пт, 31 мая 2024 г. в 20:33, Christopher Schultz <schu...@apache.org>:
>
> All,
>
> I don't think my commit broke the build. Re-winding to
> fe07505146b7573f36a0d01ba0d2b847af7c9914 shows that the 1.1.x build does
> not work on my machine.
>
> $ sh buildconf --with-apr=apr-1.7.4
>
> (This path is correct)
>
> $ cat config.nice
> #! /bin/sh
> #
> # Created by configure
>
> "./configure" \
> "--with-apr=/usr/local/Cellar/apr/1.7.4/bin/apr-1-config" \
> "--with-ssl=/usr/local/Cellar/openssl@1.1/1.1.1w/" \
> "$@"
>
> $ ./config.nice
> [... no errors...]
>
> $ make clean
> $ make
>
> /bin/sh /usr/local/Cellar/apr/1.7.4/build-1/libtool --silent
> --mode=compile --tag=CC clang -g -O2 -Wall -DHAVE_CONFIG_H -DDARWIN
> -DSIGPROCMASK_SETS_THREAD_MASK -g -O2 -DHAVE_OPENSSL
> -DHAVE_POOL_PRE_CLEANUP
> -I/Users/christopherschultz/git/tomcat-native/native/include
> -I/Library/Java/JavaVirtualMachines/temurin-21.jdk/Contents/Home/include
> -I/Library/Java/JavaVirtualMachines/temurin-21.jdk/Contents/Home/include/darwin
> -I/usr/local/Cellar/openssl@1.1/1.1.1w//include
> -I/usr/local/opt/apr/include/apr-1 -o src/ssl.lo -c src/ssl.c && touch
> src/ssl.lo
> src/ssl.c:201:7: error: incomplete definition of type 'struct dh_st'
> dh->p = prime(NULL);
> ~~^
> /usr/local/Cellar/openssl@1.1/1.1.1w//include/openssl/ossl_typ.h:104:16:
> note: forward declaration of 'struct dh_st'
> typedef struct dh_st DH;
> ^
[...]
>
> The full code in that area is:
>
> static DH *make_dh_params(BIGNUM *(*prime)(BIGNUM *), const char *gen)
> {
> DH *dh = DH_new();
>
> if (!dh) {
> return NULL;
> }
> dh->p = prime(NULL); // Line 201
> BN_dec2bn(&dh->g, gen);
> if (!dh->p || !dh->g) {
> DH_free(dh);
> return NULL;
> }
> return dh;
> }
>
> Is this just a bad setup on my end?
>
> Building the main branch in this environment (but with OpenSSL 3.0)
> works with some warnings but no errors.
>
> Can anyone confirm they can build 1.1.x HEAD?
The code in src/ssl.c of Tomcat-Native 1.1.1 cited above is not
compatible with "openssl@1.1/1.1.1w".
Essentially:
- "openssl@1.1/1.1.1w//include/openssl/ossl_typ.h:104:16:" declares an alias:
> typedef struct dh_st DH;
I.e. it declares the name "DH", but the actual definition of "struct
dh_st" is elsewhere, not in public include files. (but in some
"internal" parts of OpenSSL). Thus the structure can only be used
opaquely. The error is that
> dh->p = prime(NULL); // Line 201
tries to access "p", which is not possible without knowing the
internal structure of DH.
Note that this is fixed in Tomcat Native 1.3.x:
There it calls "DH_set0_pqg()" to set the value of p.
Looking at the commit history of OpenSSL 1.1.x, there is the following commit:
https://github.com/openssl/openssl/commit/6db7fadf0975c75bfba01dd939063b4bdcb1a0fe
"DH: add simple getters for commonly used DH struct members"
It is not exactly on topic, but gives references where to look for.
Other links:
https://github.com/openssl/openssl/blob/OpenSSL_1_1_1-stable/include/openssl/ossl_typ.h
(declares "typedef struct dh_st DH"
https://github.com/openssl/openssl/blob/OpenSSL_1_1_1-stable/include/openssl/dh.h
(declares "DH_set0_pqg" and other DH_set / DH_get methods)
https://github.com/apache/tomcat-native/blob/1.1.x/native/src/ssl.c#L194
https://github.com/apache/tomcat-native/blob/1.3.x/native/src/ssl.c#L197
(Tomcat Native 1.1 vs 1.3)
https://stackoverflow.com/questions/45416806/missing-definitions-in-headerfile-dh-h-openssl-1-1-0f
(The same issue encountered by somebody else)
Note that the last release of Tomcat Native 1.1.x was 1.1.34 of 2015-12-15
https://tomcat.apache.org/oldnews-2015.html#Tomcat_Native_1.1.34_Released
It was built with
- APR 1.5.1
- OpenSSL 1.0.1m
(as mentioned in VERSIONS file in tomcat-native-1.1.34-win32-bin.zip)
Best regards,
Konstantin Kolinko
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
