New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

openssl 1.1.0 binding issue #1758

Closed
burner opened this Issue May 12, 2017 · 7 comments

Comments

Projects
None yet
5 participants
@burner
Contributor

burner commented May 12, 2017

Openssl made the jump to 1.1.0 they removed some symbols. Which makes it impossible to use on arch linux without some non sustainable hacks.

CRYPTO_num_locks'CRYPTO_set_id_callback'
CRYPTO_set_locking_callback'SSL_get_ex_new_index'
SSL_library_init'SSL_load_error_strings'
SSLv23_client_method'SSLv23_server_method'

deimos is out of date and without git version tags.
I looked into creating bindings with dstep, but thats gone be a real pain.
IMHO it might be easier to create the definitions we need from openssl ourself and drop the deimos binding. Comments?

@wilzbach

This comment has been minimized.

Show comment
Hide comment
@wilzbach

wilzbach May 12, 2017

Contributor

Openssl made the jump to 1.1.0 they removed some symbols. Which makes it impossible to use on arch linux without some non sustainable hacks.

There are two simple "hacks" to solve the problem temporarily:

  • versions "Have_Botan"
  • versions "VibeNoSSL" (and use Nginx etc. as reverse proxy)
Contributor

wilzbach commented May 12, 2017

Openssl made the jump to 1.1.0 they removed some symbols. Which makes it impossible to use on arch linux without some non sustainable hacks.

There are two simple "hacks" to solve the problem temporarily:

  • versions "Have_Botan"
  • versions "VibeNoSSL" (and use Nginx etc. as reverse proxy)
@burner

This comment has been minimized.

Show comment
Hide comment
@burner

burner May 12, 2017

Contributor

requestHTTP might need https as well. I'm not sure how to use nginx for that.
At some point we need update openssl or drop it. And dropping it is not really an option IMO.

Contributor

burner commented May 12, 2017

requestHTTP might need https as well. I'm not sure how to use nginx for that.
At some point we need update openssl or drop it. And dropping it is not really an option IMO.

@s-ludwig

This comment has been minimized.

Show comment
Hide comment
@s-ludwig

s-ludwig May 12, 2017

Member

Are there any known examples of how to properly achieve the same effect that those functions have with 1.1.x? To be honest that's the main roadblock - documentation is awful, code is awful and it's more or less impossible to get the initialization sequence right without an example.

Updating the Deimos headers indeed doesn't sound like fun. The huge mess that the OpenSSL code base is presumably makes that quite a PITA. BTW, I had to clone the Deimos repository anyway to be able to make version tags a reality. There have been no responses in the main repository.

Member

s-ludwig commented May 12, 2017

Are there any known examples of how to properly achieve the same effect that those functions have with 1.1.x? To be honest that's the main roadblock - documentation is awful, code is awful and it's more or less impossible to get the initialization sequence right without an example.

Updating the Deimos headers indeed doesn't sound like fun. The huge mess that the OpenSSL code base is presumably makes that quite a PITA. BTW, I had to clone the Deimos repository anyway to be able to make version tags a reality. There have been no responses in the main repository.

@burner

This comment has been minimized.

Show comment
Hide comment
@burner

burner May 12, 2017

Contributor

yeah openssl init looks like a big mess.
void SSL_load_error_strings() {} does not do anything anymore for example

I might have some time on Sunday to see if I can get dstep+vim to get a new version up and running

Contributor

burner commented May 12, 2017

yeah openssl init looks like a big mess.
void SSL_load_error_strings() {} does not do anything anymore for example

I might have some time on Sunday to see if I can get dstep+vim to get a new version up and running

@CyberShadow

This comment has been minimized.

Show comment
Hide comment
@CyberShadow

CyberShadow May 12, 2017

Contributor

There have been no responses in the main repository.

Just ping someone (with the necessary privileges), sheesh :)

Contributor

CyberShadow commented May 12, 2017

There have been no responses in the main repository.

Just ping someone (with the necessary privileges), sheesh :)

@CyberShadow

This comment has been minimized.

Show comment
Hide comment
@CyberShadow

CyberShadow May 12, 2017

Contributor

FWIW, I would certainly be thankful for an update to the Deimos bindings, since I use those in ae! Right now I have to link DFeed against openssl 1.0.0 explicitly.

Contributor

CyberShadow commented May 12, 2017

FWIW, I would certainly be thankful for an update to the Deimos bindings, since I use those in ae! Right now I have to link DFeed against openssl 1.0.0 explicitly.

@MartinNowak

This comment has been minimized.

Show comment
Hide comment
@MartinNowak

MartinNowak Aug 3, 2017

Contributor

Duplicate of #1748

Contributor

MartinNowak commented Aug 3, 2017

Duplicate of #1748

@s-ludwig s-ludwig closed this in 44ee1ad Aug 12, 2017

s-ludwig added a commit that referenced this issue Mar 18, 2018

s-ludwig added a commit that referenced this issue Apr 25, 2018

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment