[noPoll] Compile failure with SSL 1.0.2h
Francis Brosnan Blázquez
francis.brosnan en aspl.es
Jue Jun 9 14:13:04 CEST 2016
Hi Félix,
> I already faced this problem some times ago, but I was waiting for
> the release of the new version of OpenSSL on arch to confirm this.
> I should have reported thus before the new release of noPoll...
> This is observed also with LibreSSL on OS X.
Ok, now with latest changes, this should be no longer a problem.
Please,
let us know if the problem still persists with latest SVN.
> The new, recommended way in OpenSSL is (I think) to use TLS_client_method/TLS_server_method. From the doc :
>
>
> >
> > TLS_method(), TLS_server_method(), TLS_client_method()
> > These are the general-purpose version-flexible SSL/TLS methods. The actual protocol version used will be negotiated to the highest version mutually supported by the client and the server. The supported protocols are SSLv3, TLSv1, TLSv1.1 and TLSv1.2. Applications should use these methods, and avoid the version-specific methods described below.
> >
Yes. I've been playing a bit with this but I see they are
rather new....for example in debian jessie or ubuntu xenial
16.04 they are not available.
Anyhow, they are now supported by noPoll (if present)
by using NOPOLL_METHOD_TLS_FLEXIBLE
>
> I propose for noPoll to use an auto-detection of available methods in
> the autoconf, and to use TLS_{client,server}_method by default if
> available.
> But I am not an OpenSSL expert at all.
Ok, by default we cannot use it. First, because it is not
widely available. Second, because it implies some security
assumptions which can be problematic in certain circumstances
(by using flexible TLS, you are accepting peer can downgrade
the TLS version to the lowest available, for example),
> Moreover, there is a minor issue on OS X :
>
> nopoll-regression-client.c:539:18: error: format specifies type 'long' but the argument has type 'off_t' (aka 'long long') [-Werror,-Wformat]
> total_read, stat_buf.st_size, retries);
> ^~~~~~~~~~~~~~~~
> nopoll-regression-client.c:1220:26: error: format specifies type 'long' but the argument has type '__darwin_suseconds_t' (aka 'int') [-Werror,-Wformat]
> iterator, diff.tv_sec, diff.tv_usec);
> ^~~~~~~~~~~~
>
I think both are fixed (SVN versions already have casts)..
> A simple cast should resolve this issue.
>
> Thanks again Francis for your great job !
>
:-) Thank you very much Félix,
Best Regards,
> Le 26 mai 2016 à 19:36, Chris Severance <aur.severach en spamgourmet.com> a écrit :
> > a écrit :
>
>
> >
https://aur.archlinux.org/packages/nopoll/
> >
> >
> > Not compiling. Something in SSL seems to have changed.
> >
> > % gcc --version
> > gcc (GCC) 6.1.1 20160501
> > Copyright (C) 2016 Free Software Foundation, Inc.
> >
> > % openssl
> > OpenSSL> version
> > OpenSSL 1.0.2h 3 May 2016
> > OpenSSL> quit
> >
> > % gcc ... nopoll_conn.c
> > nopoll_conn.c: In function '__nopoll_conn_get_ssl_context':
> > nopoll_conn.c:550:35: error: implicit declaration of function
> > 'SSLv3_client_method' [-Werror=implicit-function-declaration]
> > return SSL_CTX_new (is_client ? SSLv3_client_method () :
> > SSLv3_server_method ());
> > ^~~~~~~~~~~~~~~~~~~
> > nopoll_conn.c:550:60: error: implicit declaration of function
> > 'SSLv3_server_method' [-Werror=implicit-function-declaration]
> > return SSL_CTX_new (is_client ? SSLv3_client_method () :
> > SSLv3_server_method ());
> > ^~~~~~~~~~~~~~~~~~~
> > nopoll_conn.c:550:23: error: passing argument 1 of 'SSL_CTX_new' makes
> > pointer from integer without a cast [-Werror=int-conversion]
> > return SSL_CTX_new (is_client ? SSLv3_client_method () :
> > SSLv3_server_method ());
> > ^~~~~~~~~
> > In file included from ./nopoll_private.h:46:0,
> > from nopoll_conn.c:50:
> > /usr/include/openssl/ssl.h:2131:10: note: expected 'const SSL_METHOD *
> > {aka const struct ssl_method_st *}' but argument is of type 'int'
> > SSL_CTX *SSL_CTX_new(const SSL_METHOD *meth);
> > ^~~~~~~~~~~
> >
>
>
> ----
> Félix Faisant - xif.fr - PGP Pub Key footprint : CE67 00AE C4C3 2446 032C F89A 4E4F A7AF F464 8355
>
> _______________________________________________
> noPoll mailing list
>
noPoll en lists.aspl.es>
http://lists.aspl.es/cgi-bin/mailman/listinfo/nopoll>
--
Francis Brosnan Blázquez - ASPL
91 134 14 22 - 91 134 14 45 - 91 116 07 57
http://aspl.es
http://asplhosting.com
http://twitter.com/aspl_es
http://twitter.com/asplhosting
AVISO LEGAL
Este mensaje se dirige exclusivamente a su destinatario. Los datos
incluidos en el presente correo son confidenciales y sometidos a secreto
profesional, se prohíbe divulgarlos, en virtud de las leyes vigentes. Si
usted no lo es y lo ha recibido por error o tiene conocimiento del mismo
por cualquier motivo, le rogamos que nos lo comunique por este medio y
proceda a destruirlo o borrarlo.
En virtud de lo dispuesto en la Ley Orgánica 15/1999, de 13 de
diciembre, de Protección de Datos de Carácter Personal, le informamos de
que sus datos de carácter personal, recogidos de fuentes accesibles al
público o datos que usted nos ha facilitado previamente, proceden de
bases de datos propiedad de Advanced Software Production Line, S.L.
(ASPL). No obstante, usted puede ejercitar sus derechos de acceso,
rectificación, cancelación y oposición dispuestos en la mencionada Ley
Orgánica, notificándolo por escrito a:
ASPL - Protección Datos, C/Antonio Suárez 10 A-102, 28802, Alcalá de
Henares (Madrid).
------------ próxima parte ------------
Se ha borrado un adjunto en formato HTML...
URL: <http://lists.aspl.es/pipermail/nopoll/attachments/20160609/84ddf8a3/attachment.html>
Más información sobre la lista de distribución noPoll