Closed pjbroad closed 3 years ago
gvissers
commented
3 years ago Both of these were chosen because they for a better/easier API, but can be worked around. I think getentropy(buffer, length) is just shorthand for getrandom(buffer, length, 0), and the SSL calls can be replace by regular SSL_read/write(). I'll come up with a patch later.
gvissers
commented
3 years ago Should be fixed with 95207b8 and 7af109f.
I have disabled the getentropy() call on older systems. We could theoretically read from /dev/urandom on Linux systems, but it's not worth the hassle. SSL_read_ex and SSL_write_ex have been replace by their regular SSL_read/write counterparts for OpenSSL < 1.1.1. I'm keeping the *_ex() calls for newr versions though, I think multiplexing the return value with an error code is a bad idea.
pjbroad
commented
3 years ago Thanks. That's fixed the Debian 9 build. On Ubuntu 16.04 the compile continues but fails due to TLS_client_method, SSL_set_hostflags, SSL_set1_host and ASN1_STRING_get0_data. Looks like these were introduced in an older libssl but still too new for 16.04. I checked again and 16.04 is now end of life so I'll just stop building packages for it. The main issue is fixed with the changes you made so thanks again.
Both are too new for Debian 9 (which I currently use to build the Linux static binary and Debian packages) and Ubuntu 16.04 (which is still supported and in use according to the EL package stats I have).
The first issue can be resolved by the same work around used for windows (plus making use of GLIBC and __GLIBC_MINOR__). The second can be resolved for the static build I but not for the Ubuntu/Debain package builds.
It's probably time to drop support for Ubuntu 16.04 package builds and update my Debian build VM to Debian 10. However, I'm just checking here with @gvissers that there's not a simple fix that can be done for the libssl version issue.