New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Configure openssl #144
Configure openssl #144
Conversation
Script autogen.sh will run required GNU Autotools commands.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks good!
Does the --with-openssl
option work on Linux also?
autogen.sh
Outdated
@@ -0,0 +1,6 @@ | |||
#!/bin/sh | |||
set -ex |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can you add the u
option here? (set -eux
)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I've added it together with the travis CI update
Travis CI configuration file
|
The |
Unfortunately this doesn't work out of the box. I'll debug it asap. |
It fails to detect the location of openssl libraries
|
I have noticed that openfortivpn indeed does not link against openssl 1.1.0. I'm still looking for a way to check the openssl version in the configure script. |
I've added the OpenSSL version check to the configure |
@mrbaseman Just wondering, what does this mean exactly?
Does this mean that openfortivpn should be compatible with openssl 1.1.0 but currently isn't? If so should openfortivpn be fixed? And if so in the source code or in the build infrastructure only? |
@DimitriPapadopoulos on the long term we should support openssl 1.1.x, but for the current issue I just would check if the user who supplies a path to a non-standard openssl installation tries to use a supported one. Most distributions ship patched versions of 1.0.0, 1.0.1 or 1.0.2, but this will also change when upstream support for these ends. A few enterprise versions probably will still backport patches like they currently do for 0.9.8 but that's probably not the standard case. |
configure.ac
Outdated
AC_MSG_CHECKING([that we can build OpenSSL programs]) | ||
AC_COMPILE_IFELSE( | ||
[AC_LANG_PROGRAM([#include <openssl/ssl.h>], | ||
[init_openssl_library()])], |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I have noticed that the init function should read SSL_library_init() - and also this check seems not to work. It silently goes passes and just writes out a warning into config.log:
warning: implicit declaration of function 'init_openssl_library' [-Wimplicit-function-declaration]
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I may be wrong, but I think that we could completely remove this check, because there already is the library check some lines below:
AC_CHECK_LIB([ssl], [SSL_connect], [], [AC_MSG_ERROR([Cannot find libssl.])])
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I decided to keep this test because it is useful to detect and eventual compiler misconfiguration.
@mnencia thanks for adding the version check. I hope that I find more time for a closer look next week |
I've fixed the openssl library function name that we use in the configure check. |
@mnencia Great! Thanks a lot! I have just tested building against a few openssl installations and it works nicely. I think we can merge this into master. The homebrew formula however refers to version 1.3.1 which doesn't contain this pull request. I think it makes sense to tag a new release 1.3.2 then. @adrienverge and @DimitriPapadopoulos what do you think? |
There have been quite a few changes for Mac OS X. Perhaps it's time for a new release indeed. |
Last commit squashed into 3408e41 |
Thanks! v1.4.0 released. |
Closes #143