Saya mencoba membangun H2O dengan LibreSSL 2.7.0 yang dirilis 21 Maret.
Kemudian, proses build gagal dengan pesan kesalahan di bawah ini.
(baik cabang master (komit 0376131) dan H2O v2.2.4)
In file included from //rpmbuild/BUILD/repo/include/h2o/socket.h:34:0,
from //rpmbuild/BUILD/repo/include/h2o/multithread.h:27,
from //rpmbuild/BUILD/repo/include/h2o/hostinfo.h:32,
from //rpmbuild/BUILD/repo/lib/common/hostinfo.c:22:
//rpmbuild/BUILD/repo/include/h2o/openssl_backport.h:37:27: error: static declaration of 'BIO_meth_new' follows non-static declaration
static inline BIO_METHOD *BIO_meth_new(int type, const char *name)
^~~~~~~~~~~~
In file included from /var/tmp/h2o-nightly-2.3.0-0.nightly20180323t195237.git0376131.el7.jp3cki-libressl-2.7.0-root/include/openssl/evp.h:67:0,
from /var/tmp/h2o-nightly-2.3.0-0.nightly20180323t195237.git0376131.el7.jp3cki-libressl-2.7.0-root/include/openssl/hmac.h:67,
from /var/tmp/h2o-nightly-2.3.0-0.nightly20180323t195237.git0376131.el7.jp3cki-libressl-2.7.0-root/include/openssl/ssl.h:149,
from //rpmbuild/BUILD/repo/include/h2o/socket.h:31,
from //rpmbuild/BUILD/repo/include/h2o/multithread.h:27,
from //rpmbuild/BUILD/repo/include/h2o/hostinfo.h:32,
from //rpmbuild/BUILD/repo/lib/common/hostinfo.c:22:
/var/tmp/h2o-nightly-2.3.0-0.nightly20180323t195237.git0376131.el7.jp3cki-libressl-2.7.0-root/include/openssl/bio.h:338:13: note: previous declaration of 'BIO_meth_new' was here
BIO_METHOD *BIO_meth_new(int type, const char *name);
^~~~~~~~~~~~
make[2]: *** [CMakeFiles/libh2o-evloop.dir/lib/common/hostinfo.c.o] Error 1
make[2]: *** Waiting for unfinished jobs....
Catatan rilis LibreSSL mengatakan "Menambahkan dukungan untuk banyak OpenSSL 1.0.2 dan 1.1 API" dan tampaknya kode backport H2O tidak kompatibel dengan itu.
Saya tidak berpikir bahwa masalah ini bergantung pada lingkungan, tetapi saya menggambarkan lingkungan saya.
cmake -DWITH_MRUBY=on -DCMAKE_INSTALL_PREFIX=%{_prefix} -DCMAKE_INCLUDE_PATH=%{libressl_root}/include -DCMAKE_LIBRARY_PATH=%{libressl_root}/lib
Itu dapat dibangun dengan skrip build yang sama dengan LibreSSL 2.6.4.
Mungkin berhasil jika menerapkan 3 tambalan di bawah ini:
diff --git a/include/h2o/openssl_backport.h b/include/h2o/openssl_backport.h
index b24440e..b59a519 100644
--- a/include/h2o/openssl_backport.h
+++ b/include/h2o/openssl_backport.h
@@ -25,7 +25,7 @@
#include <stdlib.h>
/* backports for OpenSSL 1.0.2 */
-#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
+#if OPENSSL_VERSION_NUMBER < 0x10100000L || (defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x2070000fL)
#define BIO_get_data(bio) ((bio)->ptr)
#define BIO_set_data(bio, p) ((bio)->ptr = (p))
@@ -57,7 +58,7 @@ static inline BIO_METHOD *BIO_meth_new(int type, const char *name)
#endif
/* backports for OpenSSL 1.0.1 and LibreSSL */
-#if OPENSSL_VERSION_NUMBER < 0x10002000L || defined(LIBRESSL_VERSION_NUMBER)
+#if OPENSSL_VERSION_NUMBER < 0x10002000L || (defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x2070000fL)
#define SSL_is_server(ssl) ((ssl)->server)
```tambalan
diff --git a/deps/neverbleed/neverbleed.cb/deps/neverbleed/neverbleed.c
indeks 29b35a9..42356a6 100644
--- a/deps/neverbleed/neverbleed.c
+++ b/deps/neverbleed/neverbleed.c
@@ -547,7 +547,7 @@ static int sign_stub(struct expbuf_t *buf)
kembali 0;
}
-#jika !OPENSSL_1_1_API
+#jika !OPENSSL_1_1_API && (!defined(LIBRESSL_VERSION_NUMBER) || LIBRESSL_VERSION_NUMBER < 0x2070000fL)
static void RSA_get0_key(const RSA rsa, const BIGNUM * n, const BIGNUM *e, const BIGNUM * d)
{
```patch
diff --git a/deps/picotls/lib/openssl.c b/deps/picotls/lib/openssl.c
index a19a29a..c4dfccb 100644
--- a/deps/picotls/lib/openssl.c
+++ b/deps/picotls/lib/openssl.c
@@ -41,13 +41,15 @@
#include "picotls.h"
#include "picotls/openssl.h"
-#if (OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER))
-#define OPENSSL_1_0_API 1
+#if !defined(LIBRESSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER >= 0x10100000L
+#define OPENSSL_1_1_API 1
+#elif defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER >= 0x2070000fL
+#define OPENSSL_1_1_API 1
#else
-#define OPENSSL_1_0_API 0
+#define OPENSSL_1_1_API 0
#endif
-#if OPENSSL_1_0_API
+#if !OPENSSL_1_1_API
#define EVP_PKEY_up_ref(p) CRYPTO_add(&(p)->references, 1, CRYPTO_LOCK_EVP_PKEY)
#define X509_STORE_up_ref(p) CRYPTO_add(&(p)->references, 1, CRYPTO_LOCK_X509_STORE)
(Catatan: "H2O 2.2.4+" berarti "H2O 2.2.4 + patch")
Tangkapan yang bagus!
Tidak diuji dengan LibreSSL < 2.7.0
Saya telah mengkonfirmasi bahwa H2O 2.2.4 dan master dengan patch Anda dapat berhasil dibuat dengan LibreSSL 2.6.3 pada OpenBSD 6.2.
Konfirmasikan bahwa ini berfungsi di FreeBSD dengan LibreSSL 2.7.1
Tambal di sini
Saya telah membuat H2O-HEAD vanilla + LibreSSL 2.7.2 dan berhasil.
Saya menutup masalah ini sekarang.
Ini belum dirilis.
Masih perlu patch di atas jika kalian membangun versi rilis (v2.2.4) + LibreSSL 2.7.x.
Terima kasih @kazuho atas kerja
Komentar yang paling membantu
Mungkin berhasil jika menerapkan 3 tambalan di bawah ini:
```tambalan
diff --git a/deps/neverbleed/neverbleed.cb/deps/neverbleed/neverbleed.c
indeks 29b35a9..42356a6 100644
--- a/deps/neverbleed/neverbleed.c
+++ b/deps/neverbleed/neverbleed.c
@@ -547,7 +547,7 @@ static int sign_stub(struct expbuf_t *buf)
kembali 0;
}
-#jika !OPENSSL_1_1_API
+#jika !OPENSSL_1_1_API && (!defined(LIBRESSL_VERSION_NUMBER) || LIBRESSL_VERSION_NUMBER < 0x2070000fL)
static void RSA_get0_key(const RSA rsa, const BIGNUM * n, const BIGNUM *e, const BIGNUM * d)
{
(Catatan: "H2O 2.2.4+" berarti "H2O 2.2.4 + patch")