-
Notifications
You must be signed in to change notification settings - Fork 100
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Linking against libressl fails for missing symbol UI_null #455
Comments
elseifthen wrote:
I'm trying to build a static version of the xmlsec library (version 1.2.37, currently under Linux). To this end, I built the dependency libraries libxml2 (2.9.10), libxslt (1.1.32) and libressl (3.6.1) locally and configuring seems to find them all, but when I build, I get an error upon linking:
`../src/openssl/.libs/libxmlsec1-openssl.so: undefined reference to `UI_null'`
From what I found, this symbol is only present in the openssl library but not in libressl, yet the defines in app.c seem to suggest it is actually intended work with libressl:
`#if !defined(OPENSSL_NO_ENGINE) && (!defined(XMLSEC_OPENSSL_API_300) || defined(XMLSEC_OPENSSL3_ENGINES))`
libressl with engines? No! This functionality is cut off.
Try to build with defined OPENSSL_NO_ENGINE.
Did you manage to build 1.2.37 against libressl 3.6.1? (I had initially tried to build against libressl 3.0.0 but there was another symbol missing, namely ASN1_TIME_to_tm)
Yes build with "compatible" libraries is like gambling.
Regards,
Roumen Petrov
|
Something is fishy here -- if you can compile the code with UI_null() then compiler found definition of UI_null somewhere. If UI_null is not present in libressl I would expect it to fail at compile time, not at the link time. I don't test against all OpenSSL forks but I gladly accept PRs / patches to make it work :) Aleksey |
@lsh123 : Apparently the compiler (gcc 8.3.1) takes UI_null as an implicit function declaration:
@petrovr : I did |
Ah that makes sense. You didn't mention any compilation errors so I was surprised. PR #456 should fix this issue. However quite a few xmlsec tests fail with recent libressl because tests use old (small) keys and libressl has very strong opinion about it. I am going to fix the test keys but it might take a little while. |
great, thanks for letting me know. as I said, bunch of tests are failing because of key size --> you can ignore those for now |
Hi,
elseifthen wrote:
...
@petrovr : I tried to ` export OPENSSL_NO_ENGINE=1` and reconfigure/rebuild ..
CPPFLAGS=-DOPENSSL_NO_ENGINE .../configure ....
Regards,
Roumen Petrov
|
libressl doesn't like RSA keys < 1024 bits (see issue #455)
I've tried it with CFLAGS but I also had to safeguard the inclusion of the engine.h header because I got the error I mentioned in my edited comment ("error ENGINE is disabled."; see #455 (comment)). |
I'm trying to build a static version of the xmlsec library (version 1.2.37, currently under Linux). To this end, I built the dependency libraries libxml2 (2.9.10), libxslt (1.1.32) and libressl (3.6.1) locally and configuring seems to find them all, but when I build, I get an error upon linking:
../src/openssl/.libs/libxmlsec1-openssl.so: undefined reference to
UI_null'`From what I found, this symbol is only present in the openssl library but not in libressl, yet the defines in app.c seem to suggest it is actually intended work with libressl:
#if !defined(OPENSSL_NO_ENGINE) && (!defined(XMLSEC_OPENSSL_API_300) || defined(XMLSEC_OPENSSL3_ENGINES))
Did you manage to build 1.2.37 against libressl 3.6.1? (I had initially tried to build against libressl 3.0.0 but there was another symbol missing, namely ASN1_TIME_to_tm)
The text was updated successfully, but these errors were encountered: