#28 Add LibreSSL compatibility

Closed
opened 2 months ago by blu256 · 10 comments
blu256 commented 2 months ago

Basic information

  • TDE version: R14.0.6
  • Distribution: Void Linux
  • Hardware: amd64
  • SL/Wishlist

Description

Some distributions (like Void Linux) now provide LibreSSL instead of OpenSSL as a default. LibreSSL is OpenBSD’s fork of OpenSSL 1.0.1b. TDElibs (especially KSSL in TDEIO) fails to compile.

excerpt from stdout: https://pastebin.com/37QfJMYc

Steps to reproduce

  1. Fetch the source code for tdelibs (R14.0.6)
  2. Create out-of-source build directory and configure with cmake
  3. Run ‘make’

Screenshots

<!-- This is a comment. Please fill in the required fields below. The comments provide instructions on how to do so. Note: You do not need to remove comments. --> ## Basic information - TDE version: R14.0.6 <!-- such as R14.0.6 - see tde-config -v --> - Distribution: Void Linux <!-- such as Debian Stretch - see lsb_release -sd --> - Hardware: amd64 <!-- amd64 / i386 / armhf / ... --> <!-- Use SL/* labels to set the severity level. Please do not set a milestone. --> - SL/Wishlist ## Description Some distributions (like Void Linux) now provide LibreSSL instead of OpenSSL as a default. LibreSSL is OpenBSD's fork of OpenSSL 1.0.1b. TDElibs (especially KSSL in TDEIO) fails to compile. excerpt from stdout: https://pastebin.com/37QfJMYc ## Steps to reproduce 1. Fetch the source code for tdelibs (R14.0.6) 2. Create out-of-source build directory and configure with cmake 3. Run 'make' ## Screenshots <!-- If it seems useful, please provide provide one or more screenshots. -->
SlavekB commented 2 months ago
Owner

Please, what is the output from the CMake configuration that is related to SSL library detection?

Please, what is the output from the CMake configuration that is related to SSL library detection?
blu256 commented 2 months ago
Poster

stdout during configuration only mentions OpenSSL once:

-- Checking for one of the modules ‘openssl’

CMakeCache.txt contains the following: https://pastebin.com/n4kfEKH3

BTW, LibreSSL does provide some headers in /usr/include/openssl. I have LibreSSL 2.8.3 and in opensslv.h (which is imported in kopenssl.h) the macro which defines OpenSSL version number contains the value 0x20000000L: https://pastebin.com/btthU22U

I think, with LibreSSL being a fork of OpenSSL 1.0.1b, that it is not compatible with some of the changes that newer versions brought about; though, OPENSSL_VERSION_NUMBER being > 0x10100000L, the compatibility checks in tdeio/kssl/kopenssl.h fail. I might as well be wrong. I’m checking this right now and if I have results, I’ll report back.

stdout during configuration only mentions OpenSSL once: > -- Checking for one of the modules 'openssl' CMakeCache.txt contains the following: https://pastebin.com/n4kfEKH3 BTW, LibreSSL _does_ provide some headers in /usr/include/openssl. I have LibreSSL 2.8.3 and in opensslv.h (which is imported in kopenssl.h) the macro which defines OpenSSL version number contains the value 0x20000000L: https://pastebin.com/btthU22U I think, with LibreSSL being a fork of OpenSSL _1.0.1b_, that it is not compatible with some of the changes that newer versions brought about; though, OPENSSL_VERSION_NUMBER being > 0x10100000L, the compatibility checks in tdeio/kssl/kopenssl.h fail. I might as well be wrong. I'm checking this right now and if I have results, I'll report back.
blu256 commented 2 months ago
Poster

I was able to compile tdelibs making some changes to tdeio/kssl/kopenssl.h and tdeeio/kssl/ksslcertificate.cc (some #ifndef LIBRESSL_VERSION_NUMBER’s to check if the SSL flavour is LibreSSL)

I was able to compile tdelibs making some changes to tdeio/kssl/kopenssl.h and tdeeio/kssl/ksslcertificate.cc (some #ifndef LIBRESSL_VERSION_NUMBER's to check if the SSL flavour is LibreSSL)
blu256 commented 2 months ago
Poster

My changes as a patch file: https://pastebin.com/e3mPVc1p

My changes as a patch file: https://pastebin.com/e3mPVc1p
MicheleC commented 2 months ago
Owner

Hi Blu, thanks for the good work. Rather than posting a patch on pastebin, could you create a branch and a pull request here in gitea? That is the main advantage of using gitea, moreover authorship of the patch would be maintained automatically.
The wiki guide on TGW should provide some help on how to create a PR and if you need further help, just ask here.

Hi Blu, thanks for the good work. Rather than posting a patch on pastebin, could you create a branch and a pull request here in gitea? That is the main advantage of using gitea, moreover authorship of the patch would be maintained automatically.<br> The wiki guide on TGW should provide some help on how to create a PR and if you need further help, just ask here.
MicheleC commented 2 months ago
Owner

@blu256: I have added you to the contributor group, so you can now create PRs :smiley:

Don’t forget to sign-off your commit with the -s flag as per DCO.

@blu256: I have added you to the contributor group, so you can now create PRs :smiley: Don't forget to sign-off your commit with the -s flag as per DCO.
blu256 commented 2 months ago
Poster

Ok, done.

Ok, done.
SlavekB added a new dependency 2 months ago
MicheleC commented 2 months ago
Owner

Thanks a lot and keep up the good work :smile:

Thanks a lot and keep up the good work :smile:
MicheleC added this to the R14.0.7 release milestone 2 months ago
SlavekB commented 2 months ago
Owner

@blu256, thank you for your excellent cooperation.

@blu256, thank you for your excellent cooperation.
MicheleC commented 2 months ago
Owner

Keep up the good work Philippe :smile:

Keep up the good work Philippe :smile:
Sign in to join this conversation.
No Milestone
No Assignees
3 Participants
Due Date

No due date set.

Loading…
Cancel
Save
There is no content yet.