Opened 7 years ago
Closed 7 years ago
#799 closed Bug / Defect (fixed)
OpenVPN 2.4.0 fails to build against LibreSSL
| Reported by: | cardioid | Owned by: | |
|---|---|---|---|
| Priority: | major | Milestone: | |
| Component: | Generic / unclassified | Version: | OpenVPN git master branch (Community Ed) |
| Severity: | Not set (select this one, unless your'e a OpenVPN developer) | Keywords: | openssl, libressl, crypto, ssl |
| Cc: | Steffan Karger |
Description
OpenVPN 2.4.0 fails to build against LibreSSL (tested with 2.5.0).
Steps to reproduce:
- Compile LibreSSL, I did this with:
--prefix=/build/libressl/.openssl
- Checkout OpenVPN from Github
- Switch to 2.4.0 release branch
- Generate configure
autoreconf -vi
- Configure
./configure OPENSSL_SSL_LIBS="-L/build/libressl/.openssl/lib -lssl" OPENSSL_SSL_CFLAGS="-I/build/libressl/.openssl/include" OPENSSL_CRYPTO_LIBS="-L/build/libressl/.openssl/lib -lcrypto" OPENSSL_CRYPTO_CFLAGS="-I/build/libressl/.openssl/include" --disable-debug --disable-dependency-tracking --disable-silent-rules --with-crypto-library=openssl
Error:
... checking for pam_start in -lpam... yes checking for PKCS11_HELPER... no checking for OPENSSL... no checking for SSL_CTX_new... no configure: error: openssl check failed ...
Everything worked fine with 2.3.9
Change History (3)
comment:1 Changed 7 years ago by
| Cc: | Steffan Karger added |
|---|
comment:2 Changed 7 years ago by
Thank you @syzzer!
This works fine:
./configure OPENSSL_LIBS="-L/build/libressl/.openssl/lib -lssl -lcrypto" OPENSSL_CFLAGS="-I/build/libressl/.openssl/include" --disable-debug --disable-dependency-tracking --disable-silent-rules --with-crypto-library=openssl
comment:3 Changed 7 years ago by
| Resolution: | → fixed |
|---|---|
| Status: | new → closed |
Thanks for testing and reporting back. I'm now closing this one.
There is also #794 where we discuss adding a simplified --with-ssl-dir=$basedir configure option that will do OPENSSL_LIBS/OPENSSL_CFLAGS in a single step. No decision or code has been made yet, though.
Note: See
TracTickets for help on using
tickets.
the configure variables got simplified - it's no longer OPENSSL_SSL_LIB and OPENSSL_CRYPTO_LIB, but both combined into
OPENSSL_LIBS=...andOPENSSL_CFLAGS=....Please test and report back :-)