Bug#754513: ITP: libressl -- SSL library, forked from OpenSSL
This is good to see already :)
I expect it builds fine on GNU/Linux, with GCC and Clang, unless
hardening options are used, then these warnings would be treated as errors:
> In file included from md5/md5_locl.h:98:0,
> from md5/md5_dgst.c:60:
> md5/md5_dgst.c: In function 'md5_block_data_order':
> ./md32_common.h:237:66: warning: right-hand operand of comma expression has no effect [-Wunused-value]
> # define HOST_c2l(c,l) ((l)=*((const unsigned int *)(c)), (c)+=4, l)
> ^
> md5/md5_dgst.c:107:2: note: in expansion of macro 'HOST_c2l'
> HOST_c2l(data,l); X( 0)=l; HOST_c2l(data,l); X( 1)=l;
> ^
> ./md32_common.h:213:41: warning: right-hand operand of comma expression has no effect [-Wunused-value]
> l|=(((unsigned long)(*((c)++))) ), \
> ^
> sha/sha256.c:245:3: note: in expansion of macro 'HOST_c2l'
> HOST_c2l(data,l); T1 = X[0] = l; ROUND_00_15(0,a,b,c,d,e,f,g,h);
> ^
We'd want to configure with --disable-silent-rules, if debhelper scripts
don't already do that.
Compiling on GNU/kFreeBSD is possible (and potentially GNU/Hurd) but
requires the attached patch *and* a solution for getentropy:
1. try to use getentropy_linux.c - but would have to disable use of
Linux-specific sysctls and headers; it is dangerous to rely on only
/dev/random, so we should implement replacement sysctls to use on
FreeBSD - that could be a bit messy
2. create a new getentropy_freebsd.c - but seems silly as FreeBSD itself
does not need it (see solution 3); also does not help GNU/Hurd
3. (my preference) link with libbsd, which already provides a
arc4random_buf and so getentropy is not needed at all - WARNING: the
libbsd arc4random implementation still uses RC4 at the moment (as on
FreeBSD), but OpenBSD has already changed it to use ChaCha20 (see Bug
#747671); we'd also want to make sure libbsd's entropy gathering is at
least as robust as in getentropy_linux.c
Regards,
--
Steven Chamberlain
steven@pyro.eu.org
--- configure.orig 2014-07-11 18:42:02.000000000 +0100
+++ configure 2014-07-12 01:26:15.064409115 +0100
@@ -2915,7 +2915,7 @@
TARGET_OS=darwin;
LDFLAGS="$LDFLAGS -Qunused-arguments"
;;
- *linux*)
+ *linux* | *gnu*)
TARGET_OS=linux;
CFLAGS="$CFLAGS -D_BSD_SOURCE -D_POSIX_SOURCE -D_GNU_SOURCE"
;;
Reply to: