Gluon: lede/openwrt does not compile with OpenSSL 1.1

Created on 9 Dec 2016  Â·  7Comments  Â·  Source: freifunk-gluon/gluon

Hello,

I had accidentially updated the ssl-dev package to 1.1 today and ran into the issue described at
https://github.com/openssl/openssl/issues/1491
This holds for the compilation of
host/cmake-3.6.1/Utilities/cmcurl/lib/vtls/openssl.c
and then 

/usr/include/openssl/err.h:246:1: note: declared here
 DEPRECATEDIN_1_1_0(void ERR_remove_thread_state(void *))
 ^
In file included from tools/lib/rsa/rsa-sign.c:1:0:
/home/moeller/gluon/lede/build_dir/host/u-boot-2014.10/lib/rsa/rsa-sign.c: In function ‘rsa_sign_with_key’:
/home/moeller/gluon/lede/build_dir/host/u-boot-2014.10/lib/rsa/rsa-sign.c:213:2: warning: implicit declaration of function ‘EVP_MD_CTX_cleanup’ [-Wimplicit-function-declaration]
  EVP_MD_CTX_cleanup(context);
  ^~~~~~~~~~~~~~~~~~
/home/moeller/gluon/lede/build_dir/host/u-boot-2014.10/lib/rsa/rsa-sign.c: In function ‘rsa_get_exponent’:
/home/moeller/gluon/lede/build_dir/host/u-boot-2014.10/lib/rsa/rsa-sign.c:279:21: error: dereferencing pointer to incomplete type ‘RSA {aka struct rsa_st}’
  if (BN_num_bits(key->e) > 64)
                     ^~
scripts/Makefile.host:134: recipe for target 'tools/lib/rsa/rsa-sign.o' failed

and so I downgraded libssl again. I happily test patches but cannot provide them.

Many thanks

Steffen

picture smoe

Most helpful comment

Debian provides the libssl1.0-dev package for this purpose.

picture NeoRaider on 9 Dec 2016
👍202 🎉1

All 7 comments

I should have said that the above was with the current lede branch and the same was observed with 0.6.2.1 and 0.6.2 while the latter has compiled on the same machine prior to the update of libssl.

smoe picture smoe on 9 Dec 2016

This has been solved in current LEDE upstream, so the issue will disappear the next time I update the Gluon lede branch.

NeoRaider picture NeoRaider on 9 Dec 2016

@For others on Debian with the need to downgrade openssl please look at snapshot.debian.org which is an archive of packages that appeared on Debian's servers in the past. Your /etc/apt/sources.list file may then have an extra line like

EDIT by admin:
this suggestion leaves you with security issues in the future, please see the comment below for the correct solution.

smoe picture smoe on 9 Dec 2016
👍6 👎1

Debian provides the libssl1.0-dev package for this purpose.

NeoRaider picture NeoRaider on 9 Dec 2016
👍202 🎉1

Sigh. Yes. Thank you.

smoe picture smoe on 9 Dec 2016

LEDE hasn't it problem

Lotus253 picture Lotus253 on 28 Aug 2017

I did the same thing today. Installing libssl1.0-dev corrected the compilation error.

bradley-evans picture bradley-evans on 29 Aug 2017
👍51
Was this page helpful?
0 / 5 - 0 ratings

Related issues

2tata picture 2tata  Â·  3Comments
mweinelt picture mweinelt  Â·  3Comments
rotanid picture rotanid  Â·  4Comments
RalfJung picture RalfJung  Â·  5Comments
edeso picture edeso  Â·  3Comments