Comments (6)
mwild1
commented on July 24, 2024
I found reference on a mailing list to a similar issue with Erlang+OpenSSL on OpenBSD. Apparently they fixed it with this commit, which seems to simply modify compiler flags: erlang/otp@c282f35
from luasec.
WhyNotHugo
commented on July 24, 2024
A patch is already being applied to Makefile.
With it, luasec0.5 has been working fine for the last couple of weeks, but broke after an updated to openssl yesterday (I rebuilt luasec after the update, for course).
I'm not sure how the other bits of the above like patch would apply to luasec - I don't see the same variables in the Makefile.
from luasec.
brunoos
commented on July 24, 2024
I will setup a VM with 5.5 from snapshot and take a look.
How do you update openssl? From ports?
Do you recompile luasec from ports also?
from luasec.
WhyNotHugo
commented on July 24, 2024
OpenSSL is included in the base system (-current/snapshot includes the patch for heartbleed).
luasec0.5 in included in ports. The port for 0.5 worked fine until the latest openssl update (I rebuilt luasec, of course, but still).
Thanks for your time.
from luasec.
brunoos
commented on July 24, 2024
OpenBSD uses stack-protector by default, and a symbol "__guard_local" is introduced by gcc in x509.o. But, the linkage is done by "ld", that does not include this symbol in the final "ssl.so".
$ make bsd
** Build for BSD **
cc -O2 -pipe -O2 -pipe -fPIC -Wall -pedantic -I. -I/usr/local/include/lua-5.1/ -DWITH_LUASOCKET -DLUASOCKET_DEBUG -c io.c
cc -O2 -pipe -O2 -pipe -fPIC -Wall -pedantic -I. -I/usr/local/include/lua-5.1/ -DWITH_LUASOCKET -DLUASOCKET_DEBUG -c buffer.c
cc -O2 -pipe -O2 -pipe -fPIC -Wall -pedantic -I. -I/usr/local/include/lua-5.1/ -DWITH_LUASOCKET -DLUASOCKET_DEBUG -c timeout.c
cc -O2 -pipe -O2 -pipe -fPIC -Wall -pedantic -I. -I/usr/local/include/lua-5.1/ -DWITH_LUASOCKET -DLUASOCKET_DEBUG -c usocket.c
ar rcu libluasocket.a io.o buffer.o timeout.o usocket.o
ranlib libluasocket.a
cc -O2 -pipe -O2 -pipe -fPIC -Wall -pedantic -I. -I/usr/local/include/lua-5.1/ -DWITH_LUASOCKET -c x509.c
cc -O2 -pipe -O2 -pipe -fPIC -Wall -pedantic -I. -I/usr/local/include/lua-5.1/ -DWITH_LUASOCKET -c context.c
cc -O2 -pipe -O2 -pipe -fPIC -Wall -pedantic -I. -I/usr/local/include/lua-5.1/ -DWITH_LUASOCKET -c ssl.c
ld -fPIC -shared -L./luasocket -L/usr/lib -o ssl.so x509.o context.o ssl.o -lssl -lcrypto -lluasocket
$ nm src/ssl.so | grep guard_local
U __guard_local
However, if you add LD="cc" in the end of this line in the ports' Makefile:
MAKE_ENV+= INC_PATH="-I${MODLUA_INCL_DIR}" SAVECFLAGS="${CFLAGS}" LD="cc"
it seems that gcc passes the right parameters to ld include the symbol:
...
cc -fPIC -shared -L./luasocket -L/usr/lib -o ssl.so x509.o context.o ssl.o -lssl -lcrypto -lluasocket
$ nm src/ssl.so | grep guard_local
20001000 d __guard_local
Can you try to rebuild LuaSec with this parameter?
from luasec.
WhyNotHugo
commented on July 24, 2024
Thanks, that works!
At first I was slightly frustrated because it didn't, until I realized I had typed 'LC="dd"'. :-P
If it's ok with you, I'll submit a patch to OpeBSD ports in order to fix this (unless you thing this can be fixed on your end, but I don't think it the right place - is it?).
Again, thanks!
from luasec.
Related Issues (20)
- ssl.https.request dont work HOT 6
- Off by one in `cert:validat(notafter)` HOT 2
- [HTTPS] Problems with memory consumption when loading the CA certificate HOT 5
- skip response headers messages HOT 2
- SSL Handshake fails without an error message HOT 2
- Compilation fails with >=openssl-3.0.0 HOT 1
- Can't compile source code in luasec.vcxproj HOT 1
- method `conn:shutdown()` is missing HOT 4
- Is openssl 1.0.2 supported with lua 5.1 release? HOT 2
- Docker container crashed when lua calling ssl.so library HOT 4
- Android shared library
- Sumneko's Lua language server shows a warning for passing 2 variables to a function with only 1 argument in https.lua HOT 1
- New release HOT 4
- Failed to install with mingw64 HOT 6
- Installation on an embedded Lua v5.1 (with no Lua Rocks) HOT 12
- tls-psk regress after #194 HOT 3
- Failed VS2022 BUILD | openssl-3.2.0 and crypt32.lib
- Emerged on Gentoo version 1.3.2, and I see it by path /usr/share/lua/5.1/ssl/https.lua, but expected for version 5.4
- Does this library support DTLS? HOT 1
- getting information about client HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from luasec.