166,"in_reply_to":"fd0ca587_1da0ef2f","updated":"2023-10-09 10:43:14.000000000","message":"Done","commit_id":"a465e4658bcc96b27eee6e5de5e82046560abf96"},{"author":{"_account_id":1000001,"name":"flichtenheld","display_name":"Frank Lichtenheld","email":"frank@lichtenheld.com","username":"flichtenheld","status":"OpenVPN Inc."},"change_message_id":"bfc2b91cbfb9eb622dbc4c9110ed592765fe96a8","unresolved":true,"context_lines":[{"line_number":2211,"context_line":"{"},{"line_number":2212,"context_line":"    int peer_sig_nid \u003d NID_undef, peer_sig_type_nid \u003d NID_undef;"},{"line_number":2213,"context_line":"    const char *peer_sig \u003d \"\";"},{"line_number":2214,"context_line":"    const char *peer_sig_type \u003d \"\";"},{"line_number":2215,"context_line":""},{"line_number":2216,"context_line":"    /* Even though these methods use the deprecated NIDs instead of using"},{"line_number":2217,"context_line":"     * string as new OpenSSL APIs do, there seem to be no API that replaces"}],"source_content_type":"text/x-csrc","patch_set":7,"id":"be8eca11_de41140b","line":2214,"updated":"2023-10-09 10:43:14.000000000","message":"With libressl or openssl 1.0.2 this will print \"\" for now. Should we maybe change the default to \"UNKNOWN\" or something similar? Or would you consider that useless clutter?","commit_id":"05e99475aa4cc8fada900f093f15cf58a7ee1e2e"},{"author":{"_account_id":1000003,"name":"plaisthos","display_name":"Arne Schwabe","email":"arne-openvpn@rfc2549.org","username":"plaisthos"},"change_message_id":"5624633ce6cd749997cc675f0f346ff214d145bd","unresolved":false,"context_lines":[{"line_number":2211,"context_line":"{"},{"line_number":2212,"context_line":"    int peer_sig_nid \u003d NID_undef, peer_sig_type_nid \u003d NID_undef;"},{"line_number":2213,"context_line":"    const char *peer_sig \u003d \"\";"},{"line_number":2214,"context_line":"    const char *peer_sig_type \u003d \"\";"},{"line_number":2215,"context_line":""},{"line_number":2216,"context_line":"    /* Even though these methods use the deprecated NIDs instead of using"},{"line_number":2217,"context_line":"     * string as new OpenSSL APIs do, there seem to be no API that replaces"}],"source_content_type":"text/x-csrc","patch_set":7,"id":"376c7362_26cd0b0d","line":2214,"in_reply_to":"be8eca11_de41140b","updated":"2023-11-21 13:13:31.000000000","message":"Done","commit_id":"05e99475aa4cc8fada900f093f15cf58a7ee1e2e"},{"author":{"_account_id":1000001,"name":"flichtenheld","display_name":"Frank Lichtenheld","email":"frank@lichtenheld.com","username":"flichtenheld","status":"OpenVPN Inc."},"change_message_id":"c9267e9210cb6dbb1b4c07e12068e0f9ad46ee32","unresolved":true,"context_lines":[{"line_number":2222,"context_line":""},{"line_number":2223,"context_line":"#if !defined(LIBRESSL_VERSION_NUMBER) \u0026\u0026 OPENSSL_VERSION_NUMBER \u003e\u003d 0x1010000fL"},{"line_number":2224,"context_line":"    /* LibreSSL 3.7.x and 3.8.0 weirdly implement this function but fail on"},{"line_number":2225,"context_line":"     * linking with an unresolved symbol */"},{"line_number":2226,"context_line":"    if (SSL_get_peer_signature_type_nid(ssl, \u0026peer_sig_type_nid)"},{"line_number":2227,"context_line":"        \u0026\u0026 peer_sig_type_nid !\u003d NID_undef)"},{"line_number":2228,"context_line":"    {"}],"source_content_type":"text/x-csrc","patch_set":8,"id":"83effa6a_7262c928","line":2225,"updated":"2023-11-28 12:39:41.000000000","message":"Filed https://github.com/libressl/openbsd/issues/147 for it.\nMight be better to test for the function explicitly in configure instead of checking for libressl?","commit_id":"2741e9c43f0574036132a8cee6ea072261b10c5a"},{"author":{"_account_id":1000003,"name":"plaisthos","display_name":"Arne Schwabe","email":"arne-openvpn@rfc2549.org","username":"plaisthos"},"change_message_id":"66c44886e69ada3e12c68ae51fe484e4f55ea735","unresolved":true,"context_lines":[{"line_number":2222,"context_line":""},{"line_number":2223,"context_line":"#if !defined(LIBRESSL_VERSION_NUMBER) \u0026\u0026 OPENSSL_VERSION_NUMBER \u003e\u003d 0x1010000fL"},{"line_number":2224,"context_line":"    /* LibreSSL 3.7.x and 3.8.0 weirdly implement this function but fail on"},{"line_number":2225,"context_line":"     * linking with an unresolved symbol */"},{"line_number":2226,"context_line":"    if (SSL_get_peer_signature_type_nid(ssl, \u0026peer_sig_type_nid)"},{"line_number":2227,"context_line":"        \u0026\u0026 peer_sig_type_nid !\u003d NID_undef)"},{"line_number":2228,"context_line":"    {"}],"source_content_type":"text/x-csrc","patch_set":8,"id":"9c5adb74_39d43e25","line":2225,"in_reply_to":"83effa6a_7262c928","updated":"2023-11-28 13:10:20.000000000","message":"This is a super weird thing that I gave up debugging after 1-2h. The thing compiles as the function is declared in the headers and the C files of LibreSSL but for some reasons the linker does not find the symbol in the libreSSL library. So I gave up on trying to figure what is going on and just pretend that libreSSL does not have this function.","commit_id":"2741e9c43f0574036132a8cee6ea072261b10c5a"},{"author":{"_account_id":1000001,"name":"flichtenheld","display_name":"Frank Lichtenheld","email":"frank@lichtenheld.com","username":"flichtenheld","status":"OpenVPN Inc."},"change_message_id":"d53c5c48f049c15e397cc9e22d724e5d9cb72b1d","unresolved":true,"context_lines":[{"line_number":2222,"context_line":""},{"line_number":2223,"context_line":"#if !defined(LIBRESSL_VERSION_NUMBER) \u0026\u0026 OPENSSL_VERSION_NUMBER \u003e\u003d 0x1010000fL"},{"line_number":2224,"context_line":"    /* LibreSSL 3.7.x and 3.8.0 weirdly implement this function but fail on"},{"line_number":2225,"context_line":"     * linking with an unresolved symbol */"},{"line_number":2226,"context_line":"    if (SSL_get_peer_signature_type_nid(ssl, \u0026peer_sig_type_nid)"},{"line_number":2227,"context_line":"        \u0026\u0026 peer_sig_type_nid !\u003d NID_undef)"},{"line_number":2228,"context_line":"    {"}],"source_content_type":"text/x-csrc","patch_set":8,"id":"b497f219_6ae57c40","line":2225,"in_reply_to":"9c5adb74_39d43e25","updated":"2023-11-28 14:21:30.000000000","message":"Yeah, as noted in the GitHub issue I found the reason. The function exists and is compiled but is not exported, so the linker can\u0027t use it. According to the answer it should be fixed in 3.9.0, but also might be fixed in earlier versions, we will need to see.","commit_id":"2741e9c43f0574036132a8cee6ea072261b10c5a"},{"author":{"_account_id":1000001,"name":"flichtenheld","display_name":"Frank Lichtenheld","email":"frank@lichtenheld.com","username":"flichtenheld","status":"OpenVPN Inc."},"change_message_id":"f96c8ae337c0e7267d7042fe1a6451f32b32c844","unresolved":false,"context_lines":[{"line_number":2222,"context_line":""},{"line_number":2223,"context_line":"#if !defined(LIBRESSL_VERSION_NUMBER) \u0026\u0026 OPENSSL_VERSION_NUMBER \u003e\u003d 0x1010000fL"},{"line_number":2224,"context_line":"    /* LibreSSL 3.7.x and 3.8.0 weirdly implement this function but fail on"},{"line_number":2225,"context_line":"     * linking with an unresolved symbol */"},{"line_number":2226,"context_line":"    if (SSL_get_peer_signature_type_nid(ssl, \u0026peer_sig_type_nid)"},{"line_number":2227,"context_line":"        \u0026\u0026 peer_sig_type_nid !\u003d NID_undef)"},{"line_number":2228,"context_line":"    {"}],"source_content_type":"text/x-csrc","patch_set":8,"id":"79df6aa1_3de451d9","line":2225,"in_reply_to":"b497f219_6ae57c40","updated":"2024-02-09 11:09:15.000000000","message":"Done","commit_id":"2741e9c43f0574036132a8cee6ea072261b10c5a"},{"author":{"_account_id":1000003,"name":"plaisthos","display_name":"Arne Schwabe","email":"arne-openvpn@rfc2549.org","username":"plaisthos"},"change_message_id":"48400ac14354d1d16060c503bb535261cddd07f0","unresolved":false,"context_lines":[{"line_number":2222,"context_line":""},{"line_number":2223,"context_line":"#if !defined(LIBRESSL_VERSION_NUMBER) \u0026\u0026 OPENSSL_VERSION_NUMBER \u003e\u003d 0x1010000fL"},{"line_number":2224,"context_line":"    /* LibreSSL 3.7.x and 3.8.0 weirdly implement this function but fail on"},{"line_number":2225,"context_line":"     * linking with an unresolved symbol */"},{"line_number":2226,"context_line":"    if (SSL_get_peer_signature_type_nid(ssl, \u0026peer_sig_type_nid)"},{"line_number":2227,"context_line":"        \u0026\u0026 peer_sig_type_nid !\u003d NID_undef)"},{"line_number":2228,"context_line":"    {"}],"source_content_type":"text/x-csrc","patch_set":8,"id":"14a073b2_79023368","line":2225,"in_reply_to":"b497f219_6ae57c40","updated":"2024-02-14 12:03:20.000000000","message":"I made the check to be \u003e\u003d LibreSSL as they promised to have this in 3.9.0","commit_id":"2741e9c43f0574036132a8cee6ea072261b10c5a"}]}