Incompatibility with newer OpenSSL versions

[wxprospero]

I have OpenSSL (EDIT: it's 3, not 1.3) (openssl-devel 3.0.8-1.fc36) on Fedora 36, and get the error below when running make. The issue is that trantor is using a number of deprecated, and apparently since removed, OpenSSL functions, including SSL_library_init(). Is there any easy way to disable the use of OpenSSL?

[ 52%] Linking CXX executable client
/usr/bin/ld: ../trantor/libtrantor.a(OpenSSLProvider.cc.o): in function `sslInitFlag::{lambda()#1}::operator()() const':
OpenSSLProvider.cc:(.text+0x19): undefined reference to `SSL_library_init'
/usr/bin/ld: OpenSSLProvider.cc:(.text+0x1e): undefined reference to `OPENSSL_add_all_algorithms_noconf'
/usr/bin/ld: OpenSSLProvider.cc:(.text+0x23): undefined reference to `SSL_load_error_strings'
/usr/bin/ld: OpenSSLProvider.cc:(.text+0x2d): undefined reference to `ERR_load_crypto_strings'
/usr/bin/ld: ../trantor/libtrantor.a(OpenSSLProvider.cc.o): in function `internal::verifyAltName(x509_st*, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const&)':
OpenSSLProvider.cc:(.text._ZN8internal13verifyAltNameEP7x509_stRKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEE[_ZN8internal13verifyAltNameEP7x509_stRKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEE]+0x53): undefined reference to `sk_num'
/usr/bin/ld: OpenSSLProvider.cc:(.text._ZN8internal13verifyAltNameEP7x509_stRKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEE[_ZN8internal13verifyAltNameEP7x509_stRKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEE]+0x73): undefined reference to `sk_value'
/usr/bin/ld: ../trantor/libtrantor.a(OpenSSLProvider.cc.o): in function `trantor::SSLContext::SSLContext(bool, std::vector<std::pair<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > >, std::allocator<std::pair<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > > > > const&, bool)':
OpenSSLProvider.cc:(.text._ZN7trantor10SSLContextC2EbRKSt6vectorISt4pairINSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEES8_ESaIS9_EEb[_ZN7trantor10SSLContextC5EbRKSt6vectorISt4pairINSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEES8_ESaIS9_EEb]+0x4c): undefined reference to `SSLv23_method'
/usr/bin/ld: OpenSSLProvider.cc:(.text._ZN7trantor10SSLContextC2EbRKSt6vectorISt4pairINSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEES8_ESaIS9_EEb[_ZN7trantor10SSLContextC5EbRKSt6vectorISt4pairINSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEES8_ESaIS9_EEb]+0x135): undefined reference to `SSL_CTX_set_min_proto_version'
/usr/bin/ld: ../trantor/libtrantor.a(OpenSSLProvider.cc.o): in function `OpenSSLProvider::recvData(trantor::MsgBuffer*)':
OpenSSLProvider.cc:(.text._ZN15OpenSSLProvider8recvDataEPN7trantor9MsgBufferE[_ZN15OpenSSLProvider8recvDataEPN7trantor9MsgBufferE]+0x18a): undefined reference to `SSL_state'
/usr/bin/ld: ../trantor/libtrantor.a(OpenSSLProvider.cc.o): in function `OpenSSLProvider::close()':
OpenSSLProvider.cc:(.text._ZN15OpenSSLProvider5closeEv[_ZN15OpenSSLProvider5closeEv]+0x1b): undefined reference to `SSL_state'
/usr/bin/ld: ../trantor/libtrantor.a(OpenSSLProvider.cc.o): in function `OpenSSLProvider::processHandshake()':
OpenSSLProvider.cc:(.text._ZN15OpenSSLProvider16processHandshakeEv[_ZN15OpenSSLProvider16processHandshakeEv]+0x4bf): undefined reference to `SSL_get_peer_certificate'
collect2: error: ld returned 1 exit status
make[2]: *** [examples/CMakeFiles/client.dir/build.make:108: examples/client] Error 1
make[1]: *** [CMakeFiles/Makefile2:293: examples/CMakeFiles/client.dir/all] Error 2
make: *** [Makefile:156: all] Error 2

[marty1885]

@wxprospero I merged a fix for the missing symbols. Can you try again with the latest commit and update submodules?

[wxprospero]

@wxprospero I merged a fix for the missing symbols. Can you try again with the latest commit and update submodules?

I appreciate the prompt response. Unfortunately, there are residual errors:

/usr/bin/ld: ../trantor/libtrantor.a(OpenSSLProvider.cc.o): in function `internal::verifyAltName(x509_st*, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const&)':
OpenSSLProvider.cc:(.text._ZN8internal13verifyAltNameEP7x509_stRKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEE[_ZN8internal13verifyAltNameEP7x509_stRKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEE]+0x53): undefined reference to `sk_num'
/usr/bin/ld: OpenSSLProvider.cc:(.text._ZN8internal13verifyAltNameEP7x509_stRKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEE[_ZN8internal13verifyAltNameEP7x509_stRKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEE]+0x73): undefined reference to `sk_value'
/usr/bin/ld: ../trantor/libtrantor.a(OpenSSLProvider.cc.o): in function `trantor::SSLContext::SSLContext(bool, std::vector<std::pair<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > >, std::allocator<std::pair<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > > > > const&, bool)':
OpenSSLProvider.cc:(.text._ZN7trantor10SSLContextC2EbRKSt6vectorISt4pairINSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEES8_ESaIS9_EEb[_ZN7trantor10SSLContextC5EbRKSt6vectorISt4pairINSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEES8_ESaIS9_EEb]+0x4c): undefined reference to `SSLv23_method'
/usr/bin/ld: OpenSSLProvider.cc:(.text._ZN7trantor10SSLContextC2EbRKSt6vectorISt4pairINSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEES8_ESaIS9_EEb[_ZN7trantor10SSLContextC5EbRKSt6vectorISt4pairINSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEES8_ESaIS9_EEb]+0x135): undefined reference to `SSL_CTX_set_min_proto_version'
/usr/bin/ld: ../trantor/libtrantor.a(OpenSSLProvider.cc.o): in function `OpenSSLProvider::recvData(trantor::MsgBuffer*)':
OpenSSLProvider.cc:(.text._ZN15OpenSSLProvider8recvDataEPN7trantor9MsgBufferE[_ZN15OpenSSLProvider8recvDataEPN7trantor9MsgBufferE]+0x18a): undefined reference to `SSL_state'
/usr/bin/ld: ../trantor/libtrantor.a(OpenSSLProvider.cc.o): in function `OpenSSLProvider::close()':
OpenSSLProvider.cc:(.text._ZN15OpenSSLProvider5closeEv[_ZN15OpenSSLProvider5closeEv]+0x1b): undefined reference to `SSL_state'
/usr/bin/ld: ../trantor/libtrantor.a(OpenSSLProvider.cc.o): in function `OpenSSLProvider::processHandshake()':
OpenSSLProvider.cc:(.text._ZN15OpenSSLProvider16processHandshakeEv[_ZN15OpenSSLProvider16processHandshakeEv]+0x4bf): undefined reference to `SSL_get_peer_certificate'
collect2: error: ld returned 1 exit status
make[2]: *** [examples/CMakeFiles/client.dir/build.make:108: examples/client] Error 1
make[1]: *** [CMakeFiles/Makefile2:293: examples/CMakeFiles/client.dir/all] Error 2
make: *** [Makefile:156: all] Error 2

I looked into the issue myself, but after seeing LibreSSL is supported, I figured, why not use that? So I built LibreSSl locally (instead of replacing the system OpenSSL3 lib), ran "export LD_LIBRARY_PATH=...", and tried rebuilding Drogon, but due to hard-coding of OPENSSL_CRYPTO_LIBRARY:FILEPATH and OPENSSL_SSL_LIBRARY:FILEPATH, that didn't work, so I manually edited them to respect the LibreSSl install path, and the build went fine. So you can close this if you like, or if you prefer I keep testing fixes, that's fine as well.