New inlcudes needed for OpenSSL V1.1.1 sockets

classic Classic list List threaded Threaded
5 messages Options
Reply | Threaded
Open this post in threaded view
|

New inlcudes needed for OpenSSL V1.1.1 sockets

Balázs Horváth
Hi,

in out project we compile OpenSSL V1.0.2p for MIPS and Linux under Linux. For MIPS we use GCC, and we use sockets for both MIPS and Linux.
Now we want to upgrade to 1.1.1d, and want to use sockets, but MIPS fails, because it needs extra includes from the socket parts of OpenSSL. Following extra includes are needed:

arpa/inet.h

netinet/tcp.h

netinet/in.h

strings.h

netdb.h

sys/socket.h

sys/ioctl.h

sys/un.h


For Linux the includes under /usr/include work, but for MIPS they give compile errors.

What should we use for MIPS?
Should we adjust the headers for MIPS or the OpenSSL sources? Why are these headers needed in the new version, if they were not in the old one?

Thanks,
Balazs


Reply | Threaded
Open this post in threaded view
|

Re: New inlcudes needed for OpenSSL V1.1.1 sockets

Michael Wojcik
From: openssl-users <[hidden email]> on behalf of Balázs Horváth <[hidden email]>
Sent: Monday, March 30, 2020 10:00

> Following extra includes are needed:
> arpa/inet.h
> netinet/tcp.h
> netinet/in.h
> strings.h
> netdb.h
> sys/socket.h
> sys/ioctl.h
> sys/un.h

These are system headers, not OpenSSL headers. OpenSSL has no control over them.

> For Linux the includes under /usr/include work, but for MIPS they give compile errors.

Then you're using the wrong headers for the MIPS compilation. To be honest, it's not clear to me what you're doing, because Linux is an operating system (or more precisely a kernel), and MIPS is a processor family.

> What should we use for MIPS?

This is not an OpenSSL question. It's a cross-compilation question (I think, since I'm not sure what you're actually trying to do), and so depends on your cross-compilation toolchain.



Reply | Threaded
Open this post in threaded view
|

Re: New inlcudes needed for OpenSSL V1.1.1 sockets

Balázs Horváth

Thanks for Your answer!

 

I was not clearly describing our problem, sorry! Our project is for embedded devices running on MIPS processors. The system has a special OS, not Linux.

The development system is under Linux, and we are compiling OpenSSL with cross compile option for MIPS. We also compile the code for Linux, so that we have a simulation of the embedded system, that can be easily debugged under Linux.

Our problem is, that the OpenSSL V1.1.1d needs includes, that are nonexistent for MIPS in our development system. These headers were not needed for 1.0.2.

 

My question is not a 100% OpenSSL question. But I think, as OpenSSL is widely used on non-Linux/Windows/… systems, the question is legitime to ask, what to use on special systems? Or why are these headers needed now?

The programmer, who changed the code, probably had an idea about that.

 

Best regards,

Balazs


Michael Wojcik <[hidden email]> ezt írta (időpont: 2020. márc. 30., H, 20:20):
From: openssl-users <[hidden email]> on behalf of Balázs Horváth <[hidden email]>
Sent: Monday, March 30, 2020 10:00

> Following extra includes are needed:
> arpa/inet.h
> netinet/tcp.h
> netinet/in.h
> strings.h
> netdb.h
> sys/socket.h
> sys/ioctl.h
> sys/un.h

These are system headers, not OpenSSL headers. OpenSSL has no control over them.

> For Linux the includes under /usr/include work, but for MIPS they give compile errors.

Then you're using the wrong headers for the MIPS compilation. To be honest, it's not clear to me what you're doing, because Linux is an operating system (or more precisely a kernel), and MIPS is a processor family.

> What should we use for MIPS?

This is not an OpenSSL question. It's a cross-compilation question (I think, since I'm not sure what you're actually trying to do), and so depends on your cross-compilation toolchain.



Reply | Threaded
Open this post in threaded view
|

Re: New inlcudes needed for OpenSSL V1.1.1 sockets

Dr Paul Dale
All of the include files mentioned are standard ones which have always been used.
You are building 1.1.1 differently to 1.0.2.  Debug your build environment first.


Pauli
-- 
Dr Paul Dale | Distinguished Architect | Cryptographic Foundations 
Phone +61 7 3031 7217
Oracle Australia




On 31 Mar 2020, at 7:56 pm, Balázs Horváth <[hidden email]> wrote:

Thanks for Your answer!

 

I was not clearly describing our problem, sorry! Our project is for embedded devices running on MIPS processors. The system has a special OS, not Linux.
The development system is under Linux, and we are compiling OpenSSL with cross compile option for MIPS. We also compile the code for Linux, so that we have a simulation of the embedded system, that can be easily debugged under Linux.
Our problem is, that the OpenSSL V1.1.1d needs includes, that are nonexistent for MIPS in our development system. These headers were not needed for 1.0.2.

 

My question is not a 100% OpenSSL question. But I think, as OpenSSL is widely used on non-Linux/Windows/… systems, the question is legitime to ask, what to use on special systems? Or why are these headers needed now?
The programmer, who changed the code, probably had an idea about that.

 

Best regards,
Balazs

Michael Wojcik <[hidden email]> ezt írta (időpont: 2020. márc. 30., H, 20:20):
From: openssl-users <[hidden email]> on behalf of Balázs Horváth <[hidden email]>
Sent: Monday, March 30, 2020 10:00

> Following extra includes are needed:
> arpa/inet.h
> netinet/tcp.h
> netinet/in.h
> strings.h
> netdb.h
> sys/socket.h
> sys/ioctl.h
> sys/un.h

These are system headers, not OpenSSL headers. OpenSSL has no control over them.

> For Linux the includes under /usr/include work, but for MIPS they give compile errors.

Then you're using the wrong headers for the MIPS compilation. To be honest, it's not clear to me what you're doing, because Linux is an operating system (or more precisely a kernel), and MIPS is a processor family.

> What should we use for MIPS?

This is not an OpenSSL question. It's a cross-compilation question (I think, since I'm not sure what you're actually trying to do), and so depends on your cross-compilation toolchain.




Reply | Threaded
Open this post in threaded view
|

Re: New inlcudes needed for OpenSSL V1.1.1 sockets

Balázs Horváth
In reply to this post by Balázs Horváth
I made some investigations in our toolchain and code according to Your answers.

I have found out, that the OpenSSL 1.0.2p was patched on some places in our system, e.g. the definitions for socket usage in e_os.h.
I have also checked our toolchain, and compile results: I am sure, that we don't use the headers with 1.0.2p. Somehow our changes and configuration does not need the headers for th 1.0.2p.

We work now on two ways to solve our problem. One is to leave the 1.1.1d unchanged, and try to make own headers from the Linux headers.
The other is to take the patches from 1.0.2p, and try out if they work for the 1.1.1d
Probably a mix of both will be the working solution.

> > The programmer, who changed the code, probably had an idea about that.

> Which programmer who changed which code? 
I have seen, that there are new source files in the new version, like s_socket.c, and that header files are greatly modified. I also found following in the release notes:

Rewrite of BIO networking library. The BIO library lacked consistent support of IPv6, and adding it required some more extensive modifications. This introduces the BIO_ADDR and BIO_ADDRINFO types, which hold all types of addresses and chains of address information. It also introduces a new API, with functions like BIO_socket, BIO_connect, BIO_listen, BIO_lookup and a rewrite of BIO_accept. The source/sink BIOs BIO_s_connect, BIO_s_accept and BIO_s_datagram have been adapted accordingly.

Richard Levitte

Because of these, I had the assumption, that the sockets implementation was refactored, and needs now new headers. As You both wrote, I was wrong with the headers.

Thanks for Your help!
Best regards,
Balazs

Michael Wojcik <[hidden email]> ezt írta (időpont: 2020. márc. 31., K, 15:26):
> From: openssl-users <[hidden email]> on behalf of Balázs Horváth <[hidden email]>
> Sent: Tuesday, March 31, 2020 04:56

> Our problem is, that the OpenSSL V1.1.1d needs includes, that are nonexistent for MIPS in our
> development system.

You mean "that don't exist for the OS we're running on MIPS". Headers belong to the toolchain and OS, not to the processor family. If you were targeting Linux on MIPS rather than some other OS (which you haven't named, so if there's anyone on the list who has also used it, you haven't given them enough information to help), you would have all of those headers.

In short, your problem *has nothing to do with MIPS*. It has to do with your target OS.

> These headers were not needed for 1.0.2.

Ah, but they were, as Pauli pointed out in another email. On POSIX and POSIX-like platforms, OpenSSL has always used the sockets API, and those are headers typically required for sockets on POSIX. There was some other difference about how you were building 1.0.2.

> My question is not a 100% OpenSSL question. But I think, as OpenSSL is widely used on
> non-Linux/Windows/… systems, the question is legitime to ask, what to use on special
> systems?

The headers used to build OpenSSL on a given platform are whatever the Configure process enables. If your target OS has a Configure target, then that's what you have to configure OpenSSL's build process for, *before* trying to build it. If your target OS does not have a target in the stock OpenSSL Configure script, then you're targeting an unsupported platform, and it's up to you to port OpenSSL to it; that includes figuring out what headers are needed.

> Or why are these headers needed now?

You haven't configured the OpenSSL build for the correct target.

> The programmer, who changed the code, probably had an idea about that.

Which programmer who changed which code?