SSL init #154

mmontone · 2018-03-20T15:17:52Z

I have a problem loading cl-async-ssl:

The alien function "SSL_library_init" is undefined.
   [Condition of type SB-KERNEL::UNDEFINED-ALIEN-FUNCTION-ERROR]

I guess that's because I have libssl-1.0.0 installed, but SSL_library_init does not have that function:

https://www.openssl.org/docs/man1.1.0/ssl/OPENSSL_init_ssl.html

Am I correct?

Strange thing is cl-async-ssl seems to support libssl-1.0.0 in linux, which is what I'm using:

(cffi:define-foreign-library libssl
    (:windows "libssl32.dll")
    (:darwin "libssl.dylib")
    (:openbsd (:or "libssl.so.18.0" "libssl.so.17.1"
                   "libssl.so.16.0" "libssl.so.15.1"))
    (:solaris (:or "/lib/64/libssl.so"
                   "libssl.so.0.9.8" "libssl.so" "libssl.so.4"))
    (:unix (:or "libssl.so.1.0.0" "libssl.so.0.9.8" "libssl.so" "libssl.so.4"))
    (:cygwin "cygssl-1.0.0.dll")
    (t (:default "libssl3")))

To "fix" the load I changed:

(defun ensure-init (&key from-load)
    (unless *ssl-init*
      (cffi:foreign-funcall ("SSL_library_init") :void)
      (cffi:foreign-funcall ("SSL_load_error_strings") :void)
      (cffi:foreign-funcall ("ERR_load_BIO_strings") :void)
      (unless from-load
        (setf *ssl-init* t))))

to:

(defun ensure-init (&key from-load)
    (unless *ssl-init*
      (cffi:foreign-funcall ("OPENSSL_init_ssl") :void)
      ;(cffi:foreign-funcall ("SSL_load_error_strings") :void)
      ;(cffi:foreign-funcall ("ERR_load_BIO_strings") :void)
      (unless from-load
        (setf *ssl-init* t)))))

(it had problems loading SSL_load_error_strings too)

But I havent' tested if this runs correctly yet. In any case, my "fix" is not good.

The text was updated successfully, but these errors were encountered:

foretspaisibles · 2018-03-30T11:23:07Z

I am running into the same issue on a Debian stretch system. Your diagnostic seems better than mine. :)

Could you make any progress on this since you posted the issue?

The function SSL_library_init is not available anymore in libssl 1.0 and onwards. The library uses another mechanism to initialise itself. It does not seem that there is an easy way to determine the version of libssl we have loaded, we therefore rely on the presence of a SSL_library_init foreign symbol to determine wether that function must be called or not. While libssl documentation claims the function SSL_load_error_strings should be present in libssl 1.0 and onwards, it is not, at least on Debian Stretch. We use the same strategy as for SSL_library_init to avoid a spurious call. Reference: https://www.openssl.org/docs/man1.1.0/ssl/OPENSSL_init_ssl.html

foretspaisibles · 2018-05-06T15:07:56Z

@orthecreedence @mmontone Juste a gentle ping on this. :-)

orthecreedence · 2018-05-08T22:29:38Z

Hi, sorry for the lag, I've merged #155 so this should be ready to test now. Cl-async makes the FFI calls directly so you shouldn't need to load any other deps (just do a pull on cl-async#master) and hopefully this will be fixed. Thanks, @michipili for your work on this.

foretspaisibles mentioned this issue Mar 30, 2018

WIP Acknowledge init change for libssl 1 #155

Merged

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

SSL init #154

SSL init #154

mmontone commented Mar 20, 2018

foretspaisibles commented Mar 30, 2018

foretspaisibles commented May 6, 2018

orthecreedence commented May 8, 2018

SSL init #154

SSL init #154

Comments

mmontone commented Mar 20, 2018

foretspaisibles commented Mar 30, 2018

foretspaisibles commented May 6, 2018

orthecreedence commented May 8, 2018