OpenConnect 7.07 fails to build with LibreSSL

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



I went a little overboard :) and created those patches.

They make it possible to build the latest git sources of Openconnect
against LibreSSL 2.4.2.

Basically, they remove bad_dtls_test and add missing
LIBRESSL_VERSION_NUMBER. I've verified that the binaries I built work
and I successfully logged in to VPN using it.

When connecting I get:
SSL_set_session() failed with old protocol version 0x100
Are you using a version of OpenSSL older than 0.9.8m?
See http://rt.openssl.org/Ticket/Display.html?id=1751
Use the --no-dtls command line option to avoid this message
Set up DTLS failed; using SSL instead

which is harmless



Output of make check:
Making check in tests
make
make  check-TESTS
PASS: lzstest
PASS: seqtest
============================================================================
Testsuite summary for openconnect 7.07
============================================================================
# TOTAL: 2
# PASS:  2
# SKIP:  0
# XFAIL: 0
# FAIL:  0
# XPASS: 0
# ERROR: 0
============================================================================

@dwmw2
I know it's unreasonable to expect you to remove bad_dtls_test, but
could you at least add the missing LIBRESSL_VERSION_NUMBER checks?

On 08/31/16 07:02 PM, Bernard Spil wrote:
> On 2016-08-31 15:05, David Woodhouse wrote:
>> On Wed, 2016-08-31 at 15:02 +0200, Bernard Spil wrote:
>>>
>>> Hi,
>>>
>>> I heard you like git diffs. Please find a git diff against master
>>> attached.
>>
>> Inline is also fine, although your last attempt was word-wrapped and
>> didn't apply cleanly. The attachment seems to have resolved that.
>>
>> But there are bigger problems, I'm afraid. I've commented in
>> https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=212254#c6
> 
> Hi David,
> 
> Saw that PR. Clear. Noted!
> 
> If you need OpenConnect, pull in GnuTLS (or OpenSSL from ports if you
> must).
> 
> Cheers,
> 
> Bernard.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: patch-dtls.c
Type: text/x-csrc
Size: 1159 bytes
Desc: not available
URL: <http://lists.infradead.org/pipermail/openconnect-devel/attachments/20160831/c32b72d8/attachment-0003.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: patch-openssl.c
Type: text/x-csrc
Size: 1487 bytes
Desc: not available
URL: <http://lists.infradead.org/pipermail/openconnect-devel/attachments/20160831/c32b72d8/attachment-0004.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: patch-openssl-esp.c
Type: text/x-csrc
Size: 636 bytes
Desc: not available
URL: <http://lists.infradead.org/pipermail/openconnect-devel/attachments/20160831/c32b72d8/attachment-0005.bin>
-------------- next part --------------
--- tests/Makefile.am.orig	2016-08-31 17:39:09 UTC
+++ tests/Makefile.am
@@ -48,17 +48,6 @@ TESTS_ENVIRONMENT = srcdir="$(srcdir)" \
 
 noinst_PROGRAMS = lzstest seqtest
 
-if CHECK_DTLS
-noinst_PROGRAMS += bad_dtls_test
-bad_dtls_test_SOURCES = bad_dtls_test.c
-bad_dtls_test_CFLAGS = $(OPENSSL_CFLAGS)
-bad_dtls_test_LDADD = $(OPENSSL_LIBS)
-
-if DTLS_XFAIL
-XFAIL_TESTS = bad_dtls_test
-endif
-endif
-
 TESTS = $(dist_check_SCRIPTS) $(noinst_PROGRAMS)
 
 
-------------- next part --------------
--- tests/Makefile.in.orig	2016-08-31 17:39:44 UTC
+++ tests/Makefile.in
@@ -97,9 +97,6 @@ host_triplet = @host@
 @OPENCONNECT_OPENSSL_TRUE@	$(certsdir)/user-key-pkcs8-pbes1-md5-des.pem \
 @OPENCONNECT_OPENSSL_TRUE@	$(certsdir)/user-key-pkcs8-pbes1-md5-des.der
 noinst_PROGRAMS = lzstest$(EXEEXT) seqtest$(EXEEXT) $(am__EXEEXT_1)
- at CHECK_DTLS_TRUE@am__append_2 = bad_dtls_test
- at CHECK_DTLS_TRUE@@DTLS_XFAIL_TRUE at XFAIL_TESTS =  \
- at CHECK_DTLS_TRUE@@DTLS_XFAIL_TRUE@	bad_dtls_test$(EXEEXT)
 subdir = tests
 ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
 am__aclocal_m4_deps = $(top_srcdir)/m4/ax_check_vscript.m4 \
@@ -114,21 +111,12 @@ mkinstalldirs = $(install_sh) -d
 CONFIG_HEADER = $(top_builddir)/config.h
 CONFIG_CLEAN_FILES =
 CONFIG_CLEAN_VPATH_FILES =
- at CHECK_DTLS_TRUE@am__EXEEXT_1 = bad_dtls_test$(EXEEXT)
 PROGRAMS = $(noinst_PROGRAMS)
-am__bad_dtls_test_SOURCES_DIST = bad_dtls_test.c
- at CHECK_DTLS_TRUE@am_bad_dtls_test_OBJECTS =  \
- at CHECK_DTLS_TRUE@	bad_dtls_test-bad_dtls_test.$(OBJEXT)
-bad_dtls_test_OBJECTS = $(am_bad_dtls_test_OBJECTS)
 am__DEPENDENCIES_1 =
- at CHECK_DTLS_TRUE@bad_dtls_test_DEPENDENCIES = $(am__DEPENDENCIES_1)
 AM_V_lt = $(am__v_lt_ at AM_V@)
 am__v_lt_ = $(am__v_lt_ at AM_DEFAULT_V@)
 am__v_lt_0 = --silent
 am__v_lt_1 = 
-bad_dtls_test_LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \
-	$(LIBTOOLFLAGS) --mode=link $(CCLD) $(bad_dtls_test_CFLAGS) \
-	$(CFLAGS) $(AM_LDFLAGS) $(LDFLAGS) -o $@
 lzstest_SOURCES = lzstest.c
 lzstest_OBJECTS = lzstest.$(OBJEXT)
 lzstest_LDADD = $(LDADD)
@@ -170,8 +158,6 @@ AM_V_CCLD = $(am__v_CCLD_ at AM_V@)
 am__v_CCLD_ = $(am__v_CCLD_ at AM_DEFAULT_V@)
 am__v_CCLD_0 = @echo "  CCLD    " $@;
 am__v_CCLD_1 = 
-SOURCES = $(bad_dtls_test_SOURCES) lzstest.c seqtest.c
-DIST_SOURCES = $(am__bad_dtls_test_SOURCES_DIST) lzstest.c seqtest.c
 am__can_run_installinfo = \
   case $$AM_UPDATE_INFO_DIR in \
     n|no|NO) false;; \
@@ -624,9 +610,6 @@ TESTS_ENVIRONMENT = srcdir="$(srcdir)" \
 	top_builddir="$(top_builddir)" \
 	key_list="$(USER_KEYS)"
 
- at CHECK_DTLS_TRUE@bad_dtls_test_SOURCES = bad_dtls_test.c
- at CHECK_DTLS_TRUE@bad_dtls_test_CFLAGS = $(OPENSSL_CFLAGS)
- at CHECK_DTLS_TRUE@bad_dtls_test_LDADD = $(OPENSSL_LIBS)
 TESTS = $(dist_check_SCRIPTS) $(noinst_PROGRAMS)
 OPENSSL = openssl
 OSSLARGS = -in $< -out $@ -passout pass:password
@@ -674,10 +657,6 @@ clean-noinstPROGRAMS:
 	echo " rm -f" $$list; \
 	rm -f $$list
 
-bad_dtls_test$(EXEEXT): $(bad_dtls_test_OBJECTS) $(bad_dtls_test_DEPENDENCIES) $(EXTRA_bad_dtls_test_DEPENDENCIES) 
-	@rm -f bad_dtls_test$(EXEEXT)
-	$(AM_V_CCLD)$(bad_dtls_test_LINK) $(bad_dtls_test_OBJECTS) $(bad_dtls_test_LDADD) $(LIBS)
-
 lzstest$(EXEEXT): $(lzstest_OBJECTS) $(lzstest_DEPENDENCIES) $(EXTRA_lzstest_DEPENDENCIES) 
 	@rm -f lzstest$(EXEEXT)
 	$(AM_V_CCLD)$(LINK) $(lzstest_OBJECTS) $(lzstest_LDADD) $(LIBS)
@@ -692,7 +671,6 @@ mostlyclean-compile:
 distclean-compile:
 	-rm -f *.tab.c
 
- at AMDEP_TRUE@@am__include@ @am__quote at ./$(DEPDIR)/bad_dtls_test-bad_dtls_test.Po at am__quote@
 @AMDEP_TRUE@@am__include@ @am__quote at ./$(DEPDIR)/lzstest.Po at am__quote@
 @AMDEP_TRUE@@am__include@ @am__quote at ./$(DEPDIR)/seqtest.Po at am__quote@
 
@@ -717,20 +695,6 @@ distclean-compile:
 @AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
 @am__fastdepCC_FALSE@	$(AM_V_CC at am__nodep@)$(LTCOMPILE) -c -o $@ $<
 
-bad_dtls_test-bad_dtls_test.o: bad_dtls_test.c
- at am__fastdepCC_TRUE@	$(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(bad_dtls_test_CFLAGS) $(CFLAGS) -MT bad_dtls_test-bad_dtls_test.o -MD -MP -MF $(DEPDIR)/bad_dtls_test-bad_dtls_test.Tpo -c -o bad_dtls_test-bad_dtls_test.o `test -f 'bad_dtls_test.c' || echo '$(srcdir)/'`bad_dtls_test.c
- at am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) $(DEPDIR)/bad_dtls_test-bad_dtls_test.Tpo $(DEPDIR)/bad_dtls_test-bad_dtls_test.Po
- at AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='bad_dtls_test.c' object='bad_dtls_test-bad_dtls_test.o' libtool=no @AMDEPBACKSLASH@
- at AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
- at am__fastdepCC_FALSE@	$(AM_V_CC at am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(bad_dtls_test_CFLAGS) $(CFLAGS) -c -o bad_dtls_test-bad_dtls_test.o `test -f 'bad_dtls_test.c' || echo '$(srcdir)/'`bad_dtls_test.c
-
-bad_dtls_test-bad_dtls_test.obj: bad_dtls_test.c
- at am__fastdepCC_TRUE@	$(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(bad_dtls_test_CFLAGS) $(CFLAGS) -MT bad_dtls_test-bad_dtls_test.obj -MD -MP -MF $(DEPDIR)/bad_dtls_test-bad_dtls_test.Tpo -c -o bad_dtls_test-bad_dtls_test.obj `if test -f 'bad_dtls_test.c'; then $(CYGPATH_W) 'bad_dtls_test.c'; else $(CYGPATH_W) '$(srcdir)/bad_dtls_test.c'; fi`
- at am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) $(DEPDIR)/bad_dtls_test-bad_dtls_test.Tpo $(DEPDIR)/bad_dtls_test-bad_dtls_test.Po
- at AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='bad_dtls_test.c' object='bad_dtls_test-bad_dtls_test.obj' libtool=no @AMDEPBACKSLASH@
- at AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
- at am__fastdepCC_FALSE@	$(AM_V_CC at am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(bad_dtls_test_CFLAGS) $(CFLAGS) -c -o bad_dtls_test-bad_dtls_test.obj `if test -f 'bad_dtls_test.c'; then $(CYGPATH_W) 'bad_dtls_test.c'; else $(CYGPATH_W) '$(srcdir)/bad_dtls_test.c'; fi`
-
 mostlyclean-libtool:
 	-rm -f *.lo
 
@@ -958,13 +922,6 @@ seqtest.log: seqtest$(EXEEXT)
 	--log-file $$b.log --trs-file $$b.trs \
 	$(am__common_driver_flags) $(AM_LOG_DRIVER_FLAGS) $(LOG_DRIVER_FLAGS) -- $(LOG_COMPILE) \
 	"$$tst" $(AM_TESTS_FD_REDIRECT)
-bad_dtls_test.log: bad_dtls_test$(EXEEXT)
-	@p='bad_dtls_test$(EXEEXT)'; \
-	b='bad_dtls_test'; \
-	$(am__check_pre) $(LOG_DRIVER) --test-name "$$f" \
-	--log-file $$b.log --trs-file $$b.trs \
-	$(am__common_driver_flags) $(AM_LOG_DRIVER_FLAGS) $(LOG_DRIVER_FLAGS) -- $(LOG_COMPILE) \
-	"$$tst" $(AM_TESTS_FD_REDIRECT)
 .test.log:
 	@p='$<'; \
 	$(am__set_b); \
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: OpenPGP digital signature
URL: <http://lists.infradead.org/pipermail/openconnect-devel/attachments/20160831/c32b72d8/attachment-0001.sig>


[Index of Archives]     [Linux Samsung SoC]     [Linux Rockchip SoC]     [Linux Actions SoC]     [Linux for Synopsys ARC Processors]     [Linux NFS]     [Linux NILFS]     [Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]


  Powered by Linux