AIX Open Source

 View Only
Expand all | Collapse all

toolbox perl: Crypt::SSLeay build fails

  • 1.  toolbox perl: Crypt::SSLeay build fails

    Posted Mon April 29, 2024 04:28 AM
    Edited by C- -T Mon April 29, 2024 04:47 AM

    Hi,

    build of Crypt-SSLeay with recent freeware perl and  aix openssl 3.0.7 fails because of depracted functions errors. this messed up our lpar2rrd instance in

    a serious way. please elaborate how to get this going, or even better include  SSLeay  as a module in your perl dist, as the aix perl has it anyway, should not be that difficult.

    EDIT: checked back, and the SSL modules are also missing in the aix perl dist...quite distressing as this is a common dependency

    Building Crypt-SSLeay-0.72
cp lib/Crypt/SSLeay/MainContext.pm blib/lib/Crypt/SSLeay/MainContext.pm
cp SSLeay.pm blib/lib/Crypt/SSLeay.pm
cp lib/Crypt/SSLeay/Conn.pm blib/lib/Crypt/SSLeay/Conn.pm
cp lib/Crypt/SSLeay/Version.pm blib/lib/Crypt/SSLeay/Version.pm
cp lib/Crypt/SSLeay/X509.pm blib/lib/Crypt/SSLeay/X509.pm
cp lib/Net/SSL.pm blib/lib/Net/SSL.pm
cp lib/Crypt/SSLeay/CTX.pm blib/lib/Crypt/SSLeay/CTX.pm
cp lib/Crypt/SSLeay/Err.pm blib/lib/Crypt/SSLeay/Err.pm
Running Mkbootstrap for SSLeay ()
chmod 644 "SSLeay.bs"
"/opt/freeware/bin/perl" -MExtUtils::Command::MM -e 'cp_nonempty' -- SSLeay.bs blib/arch/auto/Crypt/SSLeay/SSLeay.bs 644
"/opt/freeware/bin/perl" "/opt/freeware/share/perl5/5.38/ExtUtils/xsubpp"  -typemap '/opt/freeware/share/perl5/5.38/ExtUtils/typemap' -typemap '/root/.cpanm/work/1714378788.13894120/Crypt-SSLeay-0.72/typemap'  SSLeay.xs > SSLeay.xsc
mv SSLeay.xsc SSLeay.c
gcc -maix64 -c   -D_THREAD_SAFE -O2 -maix64 -L/opt/freeware/lib64 -L/opt/freeware/lib -D_ALL_SOURCE -D_ANSI_C_SOURCE -D_POSIX_SOURCE -DUSE_NATIVE_DLOPEN -DNEED_PTHREAD_INIT -I/opt/freeware/include -DNEED_PTHREAD_INIT -fwrapv -fno-strict-aliasing -pipe -maix64 -DUSE_64_BIT_ALL -D_FORTIFY_SOURCE=2 -O   -DVERSION=\"0.72\" -DXS_VERSION=\"0.72\"  "-I/opt/freeware/lib64/perl5/5.38/CORE"   SSLeay.c
SSLeay.xs: In function 'XS_Crypt__SSLeay__CTX_new':
SSLeay.xs:126:13: warning: implicit declaration of function 'OpenSSL_add_all_algorithms' [-Wimplicit-function-declaration]
  126 |             OpenSSL_add_all_algorithms();
      |             ^~~~~~~~~~~~~~~~~~~~~~~~~~
SSLeay.xs:127:13: warning: implicit declaration of function 'SSL_load_error_strings'; did you mean 'ERR_lib_error_string'? [-Wimplicit-function-declaration]
  127 |             SSL_load_error_strings();
      |             ^~~~~~~~~~~~~~~~~~~~~~
      |             ERR_lib_error_string
SSLeay.xs:128:13: warning: implicit declaration of function 'ERR_load_crypto_strings'; did you mean 'ERR_load_strings'? [-Wimplicit-function-declaration]
  128 |             ERR_load_crypto_strings();
      |             ^~~~~~~~~~~~~~~~~~~~~~~
      |             ERR_load_strings
SSLeay.xs:129:13: warning: implicit declaration of function 'SSL_library_init'; did you mean 'SSL_in_init'? [-Wimplicit-function-declaration]
  129 |             SSL_library_init();
      |             ^~~~~~~~~~~~~~~~
      |             SSL_in_init
SSLeay.xs:152:31: warning: implicit declaration of function 'SSLv3_client_method'; did you mean 'SSLv23_client_method'? [-Wimplicit-function-declaration]
  152 |             ctx = SSL_CTX_new(SSLv3_client_method());
      |                               ^~~~~~~~~~~~~~~~~~~
      |                               SSLv23_client_method
SSLeay.xs:152:31: warning: passing argument 1 of 'SSL_CTX_new' makes pointer from integer without a cast [-Wint-conversion]
  152 |             ctx = SSL_CTX_new(SSLv3_client_method());
      |                               ^~~~~~~~~~~~~~~~~~~~~
      |                               |
      |                               int
In file included from SSLeay.xs:35:
/usr/include/openssl/ssl.h:1619:47: note: expected 'const SSL_METHOD *' {aka 'const struct ssl_method_st *'} but argument is of type 'int'
 1619 | __owur SSL_CTX *SSL_CTX_new(const SSL_METHOD *meth);
      |                             ~~~~~~~~~~~~~~~~~~^~~~
SSLeay.xs:157:31: warning: implicit declaration of function 'SSLv2_client_method'; did you mean 'SSLv23_client_method'? [-Wimplicit-function-declaration]
  157 |             ctx = SSL_CTX_new(SSLv2_client_method());
      |                               ^~~~~~~~~~~~~~~~~~~
      |                               SSLv23_client_method
SSLeay.xs:157:31: warning: passing argument 1 of 'SSL_CTX_new' makes pointer from integer without a cast [-Wint-conversion]
  157 |             ctx = SSL_CTX_new(SSLv2_client_method());
      |                               ^~~~~~~~~~~~~~~~~~~~~
      |                               |
      |                               int
In file included from SSLeay.xs:35:
/usr/include/openssl/ssl.h:1619:47: note: expected 'const SSL_METHOD *' {aka 'const struct ssl_method_st *'} but argument is of type 'int'
 1619 | __owur SSL_CTX *SSL_CTX_new(const SSL_METHOD *meth);
      |                             ~~~~~~~~~~~~~~~~~~^~~~
SSLeay.c: In function 'XS_Crypt__SSLeay__Conn_get_peer_certificate':
SSLeay.c:966:11: warning: implicit declaration of function 'SSL_get_peer_certificate'; did you mean 'SSL_get1_peer_certificate'? [-Wimplicit-function-declaration]
  966 |  RETVAL = SSL_get_peer_certificate(ssl);
      |           ^~~~~~~~~~~~~~~~~~~~~~~~
      |           SSL_get1_peer_certificate
SSLeay.c:966:9: warning: assignment to 'X509 *' {aka 'struct x509_st *'} from 'int' makes pointer from integer without a cast [-Wint-conversion]
  966 |  RETVAL = SSL_get_peer_certificate(ssl);
      |         ^
SSLeay.xs: In function 'XS_Crypt__SSLeay__X509_get_notBeforeString':
SSLeay.xs:516:30: warning: implicit declaration of function 'X509_get_notBefore'; did you mean 'X509_getm_notBefore'? [-Wimplicit-function-declaration]
  516 |             RETVAL = (char *)X509_get_notBefore(cert)->data;
      |                              ^~~~~~~~~~~~~~~~~~
      |                              X509_getm_notBefore
SSLeay.xs:516:54: error: invalid type argument of '->' (have 'int')
  516 |             RETVAL = (char *)X509_get_notBefore(cert)->data;
      |                                                      ^~
SSLeay.xs: In function 'XS_Crypt__SSLeay__X509_get_notAfterString':
SSLeay.xs:524:30: warning: implicit declaration of function 'X509_get_notAfter'; did you mean 'X509_getm_notAfter'? [-Wimplicit-function-declaration]
  524 |             RETVAL = (char *)X509_get_notAfter(cert)->data;
      |                              ^~~~~~~~~~~~~~~~~
      |                              X509_getm_notAfter
SSLeay.xs:524:53: error: invalid type argument of '->' (have 'int')
  524 |             RETVAL = (char *)X509_get_notAfter(cert)->data;
      |                                                     ^~
SSLeay.xs: In function 'XS_Crypt__SSLeay__Version_openssl_version':
SSLeay.xs:533:18: warning: implicit declaration of function 'SSLeay_version'; did you mean 'SSL_version'? [-Wimplicit-function-declaration]
  533 |         RETVAL = SSLeay_version(SSLEAY_VERSION);
      |                  ^~~~~~~~~~~~~~
      |                  SSL_version
SSLeay.xs:533:33: error: 'SSLEAY_VERSION' undeclared (first use in this function); did you mean 'SSL2_VERSION'?
  533 |         RETVAL = SSLeay_version(SSLEAY_VERSION);
      |                                 ^~~~~~~~~~~~~~
      |                                 SSL2_VERSION
SSLeay.xs:533:33: note: each undeclared identifier is reported only once for each function it appears in
SSLeay.xs: In function 'XS_Crypt__SSLeay__Version_openssl_cflags':
SSLeay.xs:547:33: error: 'SSLEAY_CFLAGS' undeclared (first use in this function)
  547 |         RETVAL = SSLeay_version(SSLEAY_CFLAGS);
      |                                 ^~~~~~~~~~~~~
SSLeay.xs: In function 'XS_Crypt__SSLeay__Version_openssl_platform':
SSLeay.xs:554:33: error: 'SSLEAY_PLATFORM' undeclared (first use in this function)
  554 |         RETVAL = SSLeay_version(SSLEAY_PLATFORM);
      |                                 ^~~~~~~~~~~~~~~
SSLeay.xs: In function 'XS_Crypt__SSLeay__Version_openssl_built_on':
SSLeay.xs:561:33: error: 'SSLEAY_BUILT_ON' undeclared (first use in this function)
  561 |         RETVAL = SSLeay_version(SSLEAY_BUILT_ON);
      |                                 ^~~~~~~~~~~~~~~
SSLeay.xs: In function 'XS_Crypt__SSLeay__Version_openssl_dir':
SSLeay.xs:568:33: error: 'SSLEAY_DIR' undeclared (first use in this function)
  568 |         RETVAL = SSLeay_version(SSLEAY_DIR);
      |                                 ^~~~~~~~~~
make: *** [Makefile:354: SSLeay.o] Error 1
-> FAIL Installing Net::SSL failed. See /root/.cpanm/work/1714378788.13894120/build.log for details. Retry with --force to force install it.



    ------------------------------
    I regret starting this entire conversation
    ------------------------------



  • 2.  RE: toolbox perl: Crypt::SSLeay build fails

    Posted Mon April 29, 2024 05:07 AM

    Can you share the below details ? 
    oslevel -s
    lslpp -l openssl.base
    lslpp -l perl.rte



    ------------------------------
    Ayappan P
    ------------------------------

    Original Message


  • 3.  RE: toolbox perl: Crypt::SSLeay build fails

    Posted Mon April 29, 2024 05:13 AM 
    root@nimvie: /root # oslevel -s
7300-02-01-2346
root@nimvie: /root # lslpp -l openssl.base
  Fileset                      Level  State      Description
  ----------------------------------------------------------------------------
Path: /usr/lib/objrepos
  openssl.base           3.0.10.1001  COMMITTED  Open Secure Socket Layer

Path: /etc/objrepos
  openssl.base           3.0.10.1001  COMMITTED  Open Secure Socket Layer
root@nimvie: /root # lslpp -l perl.rte
  Fileset                      Level  State      Description
  ----------------------------------------------------------------------------
Path: /usr/lib/objrepos
  perl.rte                  5.34.1.4  COMMITTED  Perl Version 5 Runtime
                                                 Environment

Path: /etc/objrepos
  perl.rte                  5.34.1.4  COMMITTED  Perl Version 5 Runtime
                                                 Environment

     please note, i need the module for the toolbox perl dist.



    ------------------------------
    I regret starting this entire conversation
    ------------------------------

    Original Message


  • 4.  RE: toolbox perl: Crypt::SSLeay build fails

    Posted Mon April 29, 2024 05:42 AM

    Crypt-SSLeay is kind of deprecated. The last version 0.72 is released on April 2014. I don't think it can be build against openssl 3. 
    I see cpan redirects the installation to Net-SSLeay, which is the replacement I guess. 



    ------------------------------
    Ayappan P
    ------------------------------

    Original Message


  • 5.  RE: toolbox perl: Crypt::SSLeay build fails

    Posted Mon April 29, 2024 07:10 AM

    looks like LWP-Protocol-https depends on Crypt::SSLeay....? so ne more https urls in perl?



    ------------------------------
    I regret starting this entire conversation
    ------------------------------

    Original Message


  • 6.  RE: toolbox perl: Crypt::SSLeay build fails

    Posted Mon April 29, 2024 07:18 AM

    hmm...the Makefile.PL  of LWP-Protocol-https clearly lists IO::Socket::SSL as dependency and this one has Net::SSLeay as dependency, so

    no idea where this Crypt::SSLeay dependency is coming from.



    ------------------------------
    I regret starting this entire conversation
    ------------------------------

    Original Message


  • 7.  RE: toolbox perl: Crypt::SSLeay build fails

    Posted Mon April 29, 2024 07:26 AM

    reinstalled Net::SSLeay and IO::Socket::SSL but now i get some run time linking errors...

    root@aixtest01: /root/.cpanm/latest-build/IO-Socket-SSL-2.085 # /opt/freeware/bin/perl -e 'use LWP::Protocol::https'
Can't load '/opt/freeware/lib64/perl5/5.38/site_perl//auto/Net/SSLeay/SSLeay.so' for module Net::SSLeay: rtld: 0712-001 Symbol TLSv1_2_client_method was referenced
      from module /opt/freeware/lib64/perl5/5.38/site_perl//auto/Net/SSLeay/SSLeay.so(), but a runtime definition
            of the symbol was not found.
rtld: 0712-001 Symbol TLSv1_2_server_method was referenced
      from module /opt/freeware/lib64/perl5/5.38/site_perl//auto/Net/SSLeay/SSLeay.so(), but a runtime definition
            of the symbol was not found.
rtld: 0712-001 Symbol TLSv1_2_method was referenced
      from module /opt/freeware/lib64/perl5/5.38/site_perl//auto/Net/SSLeay/SSLeay.so(), but a runtime definition
            of the symbol was not found.
rtld: 0712-001 Symbol TLSv1_1_client_method was referenced
      from module /opt/freeware/lib64/perl5/5.38/site_perl//auto/Net/SSLeay/SSLeay.so(), but a runtime definition
            of the symbol was not found.
rtld: 0712-001 Symbol TLSv1_1_server_method was referenced
      from module /opt/freeware/lib64/perl5/5.38/site_perl//auto/Net/SSLeay/SSLeay.so(), but a runtime definition
            of the symbol was not found.
rtld: 0712-001 Symbol TLSv1_1_method was referenced
      from module /opt/freeware/lib64/perl5/5.38/site_perl//auto/Net/SSLeay/SSLeay.so(), but a runtime definition
            of the symbol was not found.
rtld: 0712-001 Symbol TLSv1_client_method was referenced
      from module /opt/freeware/lib64/perl5/5.38/site_perl//auto/Net/SSLeay/SSLeay.so(), but a runtime definition
            of the symbol was not found.
Additional errors occurred but are not reported. at /opt/freeware/lib64/perl5/5.38/DynaLoader.pm line 206.
 at /opt/freeware/share/perl5/site_perl/IO/Socket/SSL.pm line 19.
Compilation failed in require at /opt/freeware/share/perl5/site_perl/IO/Socket/SSL.pm line 19.
BEGIN failed--compilation aborted at /opt/freeware/share/perl5/site_perl/IO/Socket/SSL.pm line 19.
Compilation failed in require at /opt/freeware/share/perl5/site_perl/Net/HTTPS.pm line 25.
Can't locate Net/SSL.pm in @INC (you may need to install the Net::SSL module) (@INC entries checked: /opt/freeware/lib64/perl5/5.38/site_perl/ /opt/freeware/share/perl5/site_perl/ /opt/freeware/lib64/perl5/5.38/vendor_perl/ /opt/freeware/share/perl5/vendor_perl/ /opt/freeware/lib64/perl5/5.38/ /opt/freeware/share/perl5/5.38/) at /opt/freeware/share/perl5/site_perl/Net/HTTPS.pm line 29.
Compilation failed in require at /opt/freeware/share/perl5/site_perl/LWP/Protocol/https.pm line 9.
Compilation failed in require at -e line 1.
BEGIN failed--compilation aborted at -e line 1.



    ------------------------------
    I regret starting this entire conversation
    ------------------------------

    Original Message


  • 8.  RE: toolbox perl: Crypt::SSLeay build fails

    Posted Mon April 29, 2024 08:59 AM

    All these symbols should be resolved through libssl.so.3 library. 

    # dump -X64 -Tov /opt/freeware/lib64/perl5/5.38/site_perl//auto/Net/SSLeay/SSLeay.so | grep TLS
    [505]   0x00000000    undef      IMP     DS EXTref libssl.a(libssl.so.3) TLSv1_2_client_method
    [506]   0x00000000    undef      IMP     DS EXTref libssl.a(libssl.so.3) TLSv1_2_server_method
    [507]   0x00000000    undef      IMP     DS EXTref libssl.a(libssl.so.3) TLSv1_2_method
    [508]   0x00000000    undef      IMP     DS EXTref libssl.a(libssl.so.3) TLSv1_1_client_method
    [509]   0x00000000    undef      IMP     DS EXTref libssl.a(libssl.so.3) TLSv1_1_server_method
    [510]   0x00000000    undef      IMP     DS EXTref libssl.a(libssl.so.3) TLSv1_1_method
    [511]   0x00000000    undef      IMP     DS EXTref libssl.a(libssl.so.3) TLSv1_client_method
    [512]   0x00000000    undef      IMP     DS EXTref libssl.a(libssl.so.3) TLSv1_server_method
    [513]   0x00000000    undef      IMP     DS EXTref libssl.a(libssl.so.3) TLSv1_method
    [514]   0x00000000    undef      IMP     DS EXTref libssl.a(libssl.so.3) TLS_client_method
    [515]   0x00000000    undef      IMP     DS EXTref libssl.a(libssl.so.3) TLS_server_method
    [516]   0x00000000    undef      IMP     DS EXTref libssl.a(libssl.so.3) TLS_method

    # ar -X64 -tv /usr/lib/libssl.a
    rwxr-xr-x     0/0     825310 Jan 18 01:17 2024 libssl.so
    rwxr-xr-x     0/0     825310 Jan 18 01:17 2024 libssl.so.1.0.0
    rwxr-xr-x     0/0     825310 Jan 18 01:17 2024 libssl.so.1.0.2
    rwxr-xr-x     0/0     1141680 Jan 18 03:20 2024 libssl.so.1.1
    rwxr-xr-x     0/0     1367696 Jan 18 01:21 2024 libssl.so.3
    rwxr-xr-x     0/0     825310 Jan 18 01:17 2024 libssl64.so
    rwxr-xr-x     0/0     825310 Jan 18 01:17 2024 libssl64.so.1.0.0



    ------------------------------
    Ayappan P
    ------------------------------

    Original Message


  • 9.  RE: toolbox perl: Crypt::SSLeay build fails

    Posted Mon April 29, 2024 09:16 AM

    should...yes..but in reality not unfortunatly...

    root@aixtest01: /tmp # ar -X64 -xv libssl.a
x - libssl.so
x - libssl.so.1.0.0
x - libssl.so.1.0.2
x - libssl.so.1.1
x - libssl.so.3
x - libssl64.so
x - libssl64.so.1.0.0
root@aixtest01: /tmp # dump -X64 -Tov libssl.so.3 | grep TLS
[482]   0x11000fc08    .data      EXP     DS SECdef        [noIMid] DTLS_get_data_mtu
[483]   0x11000fc20    .data      EXP     DS SECdef        [noIMid] DTLSv1_listen
[484]   0x11000fc38    .data      EXP     DS SECdef        [noIMid] DTLS_set_timer_cb
[494]   0x11000fd28    .data      EXP     DS SECdef        [noIMid] TLS_method
[495]   0x11000fd40    .data      EXP     DS SECdef        [noIMid] TLS_server_method
[496]   0x11000fd58    .data      EXP     DS SECdef        [noIMid] TLS_client_method
[497]   0x11000fd70    .data      EXP     DS SECdef        [noIMid] DTLS_method
[498]   0x11000fd88    .data      EXP     DS SECdef        [noIMid] DTLS_server_method
[499]   0x11000fda0    .data      EXP     DS SECdef        [noIMid] DTLS_client_method

    on this lpar is a slightly older openssl version...

    root@aixtest01: /tmp # lslpp -l openssl*
  Fileset                      Level  State      Description
  ----------------------------------------------------------------------------
Path: /usr/lib/objrepos
  openssl.base            3.0.7.1000  COMMITTED  Open Secure Socket Layer
  openssl.license         3.0.7.1000  COMMITTED  Open Secure Socket License
  openssl.man.en_US       3.0.7.1000  COMMITTED  Open Secure Socket Layer

Path: /etc/objrepos
  openssl.base            3.0.7.1000  COMMITTED  Open Secure Socket Layer

    tested on a never openssl...

    root@nimvie: /lpar2rrd/lpar2rrd/logs #  lslpp -l openssl*
  Fileset                      Level  State      Description
  ----------------------------------------------------------------------------
Path: /usr/lib/objrepos
  openssl.base           3.0.10.1001  COMMITTED  Open Secure Socket Layer
  openssl.license        3.0.10.1001  COMMITTED  Open Secure Socket License
  openssl.man.en_US      3.0.10.1001  COMMITTED  Open Secure Socket Layer

Path: /etc/objrepos
  openssl.base           3.0.10.1001  COMMITTED  Open Secure Socket Layer

    the missing symbols are there...now im curious...why are deprectated functions/symbols NOT available in an older openssl version but available again in an NEWER openssl version. this feels somewhat weird.



    ------------------------------
    I regret starting this entire conversation
    ------------------------------

    Original Message


  • 10.  RE: toolbox perl: Crypt::SSLeay build fails

    Posted Mon April 29, 2024 09:33 AM

    These are not deprecated functions/symbols. They are needed. Probably this could be a bug with 3.0.7.1000 version. Try 3.0.7.1001 and check. 



    ------------------------------
    Ayappan P
    ------------------------------

    Original Message


  • 11.  RE: toolbox perl: Crypt::SSLeay build fails

    Posted Wed May 22, 2024 12:40 PM

    Hi,

    BTW LPAR2RRD does not require SSLeay anymore if you are installing all prerequisites from AIX Toolbox for Open Source Software.

    refer here: https://lpar2rrd.com/AIX-yum-install.php



    ------------------------------
    Pavel Hampl
    ------------------------------

    Original Message