From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me X-Spam-Level: X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00 autolearn=unavailable autolearn_force=no version=3.4.4 Path: eternal-september.org!reader01.eternal-september.org!reader02.eternal-september.org!news.eternal-september.org!.POSTED!not-for-mail From: David Thompson Newsgroups: comp.lang.ada Subject: Re: link error AWS with SSL on debian 9 64 bit Date: Fri, 08 Sep 2017 21:53:56 -0400 Organization: Poor Message-ID: References: Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 8bit Injection-Info: reader.eternal-september.org; posting-host="4fb43bf552785b0508f9dc17f69470e9"; logging-data="26835"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX1+4maRdihapUq2ec9B9OUbCDhT5r/HxDNI=" X-Newsreader: Forte Agent 3.3/32.846 Cancel-Lock: sha1:ZDYbQIqQHxRt5YKGiiIwySlUbiE= Xref: news.eternal-september.org comp.lang.ada:47991 Date: 2017-09-08T21:53:56-04:00 List-Id: On Mon, 28 Aug 2017 12:29:40 +0200, Björn Lundin wrote: > and a dev machine on 64 bit debian 9 with > > bnl@tp:~/svn/bnlbot/botstart/bot-1-0/source/ada$ apt-cache pkgnames | > grep libssl | sort > libssl1.0.0 > libssl1.0.2 > libssl1.0-dev > libssl1.1 > libssl-dev > libssl-doc > libssl-ocaml > libssl-ocaml-dev > bnl@tp:~/svn/bnlbot/botstart/bot-1-0/source/ada$ > > > To build AWS with ssl support I set > > SOCKET = openssl > > > in makefile.conf > > Building AWS itself works on both debians but using it does not work on > debian 9 > > [link] poll.adb > /usr/local/ada/aws/gpl2017_ssl/lib/aws/libaws.a(aws-net-ssl__openssl.o): > In function `aws__net__ssl__locking__initializeXnn': > aws-net-ssl__openssl.adb:(.text+0x6b0a): undefined reference to > `CRYPTO_set_id_callback' > aws-net-ssl__openssl.adb:(.text+0x6b14): undefined reference to > `CRYPTO_set_locking_callback' > aws-net-ssl__openssl.adb:(.text+0x6b1e): undefined reference to > `CRYPTO_set_dynlock_create_callback' > aws-net-ssl__openssl.adb:(.text+0x6b28): undefined reference to > `CRYPTO_set_dynlock_lock_callback' You appear to be getting OpenSSL 1.1.0. 1.1.0 changed threading and locking bigtime; this will probably need code changes. > /usr/local/ada/aws/gpl2017_ssl/lib/aws/libaws.a(aws-net-ssl__openssl.o): > In function `aws__net__ssl__ciphers': > aws-net-ssl__openssl.adb:(.text+0x7e76): undefined reference to > `SSLv23_method' 1.1.0 changed this (long-out-of-date) name to TLS_method, although the old name _should_ be available as a compatibility macro. > /usr/local/ada/aws/gpl2017_ssl/lib/aws/libaws.a(aws-net-ssl__openssl.o): > In function `aws__net__ssl__signature__3': > aws-net-ssl__openssl.adb:(.text+0x9248): undefined reference to > `EVP_MD_CTX_create' > aws-net-ssl__openssl.adb:(.text+0x931e): undefined reference to > `EVP_MD_CTX_destroy' Renamed _new and _free to be consistent with (many) other modules. > /usr/local/ada/aws/gpl2017_ssl/lib/aws/libaws.a(aws-net-ssl__openssl.o): > In function `aws__net__ssl__set_accept_state': > aws-net-ssl__openssl.adb:(.text+0xb1aa): undefined reference to > `SSL_set_tmp_rsa_callback' set_tmp_rsa was only used for 'export' ciphersuites which have been broken and obsolete for over 20 years and were finally removed, although compatibility macros that should have hidden this. > /usr/local/ada/aws/gpl2017_ssl/lib/aws/libaws.a(aws-net-ssl__openssl.o): > In function `aws__net__ssl__version': > aws-net-ssl__openssl.adb:(.text+0xd9e9): undefined reference to > `SSLeay_version' > aws-net-ssl__openssl.adb:(.text+0xda86): undefined reference to > `SSLeay_version' > aws-net-ssl__openssl.adb:(.text+0xdaa0): undefined reference to > `SSLeay_version' > aws-net-ssl__openssl.adb:(.text+0xdaba): undefined reference to > `SSLeay_version' > aws-net-ssl__openssl.adb:(.text+0xdad4): undefined reference to > `SSLeay_version' Renamed OpenSSL_version, again compatibility macro should handle. > /usr/local/ada/aws/gpl2017_ssl/lib/aws/libaws.a(aws-net-ssl__openssl.o): > In function `aws__net__ssl___elabb': > aws-net-ssl__openssl.adb:(.text+0xe177): undefined reference to > `CRYPTO_num_locks' Obsoleted by the threading changes (above) but again compatibility macros should handle. > aws-net-ssl__openssl.adb:(.text+0xe2ff): undefined reference to > `SSL_load_error_strings' > aws-net-ssl__openssl.adb:(.text+0xe304): undefined reference to > `SSL_library_init' > aws-net-ssl__openssl.adb:(.text+0xe31e): undefined reference to > `SSL_CTX_get_ex_new_index' Changed but compatibility macros should handle. > /usr/local/ada/aws/gpl2017_ssl/lib/aws/libaws.a(aws-net-ssl__openssl.o): > In function `aws__net__ssl___elabs': > aws-net-ssl__openssl.adb:(.text+0xe492): undefined reference to `SSLeay' > /usr/local/ada/aws/gpl2017_ssl/lib/aws/libaws.a(aws-net-ssl__openssl.o): > In function `aws__net__ssl__locking__initializeXnn': > aws-net-ssl__openssl.adb:(.text+0x6b36): undefined reference to > `CRYPTO_set_dynlock_destroy_callback' > /usr/local/ada/aws/gpl2017_ssl/lib/aws/libaws.a(aws-net-ssl__openssl.o):(.rodata+0x16c0): > undefined reference to `SSLv23_method' > /usr/local/ada/aws/gpl2017_ssl/lib/aws/libaws.a(aws-net-ssl__openssl.o):(.rodata+0x16c8): > undefined reference to `SSLv23_server_method' > /usr/local/ada/aws/gpl2017_ssl/lib/aws/libaws.a(aws-net-ssl__openssl.o):(.rodata+0x16d0): > undefined reference to `SSLv23_client_method' > /usr/local/ada/aws/gpl2017_ssl/lib/aws/libaws.a(aws-net-ssl__openssl.o):(.rodata+0x1720): > undefined reference to `SSLv23_method' > /usr/local/ada/aws/gpl2017_ssl/lib/aws/libaws.a(aws-net-ssl__openssl.o):(.rodata+0x1728): > undefined reference to `SSLv23_server_method' > /usr/local/ada/aws/gpl2017_ssl/lib/aws/libaws.a(aws-net-ssl__openssl.o):(.rodata+0x1730): > undefined reference to `SSLv23_client_method' Dupes of above. > collect2: error: ld returned 1 exit status > gprbuild: link of poll.adb failed > makefile:67: receptet för målet ”adabot” misslyckades > make[1]: *** [adabot] Fel 4 > make[1]: Lämnar katalogen > ”/home/bnl/svn/bnlbot/botstart/bot-1-0/source/ada” > If (AWS) code has not yet been updated to deal with OpenSSL 1.1.0 API changes, you are probably best off using 1.0.x. I don't use Debian, but the fact libssl-dev and libssl1.0-dev are separate packages suggests there is some way to make 1.0.x available to AWS.