Unable to build with OpenSSL 1.1.0

[amartinz]

Since OpenSSL 1.1.0 BIGNUM is a struct bignum_st and there where some other changes, like BN_init() got removed.

Build host: Fedora Rawhide

$> openssl version
OpenSSL 1.1.0c-fips  10 Nov 2016

All in all building is very inconsistent. I could not get a single successful build so far. I have tried on Fedora and Windows 10 via shell, linux subsystem (windows), and QtCreator 4.2.0 on both platforms.

[tomasbrod]

I can't help you here, but I am sure others will find useful if you post:

• your compiler version
• boost version
• errors you encountered (build log)
• failed in compiling or linking stage?

[amartinz]

As said, it is because 1.1.0 changed a lot compared to 1.0.x.

You can build successfully with downloading OpenSSL 1.0.x sources and install it to another directory and instruct to link against those.

The documentation would need some overhaul and maybe the build scripts too.

[Erkan-Yilmaz]

@Evisceration thanks for the testing

we have like 3 weeks now, because: "The 1.0.1 version is currently only receiving security bug fixes and all support will be discontinued for this version on 31st December 2016" and: "The latest stable version is the 1.1.0 series of releases."

[amartinz]

@Erkan-Yilmaz i have also tested compiling with 1.0.2 and it works fine without any major changes.

So until someone does the transition to 1.1.0, 1.0.2 could be used instead.

Also available is the 1.0.2 series. This is also our Long Term Support (LTS) version (support will be provided until 31st December 2019).

Quote from OpenSSL

[Erkan-Yilmaz]

"As long as this is not fixed - no compiling on Debian testing (stretch)." https://www.reddit.com/r/gridcoin/comments/5lgmbl/gridcoin_3584_released/dbvmheg/

[gridcoin]

You can build on Debian against 1.0.1p. We moved to 101p in September 2016. Looking at the vulnerabilities list, there are no new vulnerabilities against 101p while there ARE some for 1.1.0* (https://www.openssl.org/news/vulnerabilities.html).

I see no reason to degrade our security by upgrading to a less secure version at this time.

I would recommend building against 101p.

[amartinz]

The linked vulnerabilities already got fixed and shipped in these distributions.

You will have a hard time downgrading OpenSSL versions.

A solution to fix building on such machines while still using old OpenSSL versions, would be compiling them in statically instead of using the shared OpenSSL version shipped with the OS.

[amartinz]

Also 1.0.1 is not supported anymore, so i would at least consider using 1.0.2, which does not introduce build breakage compared to 1.1.0.

[denravonska]

I have pushed a possible fix for it in denravonska/Gridcoin-Research@2235e0ee5f9b75b0b3267c0c09ec10cfd14fd870. I'm about to test this on my OpenSSL-1.0.2 wallet but I don't have a fully staking wallet on 1.1.0 yet. Feel free to test that branch you want.

[LokiToki]

@denravonska Your openssl 1.1.0 works for me. (x64 debian, boost 1.62.0.1, Qt creator 4.2.1)

I will try to install a older version for master branch.

Thx

[denravonska]

Fixed in the development branch.