[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: (ITS#7978) OpenLDAP 2.4 fails to build with LibreSSL
Hi Howard,
Thanks for the pointer. --enable-lmpasswd was indeed enabled in the
FreeBSD port. Notifying maintainer of port to switch it off and
provided a patch for the port.
Hope the patch I created for OpenLDAP is usable after all! Deprecated
code in a function that should not be used, would it not be better to
remove it completely? (or is that violating the RFCs?)
Kind regards,
Bernard.
On Wed, Nov 5, 2014 at 5:48 PM, Howard Chu <hyc@symas.com> wrote:
> spil.oss@gmail.com wrote:
>>
>> Full_Name: Bernard Spil
>> Version: 2.4.40
>> OS: FreeBSD 10.1-RC2
>> URL: ftp://ftp.openldap.org/incoming/
>> Submission from: (NULL) (185.9.255.20)
>>
>>
>> When compiling OpenLDAP against the LibreSSL OpenSSL fork, compilation
>> fails
>> because deprecated types and functions are used. These types and functions
>> have
>> been marked deprecated by OpenSSL since 2002 and moved from des.h to
>> des_old.h.
>> LibreSSL removed these deprecated types and functions in April 2014 see
>>
>> https://github.com/libressl-portable/openbsd/commit/e0d211052a6946b9f8af1123278f89a8403ef960
>>
>>> From the make output:
>
>
> It appears you're compiling with the old LANMAN hash support. Nobody should
> be using LANMAN any more, it's trivially insecure. I'm inclined to ignore
> this ITS.
>>
>>
>> --- passwd.o ---
>> passwd.c:41:9: error: unknown type name 'des_cblock'; did you mean
>> 'DES_cblock'?
>> typedef des_cblock des_key;
>> ^~~~~~~~~~
>> DES_cblock
>> /usr/local/include/openssl/des.h:73:23: note: 'DES_cblock' declared here
>> typedef unsigned char DES_cblock[8];
>> ^
>> passwd.c:42:9: erro3A3A unknown type name 'des_cblock'; did you mean
>> 'DES_cblock'?
>> typedef des_cblock des_data_block;
>> ^~~~~~~~~~
>> DES_cblock
>> /usr/local/include/openssl/des.h:73:23: note: 'DES_cblock' declared here
>> typedef unsigned char DES_cblock[8];
>> ^
>> passwd.c:43:9: error: unknown type name 'des_key_schedule'; did you mean
>> 'DES_key_schedule'?
>> typedef des_key_schedule des_context;
>> ^~~~~~~~~~~~~~~~
>> DES_key_schedule
>> /usr/local/include/openssl/des.h:87:7: note: 'DESeyey_schedule' declared
>> here
>> } DES_key_schedule;
>> ^
>> passwd.c:670:5: warning: implicit declaration of function
>> 'des_set_odd_parity'
>> is invalid in C99 [-Wimplicit-function-declaration]
>> des_set_odd_parity( key );
>> ^
>> passwd.c:867:2: warningA imimplicit declaration of function
>> 'des_set_key_unchecked' is invalid in C99
>> [-Wimplicit-function-declaration]
>> des_set_key_unchecked( &key, schedule );
>> ^
>> passwd.c:868:2: warning: implicit declaration of function
>> 'des_ecb_encrypt' is
>> invalid in C99 [-Wimplicit-function-declaration]
>> des_ecb_encrypt( &StdText, &PasswordHash1, schedule , DES_ENCRYPT
>> );
>> ^
>> 3 warnings and 3 errors generated.
>> *** [passwd.o] Error code 1
>>
>> make[4]: stopped in
>> /usr/ports/net/openldap24-server/work/openldap-2.4.40/libraries/liblutil
>> 1 error
>>
>> make[4]: stopped in
>> /usr/ports/net/openldap24-server/work/openldap-2.4.40/libraries/liblutil
>> *** [all-common] Error code 2
>>
>> make[3]: stopped in
>> /usr/ports/net/openldap24-server/work/openldap-2.4.40/librars%s
>> 1 error
>>
>> make[3]: stopped in
>> /usr/ports/net/openldap24-server/work/openldap-2.4.40/libraries
>> *** [all-common] Error code 2
>>
>> make[2]: stopped in /usr/ports/net/openldap24-server/work/openldap-2.4.40
>> 1 error
>>
>> make[2]: stopped in /u%2/ports/net/openldap24-server/work/openldap-2.4.40
>> ===> Compilation failed unexpectedly.
>> Try to set MAKE_JOBS_UNSAFE=yes and rebuild before reporting the failure
>> to
>> the maintainer.
>> *** Error code 1
>>
>> Stop.
>>
>>
>>
>
>
> --
> -- Howard Chu
> CTO, Symas Corp. http://www.symas.com
> Director, Highland Sun http://highlandsun.com/hyc/
> Chief Architect, OpenLDAP http://www.openldap.org/project/