aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorKaren Arutyunov <karen@codesynthesis.com>2024-05-29 14:02:08 +0300
committerKaren Arutyunov <karen@codesynthesis.com>2024-05-29 14:54:59 +0300
commite3932d2f6db820b733462cb7eb2c8e28dc1f625e (patch)
treeb97c5e94a35465646d6f4a7ad46c3066b94f169c
parent0d3aaa8f1ad1b6555189ba8381de3e4cb48fb40a (diff)
Tighten OpenSSL version range check for 'reading certificate from stdin' warning workaround
-rw-r--r--bpkg/auth.cxx8
1 files changed, 6 insertions, 2 deletions
diff --git a/bpkg/auth.cxx b/bpkg/auth.cxx
index 191da0a..9fb4e20 100644
--- a/bpkg/auth.cxx
+++ b/bpkg/auth.cxx
@@ -96,7 +96,7 @@ namespace bpkg
// Return true if some openssl commands (openssl x509 -fingerprint, etc) may
// issue the 'Reading certificate from stdin since no -in or -new option is
// given' warning. This is the case for the openssl version in the [3.2.0
- // 3.3.0) range (see GH issue #353 for details).
+ // 3.2.2) range (see GH issue #353 for details).
//
// Note that there is no easy way to suppress this warning on Windows and
// thus we don't define this function there.
@@ -105,8 +105,12 @@ namespace bpkg
static inline bool
openssl_warn_stdin (const common_options& co)
{
+ // Use 3.2.3 in the comparison rather than 3.2.2, to make sure that, for
+ // example, 3.2.2-dev (denotes a pre-release of 3.2.2) also falls into the
+ // range.
+ //
const semantic_version& v (openssl_version (co));
- return v >= semantic_version {3, 2, 0} && v < semantic_version {3, 3, 0};
+ return v >= semantic_version {3, 2, 0} && v < semantic_version {3, 2, 3};
}
#endif