Date: Sun, 25 Apr 2021 20:57:05 +0200 From: Franco Fichtner <franco@lastsummer.de> To: Gena Gulchin <gena.gulchin@gmail.com> Cc: strongswan@nanoteq.com, ports@freebsd.org Subject: Re: FreeBSD Port: strongswan-5.9.2_1 Message-ID: <6E03B0A0-9F13-4541-B041-6E09B1C36603@lastsummer.de> In-Reply-To: <8FAB0468-E35D-4601-A60B-A8276407A2C6@gmail.com> References: <8FAB0468-E35D-4601-A60B-A8276407A2C6@gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi, Strongswan authors have no interest in supporting LibreSSL and patching it i= n the code #ifdef maze is really difficult since it checks OpenSSL version n= umbers which for LibreSSL looks like the most modern OpenSSL Release. Cheers, Franco > On 25. Apr 2021, at 20:41, Gena Gulchin <gena.gulchin@gmail.com> wrote: >=20 > =EF=BB=BFGood morning!=20 >=20 > I=E2=80=99m having problems building strongSwan 5.9.2 IPSec on FreeBSD 13 a= nd LibreSSL 3.2.5 >=20 > Contents of my /etc/make.conf: > OPENSSL_PORT=3D security/libressl > DEFAULT_VERSIONS+=3Dssl=3Dlibressl >=20 >=20 > I have searched the internet for solution and tried applying various patch= es but to no avail.=20 >=20 > Much appreciate your help on this matter!=20 >=20 > Below is the build log >=20 >=20 > (apologies for the long paste): >=20 > =E2=80=94=E2=80=94=E2=80=94=E2=80=94=E2=80=94=E2=80=94=E2=80=94=E2=80=94=E2= =80=94=E2=80=94=E2=80=94=E2=80=94=E2=80=94=E2=80=94=E2=80=94=E2=80=94=E2=80=94= =E2=80=94=E2=80=94=E2=80=94=E2=80=94=E2=80=94=E2=80=94=E2=80=94=E2=80=94=E2=80= =94=E2=80=94=E2=80=94=E2=80=94=E2=80=94=E2=80=94=E2=80=948<-----------------= ------------------------------------------------------- > --- openssl_rng.lo --- > openssl_rng.c:61:20: warning: passing 'char *' to parameter of type 'unsig= ned char *' converts between pointers to integer types with different sign [= -Wpointer-sign] > return RAND_bytes((char*)buffer, bytes) =3D=3D 1; > ^~~~~~~~~~~~~ > /usr/local/include/openssl/rand.h:93:32: note: passing argument to paramet= er 'buf' here > int RAND_bytes(unsigned char *buf, int num); > ^ > 1 warning generated. > --- openssl_ed_private_key.lo --- > openssl_ed_private_key.c:89:6: warning: implicit declaration of function '= EVP_DigestSign' is invalid in C99 [-Wimplicit-function-declaration] > if (EVP_DigestSign(ctx, NULL, &signature->len, data.ptr, data.len) <= =3D 0) > ^ > openssl_ed_private_key.c:135:7: warning: implicit declaration of function '= EVP_PKEY_get_raw_public_key' is invalid in C99 [-Wimplicit-function-declarat= ion] > if (!EVP_PKEY_get_raw_public_key(this->key, NULL, &key.len)) > ^ > --- openssl_xof.lo --- > openssl_xof.c:82:7: warning: implicit declaration of function 'EVP_DigestFi= nalXOF' is invalid in C99 [-Wimplicit-function-declaration] > if (EVP_DigestFinalXOF(this->ctx, data.ptr, data.len) =3D=3D= 1) > ^ > --- openssl_rsa_private_key.lo --- > openssl_rsa_private_key.c:318:52: warning: passing 'char *' to parameter o= f type 'unsigned char *' converts between pointers to integer types with dif= ferent sign [-Wpointer-sign] > len =3D RSA_private_decrypt(crypto.len, crypto.ptr, decrypted, > ^~~~~~~~~ > /usr/local/include/openssl/rsa.h:339:20: note: passing argument to paramet= er 'to' here > unsigned char *to, RSA *rsa, int padding); > ^ > openssl_rsa_private_key.c:326:24: warning: passing 'char *' to parameter o= f type 'u_char *' (aka 'unsigned char *') converts between pointers to integ= er types with different sign [-Wpointer-sign] > *plain =3D chunk_create(decrypted, len); > ^~~~~~~~~ > ../../../../src/libstrongswan/utils/chunk.h:57:44: note: passing argument t= o parameter 'ptr' here > static inline chunk_t chunk_create(u_char *ptr, size_t len) > ^ > --- openssl_xof.lo --- > openssl_xof.c:140:9: warning: implicit declaration of function 'EVP_shake1= 28' is invalid in C99 [-Wimplicit-function-declaration] > md =3D EVP_shake128(); > ^ > openssl_xof.c:140:7: warning: incompatible integer to pointer conversion a= ssigning to 'const EVP_MD *' (aka 'const struct env_md_st *') from 'int' [-W= int-conversion] > md =3D EVP_shake128(); > ^ ~~~~~~~~~~~~~~ > openssl_xof.c:143:9: warning: implicit declaration of function 'EVP_shake2= 56' is invalid in C99 [-Wimplicit-function-declaration] > md =3D EVP_shake256(); > ^ > openssl_xof.c:143:7: warning: incompatible integer to pointer conversion a= ssigning to 'const EVP_MD *' (aka 'const struct env_md_st *') from 'int' [-W= int-conversion] > --- openssl_ec_diffie_hellman.lo --- > openssl_ec_diffie_hellman.c:216:3: warning: implicit declaration of functi= on 'EVP_PKEY_set1_tls_encodedpoint' is invalid in C99 [-Wimplicit-function-d= eclaration] > --- openssl_xof.lo --- > md =3D EVP_shake256(); > ^ ~~~~~~~~~~~~~~ > --- openssl_ec_diffie_hellman.lo --- > EVP_PKEY_set1_tls_encodedpoint(pub, value.ptr, value.len) <= =3D 0) > ^ > openssl_ec_diffie_hellman.c:245:12: warning: implicit declaration of funct= ion 'EVP_PKEY_get1_tls_encodedpoint' is invalid in C99 [-Wimplicit-function-= declaration] > pub.len =3D EVP_PKEY_get1_tls_encodedpoint(this->key, &pub.ptr); > ^ > --- openssl_aead.lo --- > openssl_aead.c:289:21: warning: implicit declaration of function 'EVP_chac= ha20_poly1305' is invalid in C99 [-Wimplicit-function-declaration] > this->cipher =3D EVP_chacha20_poly1= 305(); > ^ > openssl_aead.c:289:19: warning: incompatible integer to pointer conversion= assigning to 'const EVP_CIPHER *' (aka 'const struct evp_cipher_st *') from= 'int' [-Wint-conversion] > this->cipher =3D EVP_chacha20_poly1= 305(); > ^ ~~~~~~~~~~~~~~~~~~~~= ~~~ > --- openssl_rsa_private_key.lo --- > openssl_rsa_private_key.c:625:7: warning: implicit declaration of function= 'BN_secure_new' is invalid in C99 [-Wimplicit-function-declaration] > *p =3D BN_secure_new(); > ^ > openssl_rsa_private_key.c:625:5: warning: incompatible integer to pointer c= onversion assigning to 'BIGNUM *' (aka 'struct bignum_st *') from 'int' [-Wi= nt-conversion] > *p =3D BN_secure_new(); > ^ ~~~~~~~~~~~~~~~ > openssl_rsa_private_key.c:632:5: warning: incompatible integer to pointer c= onversion assigning to 'BIGNUM *' (aka 'struct bignum_st *') from 'int' [-Wi= nt-conversion] > *q =3D BN_secure_new(); > ^ ~~~~~~~~~~~~~~~ > openssl_rsa_private_key.c:669:8: warning: implicit declaration of function= 'BN_secure_new' is invalid in C99 [-Wimplicit-function-declaration] > res =3D BN_secure_new(); > ^ > openssl_rsa_private_key.c:669:6: warning: incompatible integer to pointer c= onversion assigning to 'BIGNUM *' (aka 'struct bignum_st *') from 'int' [-Wi= nt-conversion] > res =3D BN_secure_new(); > ^ ~~~~~~~~~~~~~~~ > --- openssl_ed_private_key.lo --- > openssl_ed_private_key.c:251:8: error: use of undeclared identifier 'EVP_P= KEY_X25519' > case EVP_PKEY_X25519: > ^ > --- openssl_rsa_private_key.lo --- > openssl_rsa_private_key.c:698:8: warning: implicit declaration of function= 'BN_secure_new' is invalid in C99 [-Wimplicit-function-declaration] > res =3D BN_secure_new(); > ^ > openssl_rsa_private_key.c:698:6: warning: incompatible integer to pointer c= onversion assigning to 'BIGNUM *' (aka 'struct bignum_st *') from 'int' [-Wi= nt-conversion] > res =3D BN_secure_new(); > ^ ~~~~~~~~~~~~~~~ > --- openssl_x_diffie_hellman.lo --- > openssl_x_diffie_hellman.c:67:11: error: use of undeclared identifier 'EVP= _PKEY_X25519' > return EVP_PKEY_X25519; > ^ > --- openssl_ed_private_key.lo --- > openssl_ed_private_key.c:254:8: error: use of undeclared identifier 'EVP_P= KEY_X448' > case EVP_PKEY_X448: > ^ > openssl_ed_private_key.c:339:10: warning: implicit declaration of function= 'EVP_PKEY_new_raw_private_key' is invalid in C99 [-Wimplicit-function-decla= ration] > key =3D EVP_PKEY_new_raw_private_key(openssl_ed_key= _type(type), NULL, > ^ > openssl_ed_private_key.c:339:8: warning: incompatible integer to pointer c= onversion assigning to 'EVP_PKEY *' (aka 'struct evp_pkey_st *') from 'int' [= -Wint-conversion] > key =3D EVP_PKEY_new_raw_private_key(openssl_ed_key= _type(type), NULL, > ^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~= ~~~~~~~~~~~~~~~~ > 4 warnings and 2 errors generated. > --- openssl_x_diffie_hellman.lo --- > openssl_x_diffie_hellman.c:69:11: error: use of undeclared identifier 'EVP= _PKEY_X448' > return EVP_PKEY_X448; > ^ > openssl_x_diffie_hellman.c:85:9: warning: implicit declaration of function= 'EVP_PKEY_new_raw_public_key' is invalid in C99 [-Wimplicit-function-declar= ation] > pub =3D EVP_PKEY_new_raw_public_key(map_key_type(this->group), NUL= L, > ^ > openssl_x_diffie_hellman.c:85:6: warning: incompatible integer to pointer c= onversion assigning to 'EVP_PKEY *' (aka 'struct evp_pkey_st *') from 'int' [= -Wint-conversion] > pub =3D EVP_PKEY_new_raw_public_key(map_key_type(this->group), NUL= L, > ^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~= > openssl_x_diffie_hellman.c:113:7: warning: implicit declaration of functio= n 'EVP_PKEY_get_raw_public_key' is invalid in C99 [-Wimplicit-function-decla= ration] > if (!EVP_PKEY_get_raw_public_key(this->key, NULL, &len)) > ^ > openssl_x_diffie_hellman.c:132:14: warning: implicit declaration of functi= on 'EVP_PKEY_new_raw_private_key' is invalid in C99 [-Wimplicit-function-dec= laration] > this->key =3D EVP_PKEY_new_raw_private_key(map_key_type(this->group= ), NULL, > ^ > --- openssl_ed_private_key.lo --- > *** [openssl_ed_private_key.lo] Error code 1 >=20 > make[7]: stopped in /usr/ports/security/strongswan/work/strongswan-5.9.2/s= rc/libstrongswan/plugins/openssl > --- openssl_x_diffie_hellman.lo --- > openssl_x_diffie_hellman.c:132:12: warning: incompatible integer to pointe= r conversion assigning to 'EVP_PKEY *' (aka 'struct evp_pkey_st *') from 'in= t' [-Wint-conversion] > this->key =3D EVP_PKEY_new_raw_private_key(map_key_type(this->group= ), NULL, > ^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~= ~~~~~~ > 5 warnings and 2 errors generated. > *** [openssl_x_diffie_hellman.lo] Error code 1 >=20 > make[7]: stopped in /usr/ports/security/strongswan/work/strongswan-5.9.2/s= rc/libstrongswan/plugins/openssl > --- openssl_rsa_public_key.lo --- > openssl_rsa_public_key.c:139:57: warning: passing 'char *' to parameter of= type 'unsigned char *' converts between pointers to integer types with diff= erent sign [-Wpointer-sign] > len =3D RSA_public_decrypt(signature.len, signature.ptr, buf, this-= >rsa, > ^~~ > /usr/local/include/openssl/rsa.h:337:20: note: passing argument to paramet= er 'to' here > unsigned char *to, RSA *rsa, int padding); > ^ > openssl_rsa_public_key.c:143:49: warning: passing 'char *' to parameter of= type 'u_char *' (aka 'unsigned char *') converts between pointers to intege= r types with different sign [-Wpointer-sign] > valid =3D chunk_equals_const(data, chunk_create(buf, len));= > ^~~ > ../../../../src/libstrongswan/utils/chunk.h:57:44: note: passing argument t= o parameter 'ptr' here > static inline chunk_t chunk_create(u_char *ptr, size_t len) > ^ > openssl_rsa_public_key.c:319:49: warning: passing 'char *' to parameter of= type 'unsigned char *' converts between pointers to integer types with diff= erent sign [-Wpointer-sign] > len =3D RSA_public_encrypt(plain.len, plain.ptr, encrypted, > ^~~~~~~~~ > /usr/local/include/openssl/rsa.h:333:20: note: passing argument to paramet= er 'to' here > unsigned char *to, RSA *rsa, int padding); > ^ > openssl_rsa_public_key.c:327:25: warning: passing 'char *' to parameter of= type 'u_char *' (aka 'unsigned char *') converts between pointers to intege= r types with different sign [-Wpointer-sign] > *crypto =3D chunk_create(encrypted, len); > ^~~~~~~~~ > ../../../../src/libstrongswan/utils/chunk.h:57:44: note: passing argument t= o parameter 'ptr' here > static inline chunk_t chunk_create(u_char *ptr, size_t len) > ^ > --- openssl_xof.lo --- > 5 warnings generated. > --- openssl_crl.lo --- > openssl_crl.c:332:8: warning: implicit declaration of function 'i2d_re_X50= 9_CRL_tbs' is invalid in C99 [-Wimplicit-function-declaration] > tbs =3D openssl_i2chunk(re_X509_CRL_tbs, this->crl); > ^ > ./openssl_util.h:105:16: note: expanded from macro 'openssl_i2chunk' > int len =3D i2d_##type(obj, NULL); \= > ^ > <scratch space>:68:1: note: expanded from here > i2d_re_X509_CRL_tbs > ^ > --- openssl_util.lo --- > openssl_util.c:203:32: warning: implicit declaration of function 'OBJ_get0= _data' is invalid in C99 [-Wimplicit-function-declaration] > return chunk_create((u_char*)OBJ_get0_data(asn1), OBJ_lengt= h(asn1)); > ^ > openssl_util.c:203:23: warning: cast to 'u_char *' (aka 'unsigned char *')= from smaller integer type 'int' [-Wint-to-pointer-cast] > return chunk_create((u_char*)OBJ_get0_data(asn1), OBJ_lengt= h(asn1)); > ^~~~~~~~~~~~~~~~~~~~~~~~~~~~ > openssl_util.c:203:53: warning: implicit declaration of function 'OBJ_leng= th' is invalid in C99 [-Wimplicit-function-declaration] > return chunk_create((u_char*)OBJ_get0_data(asn1), OBJ_lengt= h(asn1)); > ^ > --- openssl_ec_private_key.lo --- > openssl_ec_private_key.c:138:53: warning: passing 'int *' to parameter of t= ype 'unsigned int *' converts between pointers to integer types with differe= nt sign [-Wpointer-sign] > built =3D ECDSA_sign(0, hash.ptr, hash.len, sig.ptr, &siglen, this-= >ec) =3D=3D 1; > ^~~~~~~ > /usr/local/include/openssl/ecdsa.h:231:39: note: passing argument to param= eter 'siglen' here > unsigned char *sig, unsigned int *siglen, EC_KEY *eckey); > ^ > --- openssl_aead.lo --- > 2 warnings generated. > --- openssl_ec_diffie_hellman.lo --- > 2 warnings generated. > --- openssl_ed_public_key.lo --- > openssl_ed_public_key.c:62:11: error: use of undeclared identifier 'EVP_PK= EY_ED25519'; did you mean 'KEY_ED25519'? > return EVP_PKEY_ED25519; > ^~~~~~~~~~~~~~~~ > KEY_ED25519 > ../../../../src/libstrongswan/credentials/keys/public_key.h:47:2: note: 'K= EY_ED25519' declared here > KEY_ED25519 =3D 4, > ^ > openssl_ed_public_key.c:64:11: error: use of undeclared identifier 'EVP_PK= EY_ED448' > return EVP_PKEY_ED448; > ^ > openssl_ed_public_key.c:109:3: warning: implicit declaration of function '= EVP_DigestVerify' is invalid in C99 [-Wimplicit-function-declaration] > EVP_DigestVerify(ctx, signature.ptr, signature.len, > ^ > openssl_ed_public_key.c:151:9: warning: implicit declaration of function '= EVP_PKEY_get_raw_public_key' is invalid in C99 [-Wimplicit-function-declarat= ion] > if (!EVP_PKEY_get_raw_public_key(key, NULL, &blob.l= en)) > ^ > openssl_ed_public_key.c:283:9: warning: implicit declaration of function '= EVP_PKEY_new_raw_public_key' is invalid in C99 [-Wimplicit-function-declarat= ion] > key =3D EVP_PKEY_new_raw_public_key(openssl_ed_key_type(typ= e), NULL, > ^ > openssl_ed_public_key.c:283:7: warning: incompatible integer to pointer co= nversion assigning to 'EVP_PKEY *' (aka 'struct evp_pkey_st *') from 'int' [= -Wint-conversion] > key =3D EVP_PKEY_new_raw_public_key(openssl_ed_key_type(typ= e), NULL, > ^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~= ~~~~~~~ > --- openssl_plugin.lo --- > openssl_plugin.c:319:10: error: use of undeclared identifier 'EVP_PKEY_ED2= 5519'; did you mean 'KEY_ED25519'? > case EVP_PKEY_ED25519: > ^~~~~~~~~~~~~~~~ > KEY_ED25519 > ../../../../src/libstrongswan/credentials/keys/public_key.h:47:2: note: 'K= EY_ED25519' declared here > KEY_ED25519 =3D 4, > ^ > --- openssl_ed_public_key.lo --- > 4 warnings and 2 errors generated. > --- openssl_plugin.lo --- > openssl_plugin.c:320:10: error: use of undeclared identifier 'EVP_PKEY_ED4= 48' > case EVP_PKEY_ED448: > ^ > --- openssl_ed_public_key.lo --- > *** [openssl_ed_public_key.lo] Error code 1 >=20 > make[7]: stopped in /usr/ports/security/strongswan/work/strongswan-5.9.2/s= rc/libstrongswan/plugins/openssl > --- openssl_x509.lo --- > openssl_x509.c:431:8: warning: implicit declaration of function 'i2d_re_X5= 09_tbs' is invalid in C99 [-Wimplicit-function-declaration] > tbs =3D openssl_i2chunk(re_X509_tbs, this->x509); > ^ > ./openssl_util.h:105:16: note: expanded from macro 'openssl_i2chunk' > int len =3D i2d_##type(obj, NULL); \= > ^ > <scratch space>:71:1: note: expanded from here > i2d_re_X509_tbs > ^ > --- openssl_util.lo --- > 3 warnings generated. > --- openssl_plugin.lo --- > openssl_plugin.c:471:8: error: use of undeclared identifier 'EVP_PKEY_ED25= 519'; did you mean 'KEY_ED25519'? > case EVP_PKEY_ED25519: > ^~~~~~~~~~~~~~~~ > KEY_ED25519 > ../../../../src/libstrongswan/credentials/keys/public_key.h:47:2: note: 'K= EY_ED25519' declared here > KEY_ED25519 =3D 4, > ^ > openssl_plugin.c:472:8: error: use of undeclared identifier 'EVP_PKEY_ED44= 8' > case EVP_PKEY_ED448: > ^ > 4 errors generated. > *** [openssl_plugin.lo] Error code 1 >=20 > make[7]: stopped in /usr/ports/security/strongswan/work/strongswan-5.9.2/s= rc/libstrongswan/plugins/openssl > --- openssl_crl.lo --- > 1 warning generated. > --- openssl_ec_private_key.lo --- > 1 warning generated. > --- openssl_rsa_public_key.lo --- > 4 warnings generated. > --- openssl_rsa_private_key.lo --- > 9 warnings generated. > --- openssl_x509.lo --- > 1 warning generated. > 4 errors >=20 > make[7]: stopped in /usr/ports/security/strongswan/work/strongswan-5.9.2/s= rc/libstrongswan/plugins/openssl >=20 > make[6]: stopped in /usr/ports/security/strongswan/work/strongswan-5.9.2/s= rc/libstrongswan >=20 > make[5]: stopped in /usr/ports/security/strongswan/work/strongswan-5.9.2/s= rc/libstrongswan >=20 > make[4]: stopped in /usr/ports/security/strongswan/work/strongswan-5.9.2/s= rc >=20 > make[3]: stopped in /usr/ports/security/strongswan/work/strongswan-5.9.2 >=20 > make[2]: stopped in /usr/ports/security/strongswan/work/strongswan-5.9.2 > =3D=3D=3D> Compilation failed unexpectedly. > Try to set MAKE_JOBS_UNSAFE=3Dyes and rebuild before reporting the failure= to > the maintainer. > *** Error code 1 >=20 > Stop. > make[1]: stopped in /usr/ports/security/strongswan > *** Error code 1 >=20 > Stop. > make: stopped in /usr/ports/security/strongswan >=20 >=20 > =E2=80=94=E2=80=94=E2=80=94=E2=80=94=E2=80=94=E2=80=94=E2=80=94=E2=80=94=E2= =80=94=E2=80=94=E2=80=94=E2=80=94=E2=80=94=E2=80=94=E2=80=94=E2=80=94=E2=80=94= =E2=80=94=E2=80=94=E2=80=94=E2=80=94=E2=80=94=E2=80=94=E2=80=94=E2=80=94=E2=80= =94=E2=80=94=E2=80=94=E2=80=94=E2=80=94=E2=80=94=E2=80=948<-----------------= ------------------------------------------------------- >=20 >=20 > Thank you again for your help! >=20 > =E2=80=94Gena >=20 >=20 > _______________________________________________ > freebsd-ports@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-ports > To unsubscribe, send any mail to "freebsd-ports-unsubscribe@freebsd.org"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?6E03B0A0-9F13-4541-B041-6E09B1C36603>