[
https://issues.apache.org/jira/browse/GUACAMOLE-2089?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Nick Couchman reopened GUACAMOLE-2089:
--------------------------------------
> Will 1.6.0 compile with openssl-fips-1.0.2zj
> --------------------------------------------
>
> Key: GUACAMOLE-2089
> URL: https://issues.apache.org/jira/browse/GUACAMOLE-2089
> Project: Guacamole
> Issue Type: Task
> Components: guacamole-server
> Affects Versions: 1.6.0
> Environment: OS: SUSE Linux Enterprise Server 12 SP3
> OpenSSL: openssl-fips-1.0.2zj
> Reporter: Saravanan
> Priority: Minor
>
> *Background:* We successfully compiled and deployed guacamole-server-1.4.0 on
> SLES 12 SP3 with OpenSSL-FIPS-1.0.2j. The compilation worked because 1.4.0
> includes OpenSSL compatibility shims (rsa-compat.h, dsa-compat.h) that
> provide OpenSSL 1.1.x-style functions for older OpenSSL versions.
> *Evidence from 1.4.0:*
> * config.h shows: {{/* #undef HAVE_RSA_GET0_KEY */}} (function not available
> in 1.0.2)
> * rsa-compat.c provides: {{RSA_get0_key()}} implementation using direct
> struct access ({{{}rsa_key->n{}}}, {{{}rsa_key->e{}}})
> * This compatibility layer allows 1.4.0 to work seamlessly with OpenSSL 1.0.2
> *Question:* Does guacamole-server-1.6.0 still include these OpenSSL 1.0.2
> compatibility shims, or were they removed?
> *Specific Environment:*
> * OS: SUSE Linux Enterprise Server 12 SP3
> * OpenSSL: openssl-fips-1.0.2zj
> * Target: guacamole-server-1.6.0
> *Why this matters:* Many enterprise environments are restricted to
> FIPS-validated OpenSSL versions. Understanding the minimum OpenSSL version
> requirements helps administrators plan deployments and upgrades.
> *Request:* Could the development team clarify:
> # Whether 1.6.0 maintains OpenSSL 1.0.2 compatibility
> # If not, what is the minimum supported OpenSSL version for 1.6.0
> # Any official guidance on OpenSSL version requirements
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
