Open rhenium opened 7 years ago
Hi, Can you try to edit openssl/ocsp.h like below, before building test.c ?
//extern const ASN1_ITEM OCSP_BASICRESP_it;
_declspec(dllimport) ASN1_ITEM OCSP_BASICRESP_it;
Also, you need to replace the include files order of ocsp.h and asn1t.h.
With Visual Studio 2017, I could see this resolves the issue. Does this work well in your environment, too ?
Thank you for looking into this. I'm also using VS 2017, and editing the header as suggested by you fixed the issue for me.
> .\test
dump of OCSP_BASICRESP_it:
0100000010000000E0E75D5D0000000004000000000000000000000000000000200000000000000040E75D5D00000000
trying i2d_OCSP_BASICRESP():
ok
trying ASN1_item_i2d():
ok
Thanks for your confirmation.
This seems Windows specific issue, and this doesn't affect to other platforms.
I had already tried to see test.c runs fine on Fedora.
To solve this issue, it is required to replace extern const
to _declspec(dllimport)
only for Windows client program.
Now, I have no good idea to adjust this yet.
For what it's worth, OpenSSL has OPENSSL_EXTERN macro that expands to __declspec(dllimport) as necessary.
It looks like it's been removed in LibreSSL very soon after the fork.
I'm thinking an addition on the affected headers like this:
#ifdef _WIN32
#ifndef LIBRESSL_INTERNAL
#define LIBRESSL_IMPORT __declspec(dllimport)
#else
#define LIBRESSL_IMPORT
#endif
#else
#define LIBRESSL_IMPORT
#endif
Then a patch that does something like this to the *_it constants:
extern LIBRESSL_IMPORT const ASN1_ITEM OCSP_RESPID_it;
Is this still an issue if you build the dll's with msc to begin with (I suspect it is)? We stopped providing the pre-built DLLs due to other ABI incompatibilities between Visual Studio and MinGW64-produced binaries.
(This issue was originally reported at https://bugs.ruby-lang.org/issues/13902)
When an application is compiled with cl.exe, it cannot access *_it variables properly (OCSP_BASICRESP_it in the example code below).
I can reproduce this with both libressl-2.2.9-windows.zip and libressl-2.5.5-windows.zip downloaded from https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/.
test.c:
I didn't dig further, but it looks like ASN1_item_i2d() is crashing because OCSP_BASICRESP_it points to garbage.