Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Compilation failure with libressl #1068

Closed
asarubbo opened this issue Aug 14, 2020 · 4 comments · Fixed by #1069
Closed

Compilation failure with libressl #1068

asarubbo opened this issue Aug 14, 2020 · 4 comments · Fixed by #1069

Comments

@asarubbo
Copy link

asarubbo commented Aug 14, 2020
edited
Loading

There is a downstream report about a compilation failure with libressl-3.1.3:

https://bugs.gentoo.org/736990
@LocutusOfBorg
Copy link
Contributor

Do you have patches? I honestly don't know how to replace that CTX functions...

@koeppea
Copy link
Member

koeppea commented Aug 14, 2020
edited
Loading

These pieces of code are pre-processor depended if HAVE_OPENSSL_1_1_0 is set.
This is set by this:

#if (OPENSSL_VERSION_NUMBER >= 0x10100000L)
#define HAVE_OPENSSL_1_1_0
#endif

Seems libressl is somewhat immitating OpenSSL versions.
Have to find out to detect LibreSSL pre compilation to exclude these pieces (and features) from building.
Have also to document that LibreSSL might have limited functionality in terms of SSL interception.
[edit]
in this case it's regarding the extra backward SSL compatibility to even intercept TLS1.0 connections.
[/edit]

This was referenced Aug 15, 2020
Open
Merged
@orbea
Copy link

orbea commented Apr 30, 2023

Linking some libressl issues for future reference.

libressl/portable#536
libressl/portable#851

orbea added a commit to orbea/gentoo that referenced this issue Apr 30, 2023
@orbea
net-analyzer/ettercap: add upstream libressl patch
d27d4e5 
This patch was accepted upstream and disables APIs not supported by
LibreSSL <= 3.7.2.

Bug: https://bugs.gentoo.org/903001
Bug: https://bugs.gentoo.org/736990
Upstream-Issue: Ettercap/ettercap#1068
Upstream-PR: Ettercap/ettercap#1069
Upstream-Commit: Ettercap/ettercap@b2fc8e9
Signed-off-by: orbea <orbea@riseup.net>
@orbea orbea mentioned this issue Apr 30, 2023
Closed
@koeppea
Copy link
Member

koeppea commented Apr 30, 2023

Linking some libressl issues for future reference.

Thanks @orbea Let see if they will implement these relatively new OpenSSL functions in LibreSSL also so that we can re-enable the SNI replication.

gentoo-bot pushed a commit to gentoo/gentoo that referenced this issue May 10, 2023
@orbea @thesamesam
net-analyzer/ettercap: add upstream libressl patch
3c567ba 
This patch was accepted upstream and disables APIs not supported by
LibreSSL <= 3.7.2.

Bug: https://bugs.gentoo.org/903001
Bug: https://bugs.gentoo.org/736990
Upstream-Issue: Ettercap/ettercap#1068
Upstream-PR: Ettercap/ettercap#1069
Upstream-Commit: Ettercap/ettercap@b2fc8e9
Signed-off-by: orbea <orbea@riseup.net>
Closes: #30813
Signed-off-by: Sam James <sam@gentoo.org>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

ec_sslwrap: fix compilation with LibreSSL
4 participants
@LocutusOfBorg @koeppea @orbea @asarubbo