Mailing Lists

curl-tracker Archives

[curl:bugs] #1439 cannot compile curl with OpenSSL lacking DES support

From: Steve Holme <captain-caveman_at_users.sf.net>
Date: Wed, 31 Dec 2014 15:39:26 +0000

To assist with this I had a go at reproducing the problem under Windows so I compiled my OpenSSL with no-des and also had the same issue.

The problem with trying to fix this in curl_setup.h is that USE_NTLM gets defined at line 628 depending on which cryptography / SSL engine has been defined in the makefile or project files and at this point we don't include the OpenSSL include files which is what is needed for opensslconf.h to be included (where OPENSSL_NO_DES is defined).

We could fix this for configure based builds if a) we support a --disable-ntlm / --without-ntlm option, b) detected OPENSSL_NO_DES from opensslconf.h or c) detected the DES_* functions. For any of these we could define CURL_DISABLE_NTLM. However, the problem would still exist under Windows and other platforms that don't use configure :(

I couldn't think of a quick fix that would support different platforms which didn't involve including OpenSSL header files from curl_setup.h :(

---
** [bugs:#1439] cannot compile curl with OpenSSL lacking DES support**
**Status:** open
**Labels:** openssl des ntlm 
**Created:** Fri Oct 24, 2014 07:29 PM UTC by Mark Kubacki
**Last Updated:** Sat Oct 25, 2014 07:49 PM UTC
**Owner:** Daniel Stenberg
I stumbled upon this while compiling CURL with a stripped-down OpenSSL:

Curl lacks in "curl_ntlm_core.c" (and perhaps other places) detection if OpenSSL has been compiled without DES (and perhaps DSA, or RSA). Such compilations take place on memory-constrained systems, or if the release manager has decided not to include those old ciphers (you don't need DSA in OpenSSL for ECDSA).

For example:
# openssl:
./Configure linux-x86_64 no-des
…

# curl:
./configure --enable-http --with-ssl --without-ntlm --disable-ntlm # I tried!
make
    …
libtool: compile:  x86_64-pc-linux-gnu-gcc -DHAVE_CONFIG_H -I../include/curl -I../include -I../include -I../lib -I../lib -DBUILDING_LIBCURL -DCURL_HIDDEN_SYMBOLS -fvisibility=hidden -O2 -Wno-system-headers -pthread -c curl_ntlm_core.c  -fPIC -DPIC -o .libs/libcurl_la-curl_ntlm_core.o
curl_ntlm_core.c:37:29: fatal error: openssl/des.h: No such file or directory
 #    include <openssl/des.h>
                             ^
compilation terminated.
---
Sent from sourceforge.net because curl-tracker@cool.haxx.se is subscribed to https://sourceforge.net/p/curl/bugs/
To unsubscribe from further messages, a project admin can change settings at https://sourceforge.net/p/curl/admin/bugs/options.  Or, if this is a mailing list, you can unsubscribe from the mailing list.

Received on 2014-12-31

This message: [ Message body ]
Previous message: Carlos Manuel: "[curl:bugs] #1466 Missing cookies"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]

These mail archives are generated by hypermail.