|Subject:||Build fails under LibreSSL 2.9 (OpenBSD 6.5)|
OpenBSD 6.5 just came out, and I was trying to configure a custom-built Perl the way I wanted. Under that OS, Net::SSLeay failed to build. Specifically, the compilation of SSLeay.c failed, with the error no member named 'tmp' in 'struct ssl3_state_st' It appears that the relevant structures are no longer exposed as of LibreSSL 2.9. Specifically, s->s3->tmp.new_mac_secret_size became something like s->s3->internal->tmp.new_mac_secret_size. The "internal" item is defined as struct ssl3_state_internal_st but this is defined in ssl/ssl_locl.h in the LibreSSL kit, and included via #include "ssl/ssl_locl.h" The ssl_locl.h header appears not to be installed when LibreSSL is. I have worked out a patch that at least compiles. With this patch applied, Net::SSLeay passes all tests under Perl 5.28.2 under OpenBSD 6.5 (32 bit), OpenBSD 6.4 (32 bit), XUbuntu 18.04 (64 bit), and macOS 10.14.4 Mojave. But I can not verify that the patch actually works, because I have been unable to get anything but -1 out of get_keyblock_size(). I am probably calling it incorrectly -- I found the documentation a bit obscure, but thought that $ perl -MNet::SSLeay -E 'say Net::SSLeay::get_keyblock_size( Net::SSLeay::new( Net::SSLeay::CTX_new() ) );' might work. Is this the correct way to call it? I have attached a log of the original error (as make.log) and the referred-to patch. The patch is against Net-SSLeay-1.85.tar.gz, because I was unable to access svn://svn.debian.org/svn/net-ssleay.
--- SSLeay.old 2019-05-05 23:26:44.000000000 -0400 +++ SSLeay.xs 2019-05-05 23:26:01.000000000 -0400 @@ -5681,8 +5681,10 @@ int md_size = -1; c = s->enc_read_ctx->cipher; #if OPENSSL_VERSION_NUMBER >= 0x10001000L +#if LIBRESSL_VERSION_NUMBER < 0x20900000L if (s->s3) md_size = s->s3->tmp.new_mac_secret_size; +#endif #elif OPENSSL_VERSION_NUMBER >= 0x00909000L h = EVP_MD_CTX_md(s->read_hash); md_size = EVP_MD_size(h);
Message body not shown because it is not plain text.