-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Yeah, over at Homebrew we took the decision to start pushing everything we come across onto our provided OpenSSL, due to the security vulns of using depreciated connections. It was a fairly recent decision though and consequently we're only really catching formula as they get updated or checked. I only caught the spiped & co last night after I ran a debug install and noticed libcrypto being called. Alas, there aren't many people who will catch things like that, and so updating the several thousand formula we roll will take a wee while. I'm not sure what MacPorts and Fink do in regards to this package though. It might be worth checking those out to see if they're also rolling with an updated OpenSSL dep. As for people who download and build the source from scratch themselves, perhaps it's worth editing the BUILDING document to specify you really should be using a newer OpenSSL on OS X. Dom Sent from Thunderbird for OS X. My PGP public key is automatically attached to this email. On 30/08/2014 23:59, Frederick Akalin wrote: > On Sat, Aug 30, 2014 at 3:38 PM, Colin Percival > <cperciva@tarsnap.com> wrote: >> Oh wow. I'm surprised this didn't go even worse. The Makefiles >> in the individual spipe and spiped directories aren't designed to >> be used with Makefile.POSIX... > > I know. But that raises the question: how should someone other > than yourself (running FreeBSD) hack on spiped? Is there a better > approach than what I'm doing? > >> Or in the extreme case, 512 macros, for each subset of the 9 >> inline functions which may or may not be used by a particular >> module... > > Another possible solution would be to turn off the warnings via > pragmas from the possibly-unused functions. I don't know how that > would interact with macro expansion, though... > >>> In file included from ../libcperciva/util/asprintf.c:2: In file >>> included from /usr/include/stdio.h:71: >>> /usr/include/sys/_types/_va_list.h:31:26: error: redefinition >>> of typedef 'va_list' is a C11 feature >>> [-Werror,-Wtypedef-redefinition] >> >> I suppose technically this is true... but it's also a feature in >> C99 and C89, so I have no idea where this complaint is coming >> from. > > Actually, see > https://stackoverflow.com/questions/8367646/redefinition-of-typedef > > . Looks like it's legal in C++ but not in C89 or C99, probably due to > an oversight. > >> It certainly can't hurt to use a supported version of OpenSSL. > > My mistake -- it looks like Homebrew's version is already using an > updated OpenSSL (per Dominyk's previous message). > -----BEGIN PGP SIGNATURE----- Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJUAl8UAAoJEIclJNuddDJs9tEP/jT+RvAs6hrN/qj2mZef763D 535jFbekFQyGV0R31Z82udMuAT7ax1a/3/xyX9tN+80Rin6YSn9c5Khk6QkPCfqn yHmW9RmjKYMqczGqXNQli9W1mxRuhzShZFedms541bR/yFVML8NJxCOUBPFF248u d+xRYxuFRPxlPwiB4/cmIlp8oNENRYMV/YNXSLEZkvcYamrgz88IcCYqaqEFtkZv t7cUysKH3LlQWep+rRNSGvYEP8mB38L1Ia3lqpJ60WB7bL3neqjzjJmTNPxmzyK1 0Z1saTSKE3OLY0pncrtWnjsjbU1uGUc5rOTo4tkdHwtkrhY1KJh+lYXJ7M+6e3fx N4JSUZdxN9OIgji0mXogK6rYAORhWXcckBjV3XpDG/Gkh0FZxBouI/75SNCYBpid zoBwnx2apC1/+slAjrHClmMKIZD/zhae8GLKLSgencf3J1dVb52vZ5g4U2XWujN8 DCyZvYnj8PYM8XU3NlHUbASbsY+0aTp3dCUw2Q7lbDUJNRjUVd+O/++MEBTFy1Gi f036M0Unpk7tscfMHZrhkKC1m2vEASKaitInBJuoQFlCJ25Rgq64/tUdSI0nwMl0 q1//xsUedrNUnYy9d1yDyEOg7ytRFWWsP9z3kq2M18e6uUBIBxcoAMYYnYXB5dR6 /bW8z+frvnKzhvzDT2hz =ybbV -----END PGP SIGNATURE-----
Attachment:
0x9D74326C.asc
Description: application/pgp-keys
Attachment:
0x9D74326C.asc.sig
Description: Binary data