openssl-1.1.0 not supported

evgeny-gridasov / openvpn-otp

OpenVPN OTP token support plugin

GNU General Public License v3.0

280 stars 74 forks source link

openssl-1.1.0 not supported #29

Closed chipitsine closed 5 years ago

chipitsine commented 6 years ago

/tmp/cc6coz4M.o: In function `main':
/*/xxx/openvpn-otp/conftest.c:34: undefined reference to `HMAC_CTX_init'
collect2: error: ld returned 1 exit status
configure:16580: $? = 1

HMAC_CTX_init() was replaced with HMAC_CTX_reset() in OpenSSL versions 1.1.0.

ciaccotaco commented 5 years ago

I am also experiencing this problem. When executing: ./configure --prefix=/usr --with-openvpn-plugin-dir=/usr/lib/openvpn

It returns the error: checking for HMAC_CTX_init in -lcrypto... no configure: error: OpenSSL libraries required

I think the issue is the dependency on autoreconf, which has issues with OpenSSL 1.1.0

RamonBeast commented 5 years ago

How did you manage to solve it? I'm having the same issue on Ubuntu 18

evgeny-gridasov commented 5 years ago

I have a working solution, will commit soon.

evgeny-gridasov commented 5 years ago

Basically OpenSSL 1.1.0 completely redefined the API. Will have to have 2 blocks of code to deal with pre 1.1.0 and 1.1.0 API.

evgeny-gridasov commented 5 years ago

I've pushed the changes, could please somebody code review / test build on 14.04 and 18.04? Works fine for me but It would be great if somebody else could reproduce that.

ciaccotaco commented 5 years ago

I have tested successfully. Thank you so much!

Software: Ubuntu 18.04.1 LTS (GNU/Linux 4.15.0-1031-azure x86_64) OpenVPN 2.4.4-2ubuntu1.1 LDAP Plugin: https://github.com/guywyers/openvpn-auth-ldap/blob/master/auth-ldap.conf Google Authenticator: https://github.com/google/google-authenticator-libpam/

evgeny-gridasov commented 5 years ago

Thanks @ciacco206 I'll wait for a couple of weeks for more feedback and will close this issue then.

evgeny-gridasov commented 5 years ago

@chipitsine could you please test?

RamonBeast commented 5 years ago

Thanks @evgeny-gridasov just tested and seems to work for me too!

Ubuntu 18.04.1 LTS

ciaccotaco commented 5 years ago

Not sure if you will consider this within the scope of your project, but I thought I'd mention it just in case. I tried installing this on my Raspberry Pi. The code compiles without issue, but when OpenVPN starts up, it fails with this error:

PLUGIN_INIT: could not load plugin shared object /usr/lib/openvpn/openvpn-otp.so: /usr/lib/openvpn/openvpn-otp.so: undefined symbol: EVP_MD_CTX_free: No such file or directory (errno=2)
Exiting due to fatal error

OS Image: Raspbian Stretch Lite 2018-10-09 OpenSSL: 1.1.0f-3+deb9u2 OpenVPN: 2.4.0-6+deb9u2

EDIT: Disregard - I spoke before exhausting all the troubleshooting options. :) After I typed up the versioning above, I decided to check out what was available outside the repositories. I manually compiled the latest version of OpenVPN (v2.4.6) and it successfully works with your plugin.

evgeny-gridasov commented 5 years ago

@ciacco206 Happy that it worked for you. I'll add a check for EVP functions in configure script to fail early.

evgeny-gridasov commented 5 years ago

Looks like no complaints and everybody is happy. Closing the issue.