Win32 Building requires write access???

classic Classic list List threaded Threaded
5 messages Options
Reply | Threaded
Open this post in threaded view
|

Win32 Building requires write access???

Yop83
Hi!

I've been working on an application using OpenSSL. For a couple of weeks, I
used the prebuilt Win32 version of the library. But recently I made the switch
to the full blown source distribution.

The build process by itself works perfectly, but, at work, we're using Perforce
as our version manager and it causes a small conflict...

As you may know, in Perforce, as long as you don't check out a file, it is
read-only. In my head, this would be fine, except that the OpenSSL build
process necessitates write access to a couple of core files!

I get a couple of errors, such as "access denied" or "unable to rename
makefile" while building. Of course, it doesn't complete.

The "unable to rename makefile" error comes when I'm doing the "Configure
VC-WIN32" step. The "access denied" error comes when executing the
"ms/do_nasm.bat" file on those lines of output:
  perl util\mk1mf.pl nasm VC-WIN32  1>ms\nt.mak
  Access is denied.
  perl util\mk1mf.pl dll nasm VC-WIN32  1>ms\ntdll.mak
  Access is denied.
  perl util\mk1mf.pl nasm BC-NT  1>ms\bcb.mak
  Access is denied.
  perl util\mkdef.pl 32 libeay  1>ms\libeay32.def
  Access is denied.
  perl util\mkdef.pl 32 ssleay  1>ms\ssleay32.def
  Access is denied.

You might tell me to check out the complete folder and build there, but it's
not really a solution!

I don't know if you guys know of a way to build the library without it needing
write access to any of the core files?

(By the way, when I mean core files, I mean files that came with the
distribution. Maybe some of them are dynamically generated and thus
non-necessary to include in our perforce tree?)

Thanks in advance!
--Yop83



       

       
               
__________________________________________________________
Lèche-vitrine ou lèche-écran ?
magasinage.yahoo.ca
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: Win32 Building requires write access???

Kyle Hamilton
Because the software has to build on so many platforms, config,
Configure, do_nasm, do_masm, and so on have to copy files into the
build directory as appropriate, and modify the makefile as
appropriate.

As long as only one setup is being used for all of the builds, it
should only have to be done once, and the results checked in.  This
will allow a "preconfigured" win32 environment to be checked out, with
all that's required being a "make".

However: The .def files MUST be created, so the entire nt/ folder must
be checked out at least once, then the configuration step, then the
entire checkin.  It only needs to modify those files during
configuration of the source tree, not at any other time.

-Kyle H

On 2/8/06, Yop83 <[hidden email]> wrote:

> Hi!
>
> I've been working on an application using OpenSSL. For a couple of weeks, I
> used the prebuilt Win32 version of the library. But recently I made the switch
> to the full blown source distribution.
>
> The build process by itself works perfectly, but, at work, we're using Perforce
> as our version manager and it causes a small conflict...
>
> As you may know, in Perforce, as long as you don't check out a file, it is
> read-only. In my head, this would be fine, except that the OpenSSL build
> process necessitates write access to a couple of core files!
>
> I get a couple of errors, such as "access denied" or "unable to rename
> makefile" while building. Of course, it doesn't complete.
>
> The "unable to rename makefile" error comes when I'm doing the "Configure
> VC-WIN32" step. The "access denied" error comes when executing the
> "ms/do_nasm.bat" file on those lines of output:
>   perl util\mk1mf.pl nasm VC-WIN32  1>ms\nt.mak
>   Access is denied.
>   perl util\mk1mf.pl dll nasm VC-WIN32  1>ms\ntdll.mak
>   Access is denied.
>   perl util\mk1mf.pl nasm BC-NT  1>ms\bcb.mak
>   Access is denied.
>   perl util\mkdef.pl 32 libeay  1>ms\libeay32.def
>   Access is denied.
>   perl util\mkdef.pl 32 ssleay  1>ms\ssleay32.def
>   Access is denied.
>
> You might tell me to check out the complete folder and build there, but it's
> not really a solution!
>
> I don't know if you guys know of a way to build the library without it needing
> write access to any of the core files?
>
> (By the way, when I mean core files, I mean files that came with the
> distribution. Maybe some of them are dynamically generated and thus
> non-necessary to include in our perforce tree?)
>
> Thanks in advance!
> --Yop83
>
>
>
>
>
>
>
> __________________________________________________________
> Lèche-vitrine ou lèche-écran ?
> magasinage.yahoo.ca
> ______________________________________________________________________
> OpenSSL Project                                 http://www.openssl.org
> User Support Mailing List                    [hidden email]
> Automated List Manager                           [hidden email]
>
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: Win32 Building requires write access???

Richard Salz
> Because the software has to build on so many platforms, config,
> Configure, do_nasm, do_masm, and so on have to copy files into the
> build directory as appropriate, and modify the makefile as
> appropriate.

No, that's just the way it's done.  There is actually no requirement that
a build/port system modify files in-place. Most autoconf uses, for
example, don't.  And nothing prevents you from checking in generated
files.

It's just the way openssl works right now.

        /r$

--
SOA Appliance Group
IBM Application Integration Middleware


______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

PHP Parsing FakeBasic..?

Thomas George
In reply to this post by Yop83
Hello,

Is anyone aware of a method for using PKI certificates for authentication
with PHP..?

All suggestions are appreciated...!

Thomas


______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: PHP Parsing FakeBasic..?

Peter K. Hadley
Yes.

Actually, I think Apache has FakeBasic Auth  built in.  I don't like it
because it seems easy to spoof.  In my work, I ask the client for the
certificate with the line in the configuration file
SSLVerifyClient optional_no_ca
which gives me the certificate in $_SERVER["SSL_CLIENT_CERT"] and its
serial number in $_SERVER["SSL_CLIENT_M_SERIAL"].  I then look it up in
our Postgres database and compare the full text of the certificate
offered by the client to that in the database.  If they're identical, I
grant appropriate permissions.

If this is what you want, I can supply a snippet of code but don't want
to take up my or others' time otherwise.

I know that respected authorities say that optional_no_ca has no use but
I wanted to keep control if there is no certificate and if there is an
unrecognized certificate and couldn't think of anything that did it so
beautifully.

Thomas George wrote:

>Hello,
>
>Is anyone aware of a method for using PKI certificates for authentication
>with PHP..?
>
>All suggestions are appreciated...!
>
>Thomas
>
>
>______________________________________________________________________
>OpenSSL Project                                 http://www.openssl.org
>User Support Mailing List                    [hidden email]
>Automated List Manager                           [hidden email]
>
>  
>


--
Peter K. Hadley
Director of Technology
The Village Group
738 Main Street
Waltham, Massachusetts  02451

617-413-0706
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]