View Issue Details

IDProjectCategoryView StatusLast Update
0004578unrealinstallingpublic2019-07-11 13:30
Reporterhyper_threaderAssigned Toargvx 
PrioritynormalSeverityminorReproducibilityalways
Status resolvedResolutionfixed 
PlatformLinuxOSDebian JessieOS Version4.4.1 x86_64
Product Version4.0.1 
Target VersionFixed in Version5.0.0-alpha1 
Summary0004578: Custom OpenSSL library path is ignored
DescriptionInstalling Unrealircd 4.0.1 with custom OpenSSL library. Getting no errors while compiling or installing. But the custom path for the openssl library is ignored, the system defaults path is used.

config.log:
configure:3512: checking for openssl
configure:3530: found /usr/bin/openssl
configure:3542: result: /usr/bin/openssl
configure:6265: checking for openssl
configure:6270: result: found in /home/custom-ssl/include/openssl
ac_cv_path_OPENSSLPATH=/usr/bin/openssl
OPENSSLPATH='/usr/bin/openssl'

Unrealircd 4.0.1 always use the system defaults version, have checked the correct path for the custom library while installing.
Steps To ReproduceRemove all directories of unrealircd (build and install) and start a new install with a custom path of the openssl library.
TagsNo tags attached.
3rd party modules

Relationships

child of 0005328 assignedargvx TODO list for 'i' 

Activities

hyper_threader

2016-03-17 11:51

reporter   ~0019138

Same with version 4.0.2:

Starting UnrealIRCd
 _ _ _ ___________ _____ _
| | | | | |_ _| ___ \/ __ \ | |
| | | |_ __ _ __ ___ __ _| | | | | |_/ /| / \/ __| |
| | | | '_ \| '__/ _ \/ _` | | | | | / | | / _` |
| |_| | | | | | | __/ (_| | |_| |_| |\ \ | \__/\ (_| |
 \___/|_| |_|_| \___|\__,_|_|\___/\_| \_| \____/\__,_|
                           v4.0.2

  using TRE 0.8.0 (BSD)
  using OpenSSL 1.0.1k 8 Jan 2015

#main: openssl version
OpenSSL 1.0.1k 8 Jan 2015

#main: /home/custom-ssl/bin/openssl version
OpenSSL 1.0.2g 1 Mar 2016

magic000

2016-03-19 18:48

reporter   ~0019140

Last edited: 2016-03-19 18:54

View 5 revisions

Hyper_threader, rename system provided OpenSSL bin and ln it to the custom one. Unreal will work with it this way without any issue. That's what I do running Unreal in a FreeBSD jail.

Another issue:
The problem with TLS/SSL support is its inability to use any OpenSSL replacements. I simply don't use OpenSSL, replacing it with LibreSSL whenever I can (meaning, always). Not with Unreal, though. At configure it still checks for older SSL methods and egb, and hence using LibreSSL is not possible, which is a damn shame since OpenSSL tends to be every now and then ridiculously insecure. LibreSSL pretty much never fails, in contrast.

Syzop, refer to this page describing the problem in greater detail:
http://www.libressl.org/patches.html

I am certain this is an easy fix and will allow Unreal to run with LibreSSL, GnuTLS or whatever else.

syzop

2016-03-27 11:16

administrator   ~0019148

magic000: We like to support LibreSSL. If you have trouble compiling UnrealIRCd with LibreSSL, could you create a new bug report? Compile issues were believed to be fixed after 0004345 a year ago (but that bug report was very unclear/minimal).

syzop

2016-03-27 11:21

administrator   ~0019149

hyper_threader: Sorry I did not look into this issue yet. Would it be easy for you to attach 'config.log' for your case? If it's not too much of a hassle..

As for OPENSSLPATH, this is just the openssl binary, it should be unrelated to the library.

hyper_threader

2016-03-27 11:59

reporter  

config.log (160,438 bytes)

hyper_threader

2016-03-27 12:00

reporter   ~0019152

@syzop: no problem, have attached the config.log.

syzop

2016-04-03 11:27

administrator   ~0019181

I see. Your log seems to indicate UnrealIRCd links in, or tries to link in, the right library.

I guess I'll have to self-compile OpenSSL and try it on my own machine..

I saw your evidence with regards to version which indiciates the wrong version is used. Could also check with 'ldd' that it's really using the wrong one?
ldd bin/unrealircd
Should show you a line with libssl / libcrypto / ..

hyper_threader

2016-04-03 12:51

reporter   ~0019187

Sure, 'ldd' output is the following:

libssl.so.1.0.0 => /usr/lib/x86_64-linux-gnu/libssl.so.1.0.0
libcrypto.so.1.0.0 => /usr/lib/x86_64-linux-gnu/libcrypto.so.1.0.0

That seems to be the problem or?

syzop

2016-04-03 13:30

administrator   ~0019189

Thank you (& yes) :)

hyper_threader

2016-04-03 13:38

reporter   ~0019190

Then is the question while compiling for the openssl-path unnecessary for me (or always?), as long as my library is still the old one...

But thanks for your reply syzop ;)

syzop

2016-06-25 19:47

administrator   ~0019339

I'm not having much luck either (same problem). I don't see anything wrong with the paths and parameters we're passing to gcc either so not sure hmm.

Didn't fiddle with it for hours though, only about 15 minutes.

syzop

2016-06-25 19:58

administrator   ~0019340

I can only get it to work if I do:
export LD_LIBRARY_PATH=/home/xxx/openssl/lib
And then run ldd or run UnrealIRCd

I thought (think?) it shouldn't be necessary if we specify proper linking options though. Ah well.

syzop

2016-06-25 20:03

administrator   ~0019341

Last edited: 2016-06-25 20:04

View 2 revisions

Ah there is an option :)

-Wl,-rpath=/home/xxx/openssl/lib

If you add that to your IRCDLIBS= in Makefile after ./Config but before you compile. So:
IRCDLIBS=-lcrypt -lnsl -ldl ..etc...
To:
IRCDLIBS=-Wl,-rpath=/home/xxx/openssl/lib -lcrypt -lnsl -ldl ..etc...
Save the file. Then run 'make' and 'make install' and it should work.

I'll mark the bug as confirmed and will look at a better fix another time (or someone else :D). At least you have a workaround now (or two actually) :)

syzop

2016-10-13 10:02

administrator   ~0019466

Last edited: 2016-10-13 10:03

View 2 revisions

If there's someone else with better knowledge of doing this properly via autoconf, then feel free to pick up this issue and create a patch (or discuss).

From what I understand one should be careful with -Wl since it doesn't affect just openssl (in our case) but also the other libraries we link and we might inadvertently override other libs locations(?) eg not for the /home/xx/openssl case but for cases like /usr/local/lib

binki? Heero? :D

Issue History

Date Modified Username Field Change
2016-02-14 12:49 hyper_threader New Issue
2016-03-17 11:51 hyper_threader Note Added: 0019138
2016-03-19 18:48 magic000 Note Added: 0019140
2016-03-19 18:49 magic000 Note Edited: 0019140 View Revisions
2016-03-19 18:49 magic000 Note Edited: 0019140 View Revisions
2016-03-19 18:49 magic000 Note Edited: 0019140 View Revisions
2016-03-19 18:54 magic000 Note Edited: 0019140 View Revisions
2016-03-27 11:16 syzop Note Added: 0019148
2016-03-27 11:21 syzop Note Added: 0019149
2016-03-27 11:59 hyper_threader File Added: config.log
2016-03-27 12:00 hyper_threader Note Added: 0019152
2016-04-03 11:27 syzop Note Added: 0019181
2016-04-03 12:51 hyper_threader Note Added: 0019187
2016-04-03 13:30 syzop Note Added: 0019189
2016-04-03 13:38 hyper_threader Note Added: 0019190
2016-06-25 19:47 syzop Note Added: 0019339
2016-06-25 19:58 syzop Note Added: 0019340
2016-06-25 20:03 syzop Note Added: 0019341
2016-06-25 20:04 syzop Assigned To => syzop
2016-06-25 20:04 syzop Status new => confirmed
2016-06-25 20:04 syzop Note Edited: 0019341 View Revisions
2016-10-13 10:02 syzop Note Added: 0019466
2016-10-13 10:03 syzop Note Edited: 0019466 View Revisions
2016-10-19 16:57 syzop Assigned To syzop =>
2019-07-08 08:47 syzop Relationship added child of 0005328
2019-07-11 13:30 argvx Assigned To => argvx
2019-07-11 13:30 argvx Status confirmed => resolved
2019-07-11 13:30 argvx Resolution open => fixed
2019-07-11 13:30 argvx Fixed in Version => 5.0.0-alpha1