OpenSIPS: How to force to compile with OpenSSL from base instead of LibreSSL?

OlivierW

Member

Reaction score: 8
Messages: 49

Hello,

I'm building all my packages with poudriere and they are linked with LibreSSL (using "DEFAULT_VERSIONS+=ssl=libressl-devel" in my make.conf)

I'd like to use net/opensips but it doesn't works with LibreSSL, I'm getting this error messages:
Code:
ERROR:tls_mgm:mod_init: unable to set the memory allocation functions
ERROR:tls_mgm:mod_init: NOTE: check if you have openssl 1.0.1e-fips, as this version is know to be broken; if so, you need to upgrade or downgrade to a differen openssl version !!
, from: https://github.com/OpenSIPS/opensips/blob/2.2.3/modules/tls_mgm/tls_mgm.c#L1275

So, I'd like to continue to build all my packages with libressl-devel and only OpenSIPS with OpenSSL from base.
I've tried random things I found browsing the doc, forum and blog posts, without success:
Code:
.if ${.CURDIR:M*/net/opensips}
DEFAULT_VERSIONS=ssl=base
USE_OPENSSL=yes
CONFIGURE_ENV+=libssl_CFLAGS="-I${OPENSSLINC}" libssl_LIBS="-L${OPENSSLLIB} -lssl"
CONFIGURE_ARGS+=--with-openssl=${OPENSSLBASE}
CONFIGURE_ARGS+=--with-openssl-dir=/usr
CONFIGURE_ENV+=OPENSSL_INCLUDE="/usr/include"
.endif

OpenSIPS' TLS module keeps getting linked to libressl:
Code:
# ldd /usr/local/lib/opensips/modules/tls_mgm.so
/usr/local/lib/opensips/modules/tls_mgm.so:
        libssl.so.44 => /usr/[B]local/[/B]lib/libssl.so.44 (0x801221000)
        libc.so.7 => /lib/libc.so.7 (0x800824000)
        libcrypto.so.42 => /usr/[B]local/[/B]lib/libcrypto.so.42 (0x801476000)

Anyone know the proper way to compile one port with OpenSSL from base, without creating a new poudriere jail just for this case?
 
Last edited by a moderator:
OP
O

OlivierW

Member

Reaction score: 8
Messages: 49

So, I've successfully compiled OpenSIPS with OpenSSL from base by patching modules/tls_mgm/Makefile and modules/proto_tls/Makefile, replacing "$(LOCALBASE)" by "/usr". I attached both patches.

It works for now, but I guess it's not the proper way to do it. Is there something which can be overridden with my poudriere's make.conf?
 

Attachments

  • patch-modules__tls_mgm__Makefile.txt
    755 bytes · Views: 503
  • patch-modules__proto_tls__Makefile.txt
    757 bytes · Views: 454
Top