> On 1 Mar 2018, at 5:56 pm, Aki Tuomi <aki.tuomi at dovecot.fi <mailto:aki.tuomi at dovecot.fi>> wrote: > > > > On 01.03.2018 07:34, James Brown wrote: >> On 1 Mar 2018, at 4:09 pm, Aki Tuomi <aki.tuomi at dovecot.fi <mailto:aki.tuomi at dovecot.fi>> wrote: >>> >>> >>> What SSL library and version? >>> --- >>> Aki Tuomi >> >> OpenSSL >> >> $openssl version >> OpenSSL 1.0.2g 1 Mar 2016 >> >> But I also have: >> >> $ /usr/local/bin/openssl version >> OpenSSL 1.1.0g 2 Nov 2017 >> >> James. > > Can you provide the cc call as well from make? > > Aki$ make make all-recursive Making all in . old=`pwd` && cd . && abs_builddir=`pwd` && cd $old && \ cd . && abs_srcdir=`pwd` && cd $old && \ (echo "DOVECOT_INSTALLED=no"; cat dovecot-config.in | sed \ -e "s|\$(top_builddir)|$abs_builddir|g" \ -e "s|\$(incdir)|$abs_srcdir|g" \ -e "s|\$(LIBICONV)|-liconv|g" \ -e "s|\$(MODULE_LIBS)|-export-dynamic|g" \ -e "s|^\(dovecot_pkgincludedir\)=|\1=/usr/local/include/dovecot|" \ -e "s|^\(dovecot_pkglibdir\)=|\1=/usr/local/lib/dovecot|" \ -e "s|^\(dovecot_pkglibexecdir\)=|\1=/usr/local/libexec/dovecot|" \ -e "s|^\(dovecot_docdir\)=|\1=/usr/local/share/doc/dovecot|" \ -e "s|^\(dovecot_moduledir\)=|\1=/usr/local/lib/dovecot|" \ -e "s|^\(dovecot_statedir\)=|\1=/usr/local/var/lib/dovecot|" \ ) > dovecot-config /bin/sh ./update-version.sh . . Making all in src Making all in lib-test make[3]: Nothing to be done for `all'. Making all in lib make all-am make[4]: Nothing to be done for `all-am'. Making all in lib-settings make[3]: Nothing to be done for `all'. Making all in lib-auth make[3]: Nothing to be done for `all'. Making all in lib-dns make[3]: Nothing to be done for `all'. Making all in lib-master make[3]: Nothing to be done for `all'. Making all in lib-charset make[3]: Nothing to be done for `all'. Making all in lib-ssl-iostream make[3]: Nothing to be done for `all'. Making all in lib-dcrypt /bin/sh ../../libtool --tag=CC --mode=compile gcc -DHAVE_CONFIG_H -I. -I../.. -I../../src/lib -I../../src/lib-test -I../../src/lib-ssl-iostream -DDCRYPT_MODULE_DIR=\"/usr/local/lib/dovecot\" -I../../src/lib -I../../src/lib-test -I../../src/lib-ssl-iostream -DDCRYPT_MODULE_DIR=\"/usr/local/lib/dovecot\" -std=gnu99 -g -O2 -Wall -W -Wmissing-prototypes -Wmissing-declarations -Wpointer-arith -Wchar-subscripts -Wformat=2 -Wbad-function-cast -fno-builtin-strftime -Wstrict-aliasing=2 -MT libdcrypt_openssl_la-dcrypt-openssl.lo -MD -MP -MF .deps/libdcrypt_openssl_la-dcrypt-openssl.Tpo -c -o libdcrypt_openssl_la-dcrypt-openssl.lo `test -f 'dcrypt-openssl.c' || echo './'`dcrypt-openssl.c libtool: compile: gcc -DHAVE_CONFIG_H -I. -I../.. -I../../src/lib -I../../src/lib-test -I../../src/lib-ssl-iostream -DDCRYPT_MODULE_DIR=\"/usr/local/lib/dovecot\" -I../../src/lib -I../../src/lib-test -I../../src/lib-ssl-iostream -DDCRYPT_MODULE_DIR=\"/usr/local/lib/dovecot\" -std=gnu99 -g -O2 -Wall -W -Wmissing-prototypes -Wmissing-declarations -Wpointer-arith -Wchar-subscripts -Wformat=2 -Wbad-function-cast -fno-builtin-strftime -Wstrict-aliasing=2 -MT libdcrypt_openssl_la-dcrypt-openssl.lo -MD -MP -MF .deps/libdcrypt_openssl_la-dcrypt-openssl.Tpo -c dcrypt-openssl.c -fno-common -DPIC -o .libs/libdcrypt_openssl_la-dcrypt-openssl.o dcrypt-openssl.c:117: error: field 'ctx' has incomplete type dcrypt-openssl.c: In function 'dcrypt_openssl_ctx_hmac_destroy': dcrypt-openssl.c:451: warning: implicit declaration of function 'HMAC_cleanup' dcrypt-openssl.c: In function 'dcrypt_openssl_generate_ec_key': dcrypt-openssl.c:555: error: dereferencing pointer to incomplete type dcrypt-openssl.c:556: error: dereferencing pointer to incomplete type dcrypt-openssl.c: In function 'dcrypt_openssl_ecdh_derive_secret_local': dcrypt-openssl.c:588: error: dereferencing pointer to incomplete type dcrypt-openssl.c: In function 'dcrypt_openssl_ecdh_derive_secret_peer': dcrypt-openssl.c:668: error: dereferencing pointer to incomplete type dcrypt-openssl.c:697: error: dereferencing pointer to incomplete type dcrypt-openssl.c:698: error: dereferencing pointer to incomplete type dcrypt-openssl.c: In function 'dcrypt_openssl_store_private_key_dovecot': dcrypt-openssl.c:1461: error: dereferencing pointer to incomplete type dcrypt-openssl.c:1482: error: dereferencing pointer to incomplete type dcrypt-openssl.c:1489: error: dereferencing pointer to incomplete type dcrypt-openssl.c: In function 'dcrypt_openssl_load_private_key': dcrypt-openssl.c:1615: error: dereferencing pointer to incomplete type dcrypt-openssl.c: In function 'dcrypt_openssl_store_public_key': dcrypt-openssl.c:1765: error: dereferencing pointer to incomplete type dcrypt-openssl.c: In function 'dcrypt_openssl_private_to_public_key': dcrypt-openssl.c:1801: error: dereferencing pointer to incomplete type dcrypt-openssl.c: In function 'dcrypt_openssl_name2oid': dcrypt-openssl.c:2062: error: dereferencing pointer to incomplete type dcrypt-openssl.c: In function 'dcrypt_openssl_public_key_id_old': dcrypt-openssl.c:2112: error: dereferencing pointer to incomplete type dcrypt-openssl.c: In function 'dcrypt_openssl_private_key_id_old': dcrypt-openssl.c:2135: error: dereferencing pointer to incomplete type dcrypt-openssl.c: In function 'dcrypt_openssl_public_key_id_evp': dcrypt-openssl.c:2153: error: dereferencing pointer to incomplete type make[3]: *** [libdcrypt_openssl_la-dcrypt-openssl.lo] Error 1 make[2]: *** [all-recursive] Error 1 make[1]: *** [all-recursive] Error 1 make: *** [all] Error 2 -------------- next part -------------- An HTML attachment was scrubbed... URL: <https://dovecot.org/pipermail/dovecot/attachments/20180301/35de9975/attachment-0001.html> -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 8517 bytes Desc: not available URL: <https://dovecot.org/pipermail/dovecot/attachments/20180301/35de9975/attachment-0001.bin>
1 On 01.03.2018 12:10, James Brown wrote:> > >> On 1 Mar 2018, at 5:56 pm, Aki Tuomi <aki.tuomi at dovecot.fi >> <mailto:aki.tuomi at dovecot.fi>> wrote: >> >> >> >> On 01.03.2018 07:34, James Brown wrote: >>> On 1 Mar 2018, at 4:09 pm, Aki Tuomi <aki.tuomi at dovecot.fi >>> <mailto:aki.tuomi at dovecot.fi>> wrote: >>>> >>>> What SSL library and version? >>>> ---? >>>> Aki Tuomi >>> >>> OpenSSL >>> >>> $openssl version >>> OpenSSL 1.0.2g ?1 Mar 2016 >>> >>> But I also have: >>> >>> $ /usr/local/bin/openssl version >>> OpenSSL 1.1.0g ?2 Nov 2017 >>> >>> James. >> >> Can you provide the cc call as well from make? >> >> Aki > > $ make > make ?all-recursive > Making all in . > old=`pwd` && cd . && abs_builddir=`pwd` && cd $old && \ > cd . && abs_srcdir=`pwd` && cd $old && \ > (echo "DOVECOT_INSTALLED=no"; cat dovecot-config.in | sed \ > -e "s|\$(top_builddir)|$abs_builddir|g" \ > -e "s|\$(incdir)|$abs_srcdir|g" \ > -e "s|\$(LIBICONV)|-liconv|g" \ > -e "s|\$(MODULE_LIBS)|-export-dynamic|g" \ > -e "s|^\(dovecot_pkgincludedir\)=|\1=/usr/local/include/dovecot|" \ > -e "s|^\(dovecot_pkglibdir\)=|\1=/usr/local/lib/dovecot|" \ > -e "s|^\(dovecot_pkglibexecdir\)=|\1=/usr/local/libexec/dovecot|" \ > -e "s|^\(dovecot_docdir\)=|\1=/usr/local/share/doc/dovecot|" \ > -e "s|^\(dovecot_moduledir\)=|\1=/usr/local/lib/dovecot|" \ > -e "s|^\(dovecot_statedir\)=|\1=/usr/local/var/lib/dovecot|" \ > ) > dovecot-config > /bin/sh ./update-version.sh . . > Making all in src > Making all in lib-test > make[3]: Nothing to be done for `all'. > Making all in lib > make ?all-am > make[4]: Nothing to be done for `all-am'. > Making all in lib-settings > make[3]: Nothing to be done for `all'. > Making all in lib-auth > make[3]: Nothing to be done for `all'. > Making all in lib-dns > make[3]: Nothing to be done for `all'. > Making all in lib-master > make[3]: Nothing to be done for `all'. > Making all in lib-charset > make[3]: Nothing to be done for `all'. > Making all in lib-ssl-iostream > make[3]: Nothing to be done for `all'. > Making all in lib-dcrypt > /bin/sh ../../libtool ?--tag=CC ? --mode=compile gcc -DHAVE_CONFIG_H > -I. -I../.. ?-I../../src/lib -I../../src/lib-test > -I../../src/lib-ssl-iostream > -DDCRYPT_MODULE_DIR=\"/usr/local/lib/dovecot\" ?-I../../src/lib > -I../../src/lib-test -I../../src/lib-ssl-iostream > -DDCRYPT_MODULE_DIR=\"/usr/local/lib/dovecot\" ?-std=gnu99 -g -O2 > -Wall -W -Wmissing-prototypes -Wmissing-declarations -Wpointer-arith > -Wchar-subscripts -Wformat=2 -Wbad-function-cast -fno-builtin-strftime > -Wstrict-aliasing=2 ?-MT libdcrypt_openssl_la-dcrypt-openssl.lo -MD > -MP -MF .deps/libdcrypt_openssl_la-dcrypt-openssl.Tpo -c -o > libdcrypt_openssl_la-dcrypt-openssl.lo `test -f 'dcrypt-openssl.c' || > echo './'`dcrypt-openssl.c > libtool: compile: ?gcc -DHAVE_CONFIG_H -I. -I../.. -I../../src/lib > -I../../src/lib-test -I../../src/lib-ssl-iostream > -DDCRYPT_MODULE_DIR=\"/usr/local/lib/dovecot\" -I../../src/lib > -I../../src/lib-test -I../../src/lib-ssl-iostream > -DDCRYPT_MODULE_DIR=\"/usr/local/lib/dovecot\" -std=gnu99 -g -O2 -Wall > -W -Wmissing-prototypes -Wmissing-declarations -Wpointer-arith > -Wchar-subscripts -Wformat=2 -Wbad-function-cast -fno-builtin-strftime > -Wstrict-aliasing=2 -MT libdcrypt_openssl_la-dcrypt-openssl.lo -MD -MP > -MF .deps/libdcrypt_openssl_la-dcrypt-openssl.Tpo -c dcrypt-openssl.c > ?-fno-common -DPIC -o .libs/libdcrypt_openssl_la-dcrypt-openssl.o > dcrypt-openssl.c:117: error: field 'ctx' has incomplete type > dcrypt-openssl.c: In function 'dcrypt_openssl_ctx_hmac_destroy': > dcrypt-openssl.c:451: warning: implicit declaration of function > 'HMAC_cleanup' > dcrypt-openssl.c: In function 'dcrypt_openssl_generate_ec_key': > dcrypt-openssl.c:555: error: dereferencing pointer to incomplete type > dcrypt-openssl.c:556: error: dereferencing pointer to incomplete type > dcrypt-openssl.c: In function 'dcrypt_openssl_ecdh_derive_secret_local': > dcrypt-openssl.c:588: error: dereferencing pointer to incomplete type > dcrypt-openssl.c: In function 'dcrypt_openssl_ecdh_derive_secret_peer': > dcrypt-openssl.c:668: error: dereferencing pointer to incomplete type > dcrypt-openssl.c:697: error: dereferencing pointer to incomplete type > dcrypt-openssl.c:698: error: dereferencing pointer to incomplete type > dcrypt-openssl.c: In function 'dcrypt_openssl_store_private_key_dovecot': > dcrypt-openssl.c:1461: error: dereferencing pointer to incomplete type > dcrypt-openssl.c:1482: error: dereferencing pointer to incomplete type > dcrypt-openssl.c:1489: error: dereferencing pointer to incomplete type > dcrypt-openssl.c: In function 'dcrypt_openssl_load_private_key': > dcrypt-openssl.c:1615: error: dereferencing pointer to incomplete type > dcrypt-openssl.c: In function 'dcrypt_openssl_store_public_key': > dcrypt-openssl.c:1765: error: dereferencing pointer to incomplete type > dcrypt-openssl.c: In function 'dcrypt_openssl_private_to_public_key': > dcrypt-openssl.c:1801: error: dereferencing pointer to incomplete type > dcrypt-openssl.c: In function 'dcrypt_openssl_name2oid': > dcrypt-openssl.c:2062: error: dereferencing pointer to incomplete type > dcrypt-openssl.c: In function 'dcrypt_openssl_public_key_id_old': > dcrypt-openssl.c:2112: error: dereferencing pointer to incomplete type > dcrypt-openssl.c: In function 'dcrypt_openssl_private_key_id_old': > dcrypt-openssl.c:2135: error: dereferencing pointer to incomplete type > dcrypt-openssl.c: In function 'dcrypt_openssl_public_key_id_evp': > dcrypt-openssl.c:2153: error: dereferencing pointer to incomplete type > make[3]: *** [libdcrypt_openssl_la-dcrypt-openssl.lo] Error 1 > make[2]: *** [all-recursive] Error 1 > make[1]: *** [all-recursive] Error 1 > make: *** [all] Error 2 >Can you also post your config.h? It should be at source root. Aki -------------- next part -------------- An HTML attachment was scrubbed... URL: <https://dovecot.org/pipermail/dovecot/attachments/20180301/e76ba0ed/attachment-0001.html>
> On 1 Mar 2018, at 9:52 pm, Aki Tuomi <aki.tuomi at dovecot.fi <mailto:aki.tuomi at dovecot.fi>> wrote: > > Can you also post your config.h? It should be at source root. > > AkiI tried but it was too big to post on the mailing list. I?m not sure if you got the direct email. Some SSL related bits: /* Build with OpenSSL support */ #define HAVE_OPENSSL /**/ /* Define if OpenSSL performs thread cleanup automatically */ /* #undef HAVE_OPENSSL_AUTO_THREAD_DEINIT */ /* OpenSSL supports OPENSSL_cleanup() */ /* #undef HAVE_OPENSSL_CLEANUP */ /* Define to 1 if you have the <openssl/err.h> header file. */ #define HAVE_OPENSSL_ERR_H 1 /* Define if you have ERR_remove_thread_state */ #define HAVE_OPENSSL_ERR_REMOVE_THREAD_STATE /**/ /* Define if you have openssl/rand.h */ /* #undef HAVE_OPENSSL_RAND_H */ /* Define to 1 if you have the <openssl/ssl.h> header file. */ #define HAVE_OPENSSL_SSL_H 1 /* Define if you have pam/pam_appl.h */ /* #undef HAVE_PAM_PAM_APPL_H */ /* Define if you have pam_setcred() */ #define HAVE_PAM_SETCRED /**/ ... /* Build with SSL/TLS support */ #define HAVE_SSL /**/ /* Define if you have SSL_clear_options */ /* #undef HAVE_SSL_CLEAR_OPTIONS */ /* Build with OpenSSL compression */ #define HAVE_SSL_COMPRESSION /**/ /* Build with SSL_COMP_free_compression_methods() support */ #define HAVE_SSL_COMP_FREE_COMPRESSION_METHODS /**/ /* Define if you have SSL_CTX_set1_curves_list */ #define HAVE_SSL_CTX_SET1_CURVES_LIST /**/ /* Define if you have SSL_CTX_set_min_proto_version */ #define HAVE_SSL_CTX_SET_MIN_PROTO_VERSION /**/ /* Build with TLS hostname support */ #define HAVE_SSL_GET_SERVERNAME /**/ /* Define if CRYPTO_set_mem_functions has new style parameters */ #define HAVE_SSL_NEW_MEM_FUNCS /**/ James. -------------- next part -------------- An HTML attachment was scrubbed... URL: <https://dovecot.org/pipermail/dovecot/attachments/20180302/fa5b4d15/attachment-0001.html>
> On 02 March 2018 at 08:42 James Brown <jlbrown at bordo.com.au> wrote: > > > > On 1 Mar 2018, at 9:52 pm, Aki Tuomi <aki.tuomi at dovecot.fi <mailto:aki.tuomi at dovecot.fi>> wrote: > > > > Can you also post your config.h? It should be at source root. > > > > Aki > > I tried but it was too big to post on the mailing list. I?m not sure if you got the direct email. >Yeah I got it. We have attempted to compile our code with OpenSSL 1.0, 1.0.2 and 1.1.0, but I'll try the specific releases too. Can you try this patch? diff --git a/src/lib-dcrypt/dcrypt-openssl.c b/src/lib-dcrypt/dcrypt-openssl.c index 26c9b91..187bb75 100644 --- a/src/lib-dcrypt/dcrypt-openssl.c +++ b/src/lib-dcrypt/dcrypt-openssl.c @@ -9,17 +9,17 @@ #include "array.h" #include "module-dir.h" #include "dovecot-openssl-common.h" -#include <openssl/evp.h> -#include <openssl/sha.h> -#include <openssl/err.h> -#include <openssl/rsa.h> -#include <openssl/ec.h> -#include <openssl/bio.h> -#include <openssl/pem.h> -#include <openssl/x509.h> -#include <openssl/engine.h> -#include <openssl/hmac.h> -#include <openssl/objects.h> +#include "openssl/evp.h" +#include "openssl/sha.h" +#include "openssl/err.h" +#include "openssl/rsa.h" +#include "openssl/ec.h" +#include "openssl/bio.h" +#include "openssl/pem.h" +#include "openssl/x509.h" +#include "openssl/engine.h" +#include "openssl/hmac.h" +#include "openssl/objects.h" #include "dcrypt.h" #include "dcrypt-private.h" And if it does not work, add after the includes #pragma message("OpenSSL version is " OPENSSL_VERSION_TEXT) #error See above And provide output? Aki
> On 2 Mar 2018, at 6:11 pm, James Brown <jlbrown at bordo.com.au> wrote: > > > >> On 2 Mar 2018, at 5:59 pm, Aki Tuomi <aki.tuomi at dovecot.fi> wrote: >> >> >> We have attempted to compile our code with OpenSSL 1.0, 1.0.2 and 1.1.0, but I'll try the specific releases too. >> >> Can you try this patch? >> >> diff --git a/src/lib-dcrypt/dcrypt-openssl.c b/src/lib-dcrypt/dcrypt-openssl.c >> index 26c9b91..187bb75 100644 >> --- a/src/lib-dcrypt/dcrypt-openssl.c >> +++ b/src/lib-dcrypt/dcrypt-openssl.c >> @@ -9,17 +9,17 @@ >> #include "array.h" >> #include "module-dir.h" >> #include "dovecot-openssl-common.h" >> -#include <openssl/evp.h> >> -#include <openssl/sha.h> >> -#include <openssl/err.h> >> -#include <openssl/rsa.h> >> -#include <openssl/ec.h> >> -#include <openssl/bio.h> >> -#include <openssl/pem.h> >> -#include <openssl/x509.h> >> -#include <openssl/engine.h> >> -#include <openssl/hmac.h> >> -#include <openssl/objects.h> >> +#include "openssl/evp.h" >> +#include "openssl/sha.h" >> +#include "openssl/err.h" >> +#include "openssl/rsa.h" >> +#include "openssl/ec.h" >> +#include "openssl/bio.h" >> +#include "openssl/pem.h" >> +#include "openssl/x509.h" >> +#include "openssl/engine.h" >> +#include "openssl/hmac.h" >> +#include "openssl/objects.h" >> #include "dcrypt.h" >> #include "dcrypt-private.h" >> >> And if it does not work, add after the includes >> >> #pragma message("OpenSSL version is " OPENSSL_VERSION_TEXT) >> #error See above >> >> And provide output? >> >> AkiHi Aki, Change src/lib-dcrypt/dcrypt-openssl.c start to: /* Copyright (c) 2016-2017 Dovecot authors, see the included COPYING file */ #include "lib.h" #include "buffer.h" #include "str.h" #include "hex-binary.h" #include "safe-memset.h" #include "randgen.h" #include "array.h" #include "module-dir.h" #include "dovecot-openssl-common.h" #include "openssl/evp.h" #include "openssl/sha.h" #include "openssl/err.h" #include "openssl/rsa.h" #include "openssl/ec.h" #include "openssl/bio.h" #include "openssl/pem.h" #include "openssl/x509.h" #include "openssl/engine.h" #include "openssl/hmac.h" #include "openssl/objects.h" #include "dcrypt.h" #include "dcrypt-private.h" #pragma message("OpenSSL version is " OPENSSL_VERSION_TEXT) #error See above /** Ie changed the < and > to double quotes. Ran make clean, then ./configure and but it still fails. :-( dcrypt-openssl.c:25: warning: ignoring #pragma message dcrypt-openssl.c:26:2: error: #error See above dcrypt-openssl.c:118: error: field 'ctx' has incomplete type dcrypt-openssl.c: In function 'dcrypt_openssl_ctx_hmac_destroy': dcrypt-openssl.c:452: warning: implicit declaration of function 'HMAC_cleanup' dcrypt-openssl.c: In function 'dcrypt_openssl_generate_ec_key': dcrypt-openssl.c:556: error: dereferencing pointer to incomplete type dcrypt-openssl.c:557: error: dereferencing pointer to incomplete type dcrypt-openssl.c: In function 'dcrypt_openssl_ecdh_derive_secret_local': dcrypt-openssl.c:589: error: dereferencing pointer to incomplete type dcrypt-openssl.c: In function 'dcrypt_openssl_ecdh_derive_secret_peer': dcrypt-openssl.c:669: error: dereferencing pointer to incomplete type dcrypt-openssl.c:698: error: dereferencing pointer to incomplete type dcrypt-openssl.c:699: error: dereferencing pointer to incomplete type dcrypt-openssl.c: In function 'dcrypt_openssl_store_private_key_dovecot': dcrypt-openssl.c:1462: error: dereferencing pointer to incomplete type dcrypt-openssl.c:1483: error: dereferencing pointer to incomplete type dcrypt-openssl.c:1490: error: dereferencing pointer to incomplete type dcrypt-openssl.c: In function 'dcrypt_openssl_load_private_key': dcrypt-openssl.c:1616: error: dereferencing pointer to incomplete type dcrypt-openssl.c: In function 'dcrypt_openssl_store_public_key': dcrypt-openssl.c:1766: error: dereferencing pointer to incomplete type dcrypt-openssl.c: In function 'dcrypt_openssl_private_to_public_key': dcrypt-openssl.c:1802: error: dereferencing pointer to incomplete type dcrypt-openssl.c: In function 'dcrypt_openssl_name2oid': dcrypt-openssl.c:2063: error: dereferencing pointer to incomplete type dcrypt-openssl.c: In function 'dcrypt_openssl_public_key_id_old': dcrypt-openssl.c:2113: error: dereferencing pointer to incomplete type dcrypt-openssl.c: In function 'dcrypt_openssl_private_key_id_old': dcrypt-openssl.c:2136: error: dereferencing pointer to incomplete type dcrypt-openssl.c: In function 'dcrypt_openssl_public_key_id_evp': dcrypt-openssl.c:2154: error: dereferencing pointer to incomplete type make[3]: *** [libdcrypt_openssl_la-dcrypt-openssl.lo] Error 1 make[2]: *** [all-recursive] Error 1 make[1]: *** [all-recursive] Error 1 make: *** [all] Error 2 Thanks for your help. James. -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 8517 bytes Desc: not available URL: <https://dovecot.org/pipermail/dovecot/attachments/20180305/a6f41ca7/attachment-0001.bin>
I just tried to compile 2.3.2.1 and still getting the openssl errors.
Configured with:
./configure --with-mysql --with-ssl=openssl
Which finishes with:
Install prefix . : /usr/local
File offsets ... : 64bit
I/O polling .... : kqueue
I/O notifys .... : kqueue
SSL ............ : yes (OpenSSL)
GSSAPI ......... : no
passdbs ........ : static passwd passwd-file pam checkpassword sql
CFLAGS ......... : -std=gnu99 -g -O2 -fstack-protector -U_FORTIFY_SOURCE
-D_FORTIFY_SOURCE=2 -Wall -W -Wmissing-prototypes -Wmissing-declarations
-Wpointer-arith -Wchar-subscripts -Wformat=2 -Wbad-function-cast
-fno-builtin-strftime -Wstrict-aliasing=2
: -shadow -bsdauth -sia -ldap -vpopmail
userdbs ........ : static prefetch passwd passwd-file checkpassword sql
: -ldap -vpopmail
SQL drivers .... : mysql
: -pgsql -sqlite -cassandra
Full text search : squat
: -lucene -solr
Any another suggestions?
Thanks,
James.
> On 5 Mar 2018, at 2:54 pm, James Brown <jlbrown at bordo.com.au>
wrote:
>
>
>
>> On 2 Mar 2018, at 6:11 pm, James Brown <jlbrown at bordo.com.au>
wrote:
>>
>>
>>
>>> On 2 Mar 2018, at 5:59 pm, Aki Tuomi <aki.tuomi at
dovecot.fi> wrote:
>>>
>>>
>>> We have attempted to compile our code with OpenSSL 1.0, 1.0.2 and
1.1.0, but I'll try the specific releases too.
>>>
>>> Can you try this patch?
>>>
>>> diff --git a/src/lib-dcrypt/dcrypt-openssl.c
b/src/lib-dcrypt/dcrypt-openssl.c
>>> index 26c9b91..187bb75 100644
>>> --- a/src/lib-dcrypt/dcrypt-openssl.c
>>> +++ b/src/lib-dcrypt/dcrypt-openssl.c
>>> @@ -9,17 +9,17 @@
>>> #include "array.h"
>>> #include "module-dir.h"
>>> #include "dovecot-openssl-common.h"
>>> -#include <openssl/evp.h>
>>> -#include <openssl/sha.h>
>>> -#include <openssl/err.h>
>>> -#include <openssl/rsa.h>
>>> -#include <openssl/ec.h>
>>> -#include <openssl/bio.h>
>>> -#include <openssl/pem.h>
>>> -#include <openssl/x509.h>
>>> -#include <openssl/engine.h>
>>> -#include <openssl/hmac.h>
>>> -#include <openssl/objects.h>
>>> +#include "openssl/evp.h"
>>> +#include "openssl/sha.h"
>>> +#include "openssl/err.h"
>>> +#include "openssl/rsa.h"
>>> +#include "openssl/ec.h"
>>> +#include "openssl/bio.h"
>>> +#include "openssl/pem.h"
>>> +#include "openssl/x509.h"
>>> +#include "openssl/engine.h"
>>> +#include "openssl/hmac.h"
>>> +#include "openssl/objects.h"
>>> #include "dcrypt.h"
>>> #include "dcrypt-private.h"
>>>
>>> And if it does not work, add after the includes
>>>
>>> #pragma message("OpenSSL version is "
OPENSSL_VERSION_TEXT)
>>> #error See above
>>>
>>> And provide output?
>>>
>>> Aki
>
> Hi Aki,
>
> Change src/lib-dcrypt/dcrypt-openssl.c start to:
>
> /* Copyright (c) 2016-2017 Dovecot authors, see the included COPYING file
*/
>
> #include "lib.h"
> #include "buffer.h"
> #include "str.h"
> #include "hex-binary.h"
> #include "safe-memset.h"
> #include "randgen.h"
> #include "array.h"
> #include "module-dir.h"
> #include "dovecot-openssl-common.h"
> #include "openssl/evp.h"
> #include "openssl/sha.h"
> #include "openssl/err.h"
> #include "openssl/rsa.h"
> #include "openssl/ec.h"
> #include "openssl/bio.h"
> #include "openssl/pem.h"
> #include "openssl/x509.h"
> #include "openssl/engine.h"
> #include "openssl/hmac.h"
> #include "openssl/objects.h"
> #include "dcrypt.h"
> #include "dcrypt-private.h"
> #pragma message("OpenSSL version is " OPENSSL_VERSION_TEXT)
> #error See above
> /**
>
> Ie changed the < and > to double quotes.
>
> Ran make clean, then ./configure and but it still fails. :-(
>
> dcrypt-openssl.c:25: warning: ignoring #pragma message
> dcrypt-openssl.c:26:2: error: #error See above
> dcrypt-openssl.c:118: error: field 'ctx' has incomplete type
> dcrypt-openssl.c: In function 'dcrypt_openssl_ctx_hmac_destroy':
> dcrypt-openssl.c:452: warning: implicit declaration of function
'HMAC_cleanup'
> dcrypt-openssl.c: In function 'dcrypt_openssl_generate_ec_key':
> dcrypt-openssl.c:556: error: dereferencing pointer to incomplete type
> dcrypt-openssl.c:557: error: dereferencing pointer to incomplete type
> dcrypt-openssl.c: In function
'dcrypt_openssl_ecdh_derive_secret_local':
> dcrypt-openssl.c:589: error: dereferencing pointer to incomplete type
> dcrypt-openssl.c: In function
'dcrypt_openssl_ecdh_derive_secret_peer':
> dcrypt-openssl.c:669: error: dereferencing pointer to incomplete type
> dcrypt-openssl.c:698: error: dereferencing pointer to incomplete type
> dcrypt-openssl.c:699: error: dereferencing pointer to incomplete type
> dcrypt-openssl.c: In function
'dcrypt_openssl_store_private_key_dovecot':
> dcrypt-openssl.c:1462: error: dereferencing pointer to incomplete type
> dcrypt-openssl.c:1483: error: dereferencing pointer to incomplete type
> dcrypt-openssl.c:1490: error: dereferencing pointer to incomplete type
> dcrypt-openssl.c: In function 'dcrypt_openssl_load_private_key':
> dcrypt-openssl.c:1616: error: dereferencing pointer to incomplete type
> dcrypt-openssl.c: In function 'dcrypt_openssl_store_public_key':
> dcrypt-openssl.c:1766: error: dereferencing pointer to incomplete type
> dcrypt-openssl.c: In function
'dcrypt_openssl_private_to_public_key':
> dcrypt-openssl.c:1802: error: dereferencing pointer to incomplete type
> dcrypt-openssl.c: In function 'dcrypt_openssl_name2oid':
> dcrypt-openssl.c:2063: error: dereferencing pointer to incomplete type
> dcrypt-openssl.c: In function 'dcrypt_openssl_public_key_id_old':
> dcrypt-openssl.c:2113: error: dereferencing pointer to incomplete type
> dcrypt-openssl.c: In function 'dcrypt_openssl_private_key_id_old':
> dcrypt-openssl.c:2136: error: dereferencing pointer to incomplete type
> dcrypt-openssl.c: In function 'dcrypt_openssl_public_key_id_evp':
> dcrypt-openssl.c:2154: error: dereferencing pointer to incomplete type
> make[3]: *** [libdcrypt_openssl_la-dcrypt-openssl.lo] Error 1
> make[2]: *** [all-recursive] Error 1
> make[1]: *** [all-recursive] Error 1
> make: *** [all] Error 2
>
> Thanks for your help.
>
> James.
>
>
>
>
>
>