Re: OpenSSL upgraded to 3.0.13

2024-04-07 Thread Damjan Jovanovic
On Sun, Apr 7, 2024 at 3:52 AM Damjan Jovanovic  wrote:

>
>
> On Sat, Apr 6, 2024 at 9:30 PM Pedro Lino 
> wrote:
>
>> Hi Damjan
>>
>> > On 04/06/2024 4:08 PM WEST Damjan Jovanovic  wrote:
>>
>> > openoffice-maps.txt was for the shell script that launches AOO, and
>> > openoffice-maps2.txt was for AOO itself.
>>
>> I'm glad I sent both :)
>>
>> > In openoffice-maps2.txt I don't see libucpdav1.so (the WebDAV
>> component) in
>> > memory at all, which is highly unusual.
>> >
>> > Please find libucpdav1.so in your AOO installation, probably under
>> > /opt/openoffice4/programs, and then run these:
>> > ldd libucpdav1.so
>> > readelf -d libucpdav1.so
>> > and post the output.
>>
>> Thank you again for your patience and instructions!
>> Please find two files attached
>>
>>
> This:
> libssl.so.3 => not found
> libcrypto.so.3 => not found
> is a serious problem.
>
> Something has managed to link to OpenSSL dynamically instead of
> statically, causing a hard dependency on the underlying Linux distro to
> have OpenSSL 3.
>
> Since your older Linux doesn't have OpenSSL 3 yet, modules that need it,
> can't even load.
>
> And having installed that Linux nightly build myself, here is the culprit:
>
> ---snip---
> $ readelf -d libcurl.so.4
>
> Dynamic section at offset 0x72d40 contains 30 entries:
>   TagType Name/Value
>  0x0001 (NEEDED) Shared library: [libidn2.so.0]
>
>
> * 0x0001 (NEEDED) Shared library:
> [libssl.so.3] 0x0001 (NEEDED) Shared library:
> [libcrypto.so.3]* 0x0001 (NEEDED) Shared library:
> [libz.so.1]
>  0x0001 (NEEDED) Shared library: [libpthread.so.0]
>  0x0001 (NEEDED) Shared library: [libc.so.6]
>  0x000e (SONAME) Library soname: [libcurl.so.4]
> ---snip---
>
> Curl has started linking to OpenSSL dynamically instead of statically,
> probably a result of our recent OpenSSL upgrade, and thus became dependent
> on the Linux distribution having OpenSSL 3.
>
> Let me investigate where Curl goes wrong...
>

I'll be starting a separate thread to discuss the problem with Curl that I
found.

Regards
Damjan


Re: OpenSSL upgraded to 3.0.13

2024-04-06 Thread Damjan Jovanovic
On Sat, Apr 6, 2024 at 9:30 PM Pedro Lino 
wrote:

> Hi Damjan
>
> > On 04/06/2024 4:08 PM WEST Damjan Jovanovic  wrote:
>
> > openoffice-maps.txt was for the shell script that launches AOO, and
> > openoffice-maps2.txt was for AOO itself.
>
> I'm glad I sent both :)
>
> > In openoffice-maps2.txt I don't see libucpdav1.so (the WebDAV component)
> in
> > memory at all, which is highly unusual.
> >
> > Please find libucpdav1.so in your AOO installation, probably under
> > /opt/openoffice4/programs, and then run these:
> > ldd libucpdav1.so
> > readelf -d libucpdav1.so
> > and post the output.
>
> Thank you again for your patience and instructions!
> Please find two files attached
>
>
This:
libssl.so.3 => not found
libcrypto.so.3 => not found
is a serious problem.

Something has managed to link to OpenSSL dynamically instead of statically,
causing a hard dependency on the underlying Linux distro to have OpenSSL 3.

Since your older Linux doesn't have OpenSSL 3 yet, modules that need it,
can't even load.

And having installed that Linux nightly build myself, here is the culprit:

---snip---
$ readelf -d libcurl.so.4

Dynamic section at offset 0x72d40 contains 30 entries:
  TagType Name/Value
 0x0001 (NEEDED) Shared library: [libidn2.so.0]


* 0x0001 (NEEDED) Shared library:
[libssl.so.3] 0x0001 (NEEDED) Shared library:
[libcrypto.so.3]* 0x0001 (NEEDED) Shared library:
[libz.so.1]
 0x0001 (NEEDED) Shared library: [libpthread.so.0]
 0x0001 (NEEDED) Shared library: [libc.so.6]
 0x000e (SONAME) Library soname: [libcurl.so.4]
---snip---

Curl has started linking to OpenSSL dynamically instead of statically,
probably a result of our recent OpenSSL upgrade, and thus became dependent
on the Linux distribution having OpenSSL 3.

Let me investigate where Curl goes wrong...

Regards
Damjan


Re: OpenSSL upgraded to 3.0.13

2024-04-06 Thread Pedro Lino
Hi Damjan

> On 04/06/2024 4:08 PM WEST Damjan Jovanovic  wrote:

> openoffice-maps.txt was for the shell script that launches AOO, and
> openoffice-maps2.txt was for AOO itself.

I'm glad I sent both :)
 
> In openoffice-maps2.txt I don't see libucpdav1.so (the WebDAV component) in
> memory at all, which is highly unusual.
> 
> Please find libucpdav1.so in your AOO installation, probably under
> /opt/openoffice4/programs, and then run these:
> ldd libucpdav1.so
> readelf -d libucpdav1.so
> and post the output.

Thank you again for your patience and instructions!
Please find two files attached

Best,
Pedrolinux-vdso.so.1 (0x7ffd50aee000)
libcomphelpgcc3.so => /opt/openoffice4/program/./libcomphelpgcc3.so 
(0x7f28e59c7000)
libuno_cppuhelpergcc3.so.3 => 
/opt/openoffice4/program/./libuno_cppuhelpergcc3.so.3 (0x7f28e5724000)
libuno_cppu.so.3 => /opt/openoffice4/program/./libuno_cppu.so.3 
(0x7f28e54df000)
libuno_sal.so.3 => /opt/openoffice4/program/./libuno_sal.so.3 
(0x7f28e50e6000)
libuno_salhelpergcc3.so.3 => 
/opt/openoffice4/program/./libuno_salhelpergcc3.so.3 (0x7f28e4ee1000)
libstdc++.so.6 => /lib/x86_64-linux-gnu/libstdc++.so.6 
(0x7f28e4cee000)
libucbhelpergcc3.so => /opt/openoffice4/program/./libucbhelpergcc3.so 
(0x7f28e4a87000)
libcurl.so.4 => /opt/openoffice4/program/./libcurl.so.4 
(0x7f28e4813000)
libpthread.so.0 => /lib/x86_64-linux-gnu/libpthread.so.0 
(0x7f28e47f)
libm.so.6 => /lib/x86_64-linux-gnu/libm.so.6 (0x7f28e46a1000)
libc.so.6 => /lib/x86_64-linux-gnu/libc.so.6 (0x7f28e44af000)
libgcc_s.so.1 => /lib/x86_64-linux-gnu/libgcc_s.so.1 
(0x7f28e4494000)
libvos3gcc3.so => /opt/openoffice4/program/./libvos3gcc3.so 
(0x7f28e4271000)
libcrypt.so.1 => /lib/x86_64-linux-gnu/libcrypt.so.1 
(0x7f28e4236000)
libdl.so.2 => /lib/x86_64-linux-gnu/libdl.so.2 (0x7f28e423)
/lib64/ld-linux-x86-64.so.2 (0x7f28e6426000)
libidn2.so.0 => /lib/x86_64-linux-gnu/libidn2.so.0 (0x7f28e420f000)
libssl.so.3 => not found
libcrypto.so.3 => not found
libz.so.1 => /lib/x86_64-linux-gnu/libz.so.1 (0x7f28e41f1000)
libunistring.so.2 => /lib/x86_64-linux-gnu/libunistring.so.2 
(0x7f28e406f000)

Dynamic section at offset 0x52f8a8 contains 37 entries:
  TagType Name/Value
 0x0001 (NEEDED) Shared library: [libcomphelpgcc3.so]
 0x0001 (NEEDED) Shared library: 
[libuno_cppuhelpergcc3.so.3]
 0x0001 (NEEDED) Shared library: [libuno_cppu.so.3]
 0x0001 (NEEDED) Shared library: [libuno_sal.so.3]
 0x0001 (NEEDED) Shared library: 
[libuno_salhelpergcc3.so.3]
 0x0001 (NEEDED) Shared library: [libstdc++.so.6]
 0x0001 (NEEDED) Shared library: [libucbhelpergcc3.so]
 0x0001 (NEEDED) Shared library: [libcurl.so.4]
 0x0001 (NEEDED) Shared library: [libpthread.so.0]
 0x0001 (NEEDED) Shared library: [libm.so.6]
 0x0001 (NEEDED) Shared library: [libc.so.6]
 0x0001 (NEEDED) Shared library: [libgcc_s.so.1]
 0x001d (RUNPATH)Library runpath: 
[$ORIGIN:$ORIGIN/../ure-link/lib]
 0x000c (INIT)   0xeda68
 0x000d (FINI)   0x3e6c10
 0x0019 (INIT_ARRAY) 0x6d1630
 0x001b (INIT_ARRAYSZ)   40 (bytes)
 0x001a (FINI_ARRAY) 0x6d1658
 0x001c (FINI_ARRAYSZ)   8 (bytes)
 0x0004 (HASH)   0x1f0
 0x6ef5 (GNU_HASH)   0xa0f8
 0x0005 (STRTAB) 0x45400
 0x0006 (SYMTAB) 0x15970
 0x000a (STRSZ)  192227 (bytes)
 0x000b (SYMENT) 24 (bytes)
 0x0003 (PLTGOT) 0x73
 0x0002 (PLTRELSZ)   7920 (bytes)
 0x0014 (PLTREL) RELA
 0x0017 (JMPREL) 0xebb78
 0x0007 (RELA)   0x78450
 0x0008 (RELASZ) 472872 (bytes)
 0x0009 (RELAENT)24 (bytes)
 0x6ffe (VERNEED)0x78270
 0x6fff (VERNEEDNUM) 9
 0x6ff0 (VERSYM) 0x742e4
 0x6ff9 (RELACOUNT)  18571
 0x (NULL)   0x0

-
To unsubscribe, e-mail: dev-unsubscr...@openoffice.apache.org
For additional commands, e-mail: dev-h...@openoffice.apache.org

Re: OpenSSL upgraded to 3.0.13

2024-04-06 Thread Damjan Jovanovic
On Sat, Apr 6, 2024 at 2:30 PM Pedro Lino 
wrote:

> Hi Damjan
>
> > After trying a WebDav connection, find the process ID (PID) of
> OpenOffice,
> > copy /proc/PID/maps somewhere (eg. for PID 1234, run "cp /proc/1234/maps
> > ~/openoffice-maps.txt") and attach that copy, so we can see what
> libraries
> > are loaded.
>
> Two files attached: maps.txt is the map for soffice and maps2.txt is the
> map for soffice.bin
>
>
Thank you.

openoffice-maps.txt was for the shell script that launches AOO, and
openoffice-maps2.txt was for AOO itself.

In openoffice-maps2.txt I don't see libucpdav1.so (the WebDAV component) in
memory at all, which is highly unusual.

Please find libucpdav1.so in your AOO installation, probably under
/opt/openoffice4/programs, and then run these:
ldd libucpdav1.so
readelf -d libucpdav1.so
and post the output.

Regards
Damjan


Re: OpenSSL upgraded to 3.0.13

2024-04-04 Thread Damjan Jovanovic
On Thu, Apr 4, 2024 at 9:52 PM Pedro Lino 
wrote:

> Hi Damjan
>
> Thank you for the reply, the macro and detailed instructions!
>
>
> > On 04/04/2024 5:37 PM WEST Damjan Jovanovic  wrote:
> >
> > To get further details:
> >
> > Open the attached "Logging macros" file (we allow attachments on this
> list, right?).
> > Allow macros when prompted.
> > Tools -> Macros -> Run macro, under "Logging macros.ods" expand
> "Standard", select "logging", on the right side select
> "LogWebDavToConsole", and click "Run".
> > Exit OpenOffice.
> > Start OpenOffice from the command line, with output redirected to a
> file, eg:
> > soffice 2>&1 | tee ~/webdav-log.txt
> > Make your WebDav connection. If you used the above command, the command
> line window can be placed side-by-side with OpenOffice, and you can watch
> the logging interactively.
> > When it fails, exit OpenOffice, and attach ~/webdav-log.txt to your
> reply email, after removing any sensitive info (eg. passwords) from the log.
> >
>
> After installing canberra-gtk-module the only line I get in the log is
>
> ** (soffice:12094): WARNING **: 22:36:39.392: Unknown type: GailWindow
>
> which apparently is a long know message, and nothing else.
> The message "Nonexistent object. Nonexistent file" pops up but it is not
> registered in the log.
>
>
OpenOffice has several logging methods, and third-party libraries can also
log. That message apparently came from another logging method, not our one,
because our one has a different format.


> Any ideas? Could this simply be a kernel issue since it works correctly in
> Ubuntu 22.04?
>

- Make sure you run "LogWebDavToConsole" and not one of the other macros.
- You need to test a recent version of trunk, not an older version of
OpenOffice, because we only added that logging method to trunk in May 2022.
- When you run "soffice" from the command line, are you sure the right
version of OpenOffice is being run, the same version you ran that macro in?

On *nix, "internal" OpenSSL is linked statically, and it shouldn't matter
whether it is installed by your distribution or what version is installed.
"System" OpenSSL (configure --with-system-openssl) is linked dynamically. I
think we use "internal" OpenSSL for the Linux binaries.

After trying a WebDav connection, find the process ID (PID) of OpenOffice,
copy /proc/PID/maps somewhere (eg. for PID 1234, run "cp /proc/1234/maps
~/openoffice-maps.txt") and attach that copy, so we can see what libraries
are loaded.


>
> Thanks!
>
> Best,
> Pedro
>

Good luck
Damjan


Re: OpenSSL upgraded to 3.0.13

2024-04-04 Thread Dave Fisher
Hi Pedro,


> On Apr 4, 2024, at 3:14 PM, Pedro Lino  wrote:
> 
> Hi Dave
> 
>> On 04/04/2024 10:59 PM WEST Dave Fisher  wrote:
>> 
>> 
>> Hi -
>> 
>> Maybe this page might help 
>> https://orcacore.com/install-openssl-3-ubuntu-20-04/
> 
> If I have to manually install OpenSSL doesn't that mean that AOO is not using 
> the upgraded OpenSSL?

It may mean that special efforts in packaging are needed to handle older 
versions of Debian/Ubuntu, or we have to change our minimum version for these 
now unsupported operating systems.

> 
> I apologize if my comment does not make sense but as I stated before, I'm not 
> a programmer.

Sure and understood.

Best,
Dave

> 
> Best,
> Pedro
> 
> -
> To unsubscribe, e-mail: dev-unsubscr...@openoffice.apache.org
> For additional commands, e-mail: dev-h...@openoffice.apache.org
> 


-
To unsubscribe, e-mail: dev-unsubscr...@openoffice.apache.org
For additional commands, e-mail: dev-h...@openoffice.apache.org



Re: OpenSSL upgraded to 3.0.13

2024-04-04 Thread Pedro Lino
Hi Dave

> On 04/04/2024 10:59 PM WEST Dave Fisher  wrote:
> 
>  
> Hi -
> 
> Maybe this page might help 
> https://orcacore.com/install-openssl-3-ubuntu-20-04/

If I have to manually install OpenSSL doesn't that mean that AOO is not using 
the upgraded OpenSSL?

I apologize if my comment does not make sense but as I stated before, I'm not a 
programmer.

Best,
Pedro

-
To unsubscribe, e-mail: dev-unsubscr...@openoffice.apache.org
For additional commands, e-mail: dev-h...@openoffice.apache.org



Re: OpenSSL upgraded to 3.0.13

2024-04-04 Thread Dave Fisher
Hi -

Maybe this page might help https://orcacore.com/install-openssl-3-ubuntu-20-04/

Best,
Dave

> On Apr 4, 2024, at 2:50 PM, Pedro Lino  wrote:
> 
> Hi Damjan
> 
> Thank you for the reply, the macro and detailed instructions!
> 
> 
>> On 04/04/2024 5:37 PM WEST Damjan Jovanovic  wrote:
>> 
>> To get further details:
>> 
>> Open the attached "Logging macros" file (we allow attachments on this list, 
>> right?).
>> Allow macros when prompted.
>> Tools -> Macros -> Run macro, under "Logging macros.ods" expand "Standard", 
>> select "logging", on the right side select "LogWebDavToConsole", and click 
>> "Run".
>> Exit OpenOffice.
>> Start OpenOffice from the command line, with output redirected to a file, eg:
>> soffice 2>&1 | tee ~/webdav-log.txt
>> Make your WebDav connection. If you used the above command, the command line 
>> window can be placed side-by-side with OpenOffice, and you can watch the 
>> logging interactively.
>> When it fails, exit OpenOffice, and attach ~/webdav-log.txt to your reply 
>> email, after removing any sensitive info (eg. passwords) from the log.
>> 
> 
> After installing canberra-gtk-module the only line I get in the log is
> 
> ** (soffice:12094): WARNING **: 22:36:39.392: Unknown type: GailWindow
> 
> which apparently is a long know message, and nothing else.
> The message "Nonexistent object. Nonexistent file" pops up but it is not 
> registered in the log.
> 
> Any ideas? Could this simply be a kernel issue since it works correctly in 
> Ubuntu 22.04?
> 
> Thanks!
> 
> Best,
> Pedro



Re: OpenSSL upgraded to 3.0.13

2024-04-04 Thread Pedro Lino
Hi Damjan
 
Thank you for the reply, the macro and detailed instructions!
 

> On 04/04/2024 5:37 PM WEST Damjan Jovanovic  wrote:
>  
> To get further details:
>  
> Open the attached "Logging macros" file (we allow attachments on this list, 
> right?).
> Allow macros when prompted.
> Tools -> Macros -> Run macro, under "Logging macros.ods" expand "Standard", 
> select "logging", on the right side select "LogWebDavToConsole", and click 
> "Run".
> Exit OpenOffice.
> Start OpenOffice from the command line, with output redirected to a file, eg:
> soffice 2>&1 | tee ~/webdav-log.txt
> Make your WebDav connection. If you used the above command, the command line 
> window can be placed side-by-side with OpenOffice, and you can watch the 
> logging interactively.
> When it fails, exit OpenOffice, and attach ~/webdav-log.txt to your reply 
> email, after removing any sensitive info (eg. passwords) from the log.
> 
 
After installing canberra-gtk-module the only line I get in the log is
 
** (soffice:12094): WARNING **: 22:36:39.392: Unknown type: GailWindow
 
which apparently is a long know message, and nothing else.
The message "Nonexistent object. Nonexistent file" pops up but it is not 
registered in the log.
 
Any ideas? Could this simply be a kernel issue since it works correctly in 
Ubuntu 22.04?
 
Thanks!
 
Best,
Pedro


Re: OpenSSL upgraded to 3.0.13

2024-04-04 Thread Damjan Jovanovic
To get further details:

Open the attached "Logging macros" file (we allow attachments on this list,
right?).
Allow macros when prompted.
Tools -> Macros -> Run macro, under "Logging macros.ods" expand "Standard",
select "logging", on the right side select "LogWebDavToConsole", and click
"Run".
Exit OpenOffice.
Start OpenOffice from the command line, with output redirected to a file,
eg:
soffice 2>&1 | tee ~/webdav-log.txt
Make your WebDav connection. If you used the above command, the command
line window can be placed side-by-side with OpenOffice, and you can watch
the logging interactively.
When it fails, exit OpenOffice, and attach ~/webdav-log.txt to your reply
email, after removing any sensitive info (eg. passwords) from the log.

Regards
Damjan

On Wed, Apr 3, 2024 at 4:31 PM Pedro Lino 
wrote:

> Hi All
>
> I installed the 2024-04-02 trunk Nightly (Thank you Matthias!)
> WebDAV does not seem to be working (at least under Ubuntu 20.04 x64)
>
> Opening an https link to a Webdav folder returns "Nonexistent object.
> Nonexistent file"
>
> Opening the same link in 4.1.15 in the same PC opens the "Authentication
> Required" dialog
>
> Please let me know what I can do to get further details but please
> remember I am not a programmer.
>
> Best,
> Pedro
>
> ~
> > On 04/02/2024 4:38 PM WEST Matthias Seidel 
> wrote:
> >
> >
> > Hi All,
> >
> > Am 01.04.24 um 18:31 schrieb Matthias Seidel:
> > > Hi Pedro,
> > >
> > > Am 01.04.24 um 18:18 schrieb Pedro Lino:
> > >> Hi Matthias
> > >>
> > >>> On 04/01/2024 10:33 AM WEST Matthias Seidel
> > >>>  wrote:
> > >>> And you are right, the buildbot workers are offline for 9 days now...
> > >> Maybe the Bots were celebrating Electric Easter or Digital Fools Day
> ;)
> > >>
> > >>> Somehow this isn't monitored and/or nobody cares. ;-)
> > >> If a message is received when it is successful, then it would require
> > >> a second script to warn when it fails? Is this how it works? Who
> > >> takes of this?
> > >
> > > If there is someone from our project interested in our buildbots
> > > he/she can always look here:
> > >
> > > https://www.openoffice.org/download/devbuilds.html
> > >
> > > And follow the "Summary" link.
> > >
> > > BTW: This "Worker" isn't exclusive for OpenOffice, it builds a lot of
> > > other projects.
> >
> > Correction: Apart from the OpenOffice tasks only one JMeter task is
> > running on that machine and that fails every time.
> >
> > JIRA ticket is now here:
> >
> > https://issues.apache.org/jira/browse/INFRA-25677
> >
> > Regards,
> >
> > Matthias
> >
> > >
> > > Regards,
> > >
> > >Matthias
> > >
> > >>
> > >> Best,
> > >> Pedro
> > >>
> > >> -
> > >> To unsubscribe, e-mail: dev-unsubscr...@openoffice.apache.org
> > >> For additional commands, e-mail: dev-h...@openoffice.apache.org
> > >>
>
> -
> To unsubscribe, e-mail: dev-unsubscr...@openoffice.apache.org
> For additional commands, e-mail: dev-h...@openoffice.apache.org
>
>


Logging macros.ods
Description: application/vnd.oasis.opendocument.spreadsheet

-
To unsubscribe, e-mail: dev-unsubscr...@openoffice.apache.org
For additional commands, e-mail: dev-h...@openoffice.apache.org

Re: OpenSSL upgraded to 3.0.13

2024-04-04 Thread Pedro Lino
Hi all

Update to my own email:

I installed the same 2024-04-02 trunk Nightly in Ubuntu 22.04 (Thank you again 
Matthias!)
WebDAV does work under Ubuntu 22.04 x64 (but not under Ubuntu 20.04 x64)

Maybe it is related to the kernel in the buildbot?

Best,
Pedro

> On 04/03/2024 5:31 PM WEST Pedro Lino  wrote:
> 
>  
> Hi All
> 
> I installed the 2024-04-02 trunk Nightly (Thank you Matthias!)
> WebDAV does not seem to be working (at least under Ubuntu 20.04 x64)
> 
> Opening an https link to a Webdav folder returns "Nonexistent object. 
> Nonexistent file"
> 
> Opening the same link in 4.1.15 in the same PC opens the "Authentication 
> Required" dialog
> 
> Please let me know what I can do to get further details but please remember I 
> am not a programmer.
> 
> Best,
> Pedro
> 
> ~
> > On 04/02/2024 4:38 PM WEST Matthias Seidel  
> > wrote:
> > 
> >  
> > Hi All,
> > 
> > Am 01.04.24 um 18:31 schrieb Matthias Seidel:
> > > Hi Pedro,
> > >
> > > Am 01.04.24 um 18:18 schrieb Pedro Lino:
> > >> Hi Matthias
> > >>
> > >>> On 04/01/2024 10:33 AM WEST Matthias Seidel 
> > >>>  wrote:
> > >>> And you are right, the buildbot workers are offline for 9 days now...
> > >> Maybe the Bots were celebrating Electric Easter or Digital Fools Day ;)
> > >>
> > >>> Somehow this isn't monitored and/or nobody cares. ;-)
> > >> If a message is received when it is successful, then it would require 
> > >> a second script to warn when it fails? Is this how it works? Who 
> > >> takes of this?
> > >
> > > If there is someone from our project interested in our buildbots 
> > > he/she can always look here:
> > >
> > > https://www.openoffice.org/download/devbuilds.html
> > >
> > > And follow the "Summary" link.
> > >
> > > BTW: This "Worker" isn't exclusive for OpenOffice, it builds a lot of 
> > > other projects.
> > 
> > Correction: Apart from the OpenOffice tasks only one JMeter task is 
> > running on that machine and that fails every time.
> > 
> > JIRA ticket is now here:
> > 
> > https://issues.apache.org/jira/browse/INFRA-25677
> > 
> > Regards,
> > 
> >     Matthias
> > 
> > >
> > > Regards,
> > >
> > >    Matthias
> > >
> > >>
> > >> Best,
> > >> Pedro
> > >>
> > >> -
> > >> To unsubscribe, e-mail: dev-unsubscr...@openoffice.apache.org
> > >> For additional commands, e-mail: dev-h...@openoffice.apache.org
> > >>
> 
> -
> To unsubscribe, e-mail: dev-unsubscr...@openoffice.apache.org
> For additional commands, e-mail: dev-h...@openoffice.apache.org

-
To unsubscribe, e-mail: dev-unsubscr...@openoffice.apache.org
For additional commands, e-mail: dev-h...@openoffice.apache.org



Re: OpenSSL upgraded to 3.0.13

2024-04-03 Thread Pedro Lino
Hi All

I installed the 2024-04-02 trunk Nightly (Thank you Matthias!)
WebDAV does not seem to be working (at least under Ubuntu 20.04 x64)

Opening an https link to a Webdav folder returns "Nonexistent object. 
Nonexistent file"

Opening the same link in 4.1.15 in the same PC opens the "Authentication 
Required" dialog

Please let me know what I can do to get further details but please remember I 
am not a programmer.

Best,
Pedro

~
> On 04/02/2024 4:38 PM WEST Matthias Seidel  wrote:
> 
>  
> Hi All,
> 
> Am 01.04.24 um 18:31 schrieb Matthias Seidel:
> > Hi Pedro,
> >
> > Am 01.04.24 um 18:18 schrieb Pedro Lino:
> >> Hi Matthias
> >>
> >>> On 04/01/2024 10:33 AM WEST Matthias Seidel 
> >>>  wrote:
> >>> And you are right, the buildbot workers are offline for 9 days now...
> >> Maybe the Bots were celebrating Electric Easter or Digital Fools Day ;)
> >>
> >>> Somehow this isn't monitored and/or nobody cares. ;-)
> >> If a message is received when it is successful, then it would require 
> >> a second script to warn when it fails? Is this how it works? Who 
> >> takes of this?
> >
> > If there is someone from our project interested in our buildbots 
> > he/she can always look here:
> >
> > https://www.openoffice.org/download/devbuilds.html
> >
> > And follow the "Summary" link.
> >
> > BTW: This "Worker" isn't exclusive for OpenOffice, it builds a lot of 
> > other projects.
> 
> Correction: Apart from the OpenOffice tasks only one JMeter task is 
> running on that machine and that fails every time.
> 
> JIRA ticket is now here:
> 
> https://issues.apache.org/jira/browse/INFRA-25677
> 
> Regards,
> 
>     Matthias
> 
> >
> > Regards,
> >
> >    Matthias
> >
> >>
> >> Best,
> >> Pedro
> >>
> >> -
> >> To unsubscribe, e-mail: dev-unsubscr...@openoffice.apache.org
> >> For additional commands, e-mail: dev-h...@openoffice.apache.org
> >>

-
To unsubscribe, e-mail: dev-unsubscr...@openoffice.apache.org
For additional commands, e-mail: dev-h...@openoffice.apache.org



Re: OpenSSL upgraded to 3.0.13

2024-04-02 Thread Matthias Seidel

Hi All,

Am 01.04.24 um 18:31 schrieb Matthias Seidel:

Hi Pedro,

Am 01.04.24 um 18:18 schrieb Pedro Lino:

Hi Matthias

On 04/01/2024 10:33 AM WEST Matthias Seidel 
 wrote:

And you are right, the buildbot workers are offline for 9 days now...

Maybe the Bots were celebrating Electric Easter or Digital Fools Day ;)


Somehow this isn't monitored and/or nobody cares. ;-)
If a message is received when it is successful, then it would require 
a second script to warn when it fails? Is this how it works? Who 
takes of this?


If there is someone from our project interested in our buildbots 
he/she can always look here:


https://www.openoffice.org/download/devbuilds.html

And follow the "Summary" link.

BTW: This "Worker" isn't exclusive for OpenOffice, it builds a lot of 
other projects.


Correction: Apart from the OpenOffice tasks only one JMeter task is 
running on that machine and that fails every time.


JIRA ticket is now here:

https://issues.apache.org/jira/browse/INFRA-25677

Regards,

   Matthias



Regards,

   Matthias



Best,
Pedro

-
To unsubscribe, e-mail: dev-unsubscr...@openoffice.apache.org
For additional commands, e-mail: dev-h...@openoffice.apache.org



smime.p7s
Description: Kryptografische S/MIME-Signatur


Re: OpenSSL upgraded to 3.0.13

2024-04-01 Thread Matthias Seidel

Hi Pedro,

Am 01.04.24 um 18:18 schrieb Pedro Lino:

Hi Matthias


On 04/01/2024 10:33 AM WEST Matthias Seidel  wrote:
And you are right, the buildbot workers are offline for 9 days now...

Maybe the Bots were celebrating Electric Easter or Digital Fools Day ;)


Somehow this isn't monitored and/or nobody cares. ;-)

If a message is received when it is successful, then it would require a second 
script to warn when it fails? Is this how it works? Who takes of this?


If there is someone from our project interested in our buildbots he/she 
can always look here:


https://www.openoffice.org/download/devbuilds.html

And follow the "Summary" link.

BTW: This "Worker" isn't exclusive for OpenOffice, it builds a lot of 
other projects.


Regards,

   Matthias



Best,
Pedro

-
To unsubscribe, e-mail: dev-unsubscr...@openoffice.apache.org
For additional commands, e-mail: dev-h...@openoffice.apache.org



smime.p7s
Description: Kryptografische S/MIME-Signatur


Re: OpenSSL upgraded to 3.0.13

2024-04-01 Thread Pedro Lino
Hi Matthias

> On 04/01/2024 10:33 AM WEST Matthias Seidel  
> wrote:

> And you are right, the buildbot workers are offline for 9 days now... 

Maybe the Bots were celebrating Electric Easter or Digital Fools Day ;)

> Somehow this isn't monitored and/or nobody cares. ;-)

If a message is received when it is successful, then it would require a second 
script to warn when it fails? Is this how it works? Who takes of this?

Best,
Pedro

-
To unsubscribe, e-mail: dev-unsubscr...@openoffice.apache.org
For additional commands, e-mail: dev-h...@openoffice.apache.org



Re: OpenSSL upgraded to 3.0.13

2024-04-01 Thread Matthias Seidel

Hi Pedro,

Am 01.04.24 um 11:27 schrieb Pedro Lino:

Hi Matthias


On 03/31/2024 5:40 PM WEST Matthias Seidel  wrote:
You could try the build from our buildbot? ;-)

https://nightlies.apache.org/openoffice/install/linux64/?C=M;O=D

The most recent "daily" build is from the 22nd of March. I'm not sure it will 
include this update?


No, the commit was on March 29.

And you are right, the buildbot workers are offline for 9 days now... 
Somehow this isn't monitored and/or nobody cares. ;-)


Regards,

   Matthias



Best,
Pedro

-
To unsubscribe, e-mail: dev-unsubscr...@openoffice.apache.org
For additional commands, e-mail: dev-h...@openoffice.apache.org



smime.p7s
Description: Kryptografische S/MIME-Signatur


Re: OpenSSL upgraded to 3.0.13

2024-04-01 Thread Pedro Lino
Hi Matthias

> On 03/31/2024 5:40 PM WEST Matthias Seidel  wrote:

> You could try the build from our buildbot? ;-)
> 
> https://nightlies.apache.org/openoffice/install/linux64/?C=M;O=D

The most recent "daily" build is from the 22nd of March. I'm not sure it will 
include this update?

Best,
Pedro

-
To unsubscribe, e-mail: dev-unsubscr...@openoffice.apache.org
For additional commands, e-mail: dev-h...@openoffice.apache.org



Re: OpenSSL upgraded to 3.0.13

2024-03-31 Thread Matthias Seidel

Hi Pedro,

Am 31.03.24 um 18:34 schrieb Pedro Lino:

Hi all


On 03/31/2024 5:09 PM WEST Damjan Jovanovic  wrote:
OpenSSL is used for:
* opening encrypted OOXML files.
* WebDAV connections to https:// servers.
* Python scripting, for hashing, SSL, possibly others.
* possibly Curl, during automatic updates.

Opening WebDAV is working perfectly under Windows 10
I'm curious if this fixes the long standing SMB issue under Linux
https://bz.apache.org/ooo/show_bug.cgi?id=128049

If someone has already built for Linux x64 please share a link.


You could try the build from our buildbot? ;-)

https://nightlies.apache.org/openoffice/install/linux64/?C=M;O=D

Regards,

   Matthias



Best,
Pedro

-
To unsubscribe, e-mail: dev-unsubscr...@openoffice.apache.org
For additional commands, e-mail: dev-h...@openoffice.apache.org



smime.p7s
Description: Kryptografische S/MIME-Signatur


Re: OpenSSL upgraded to 3.0.13

2024-03-31 Thread Pedro Lino
Hi all

> On 03/31/2024 5:09 PM WEST Damjan Jovanovic  wrote:

> OpenSSL is used for:
> * opening encrypted OOXML files.
> * WebDAV connections to https:// servers.
> * Python scripting, for hashing, SSL, possibly others.
> * possibly Curl, during automatic updates.

Opening WebDAV is working perfectly under Windows 10
I'm curious if this fixes the long standing SMB issue under Linux
https://bz.apache.org/ooo/show_bug.cgi?id=128049

If someone has already built for Linux x64 please share a link.

Best,
Pedro

-
To unsubscribe, e-mail: dev-unsubscr...@openoffice.apache.org
For additional commands, e-mail: dev-h...@openoffice.apache.org



Re: OpenSSL upgraded to 3.0.13

2024-03-31 Thread Damjan Jovanovic
On Sun, Mar 31, 2024 at 1:27 PM Matthias Seidel 
wrote:

> Hi Damjan, All,
>
> Am 29.03.24 um 15:32 schrieb Matthias Seidel:
> > Hi Damjan,
> >
> > Am 29.03.24 um 10:33 schrieb Damjan Jovanovic:
> >> Hi
> >>
> >> I've now pushed commit 4c5b548fb6ece87dd30bbf720aca0d994a749167 into
> >> trunk,
> >> upgrading our OpenSSL version from 1.0.2u to 3.0.13.
> >
> > Great!
> >
> > I am just doing a build on Windows.
>
> Builds fine for me!
>
> But I am not sure how to test OpenSSL functionality?
>
>
OpenSSL is used for:
* opening encrypted OOXML files.
* WebDAV connections to https:// servers.
* Python scripting, for hashing, SSL, possibly others.
* possibly Curl, during automatic updates.

Regards
Damjan


Re: OpenSSL upgraded to 3.0.13

2024-03-31 Thread Pedro Lino
Thank you for building and sharing!
Downloading now!

Best,
Pedro

> On 03/31/2024 3:27 PM WEST Matthias Seidel  wrote:
> 
>  
> Hi All,
> 
> Please find a Windows build here:
> 
> https://www.dropbox.com/scl/fi/mee9swkwgpa1gsw0axhl1/Apache_OpenOffice_4.5.0_Win_x86_install_en-US_openssl.exe?rlkey=3f9kyqdh4fmztllsda9pqbhmx=0
> 
> Happy testing!
> 
> Regards,
> 
>     Matthias
> 
> Am 31.03.24 um 15:27 schrieb Matthias Seidel:
> > Hi Damjan, All,
> >
> > Am 29.03.24 um 15:32 schrieb Matthias Seidel:
> >> Hi Damjan,
> >>
> >> Am 29.03.24 um 10:33 schrieb Damjan Jovanovic:
> >>> Hi
> >>>
> >>> I've now pushed commit 4c5b548fb6ece87dd30bbf720aca0d994a749167 into 
> >>> trunk,
> >>> upgrading our OpenSSL version from 1.0.2u to 3.0.13.
> >>
> >> Great!
> >>
> >> I am just doing a build on Windows.
> >
> > Builds fine for me!
> >
> > But I am not sure how to test OpenSSL functionality?
> >
> > Regards,
> >
> >    Matthias
> >
> >>
> >> Regards,
> >>
> >>    Matthias
> >>
> >>>
> >>> Some issues to consider:
> >>>
> >>> -
> >>> PLATFORMS
> >>> -
> >>> It works on FreeBSD 14, both with system OpenSSL linked dynamically and
> >>> internal OpenSSL linked statically.
> >>>
> >>> Linux hasn't been tested but is so similar to FreeBSD that it really 
> >>> should
> >>> work.
> >>>
> >>> It works on Windows, with the following changes:
> >>> - OpenSSL requires Perl to build, but doesn't like Cygwin's Perl.
> >>> Previously, OpenSSL 1.0.2u was patched to use Cygwin's Perl, but 
> >>> OpenSSL 3
> >>> completely changed the build system, and I couldn't port the old 
> >>> patches.
> >>> Now note how traditionally our build tools (eg. make, Apache Ant, 
> >>> awk, sed,
> >>> etc.) were all installed prior to building OpenOffice, detected by
> >>> ./configure, and then used during the build. I've done something 
> >>> different:
> >>> during ./bootstrap it will now download the Win32 Strawberry Perl 
> >>> portable
> >>> binaries as a dependency, and while building OpenSSL, it will unzip 
> >>> these
> >>> and temporarily use them as the Perl for building OpenSSL. This 
> >>> works, and
> >>> should reliably continue to work, but is a bit unusual, uses close 
> >>> to 800
> >>> MB extra disk space, and cannot use a system-wide Strawberry Perl 
> >>> instead
> >>> of the portable binaries, so it is something we may want to change 
> >>> going
> >>> forward. On the plus side, this new approach neither requires any
> >>> additional options to ./configure, nor babysitting any more build
> >>> dependencies, nor dragging around long patches to change OpenSSL to use
> >>> Cygwin's Perl. If anybody objects, speak up.
> >>> - Some defines were missing from MSVC's header files, for the ancient
> >>> version of the MSVC compiler we use, so I had to add them as command 
> >>> line
> >>> parameters to the compiler instead, eg.
> >>> "-DINT64_MAX=9223372036854775807i64".
> >>> - OpenSSL normally requires fairly recent versions of Windows, but also
> >>> supports the more minimal Windows CE, and so has fallback paths that 
> >>> can be
> >>> used for older versions of Windows. I've configured it to target 
> >>> Windows 95
> >>> and NT 4.0, and added a small number of patches that fix the build 
> >>> issues,
> >>> mostly by using the Windows CE fallback code.
> >>> - NASM is handled better: before, when NASM was already in the $PATH
> >>> instead of --with-nasm-path being passed to ./configure, building 
> >>> openssl
> >>> would break. It now works.
> >>> - Python needed a lot of patching to use OpenSSL 3, and the Win64 
> >>> build of
> >>> python is probably broken and will need further work.
> >>> - It takes really long to build. We could disable unit tests to 
> >>> speed it up
> >>> (by passing "no-tests" to Configure), but I am not sure I like skipping
> >>> tests. We should be testing more, not less.
> >>>
> >>> macOS? Who knows. It looks like on macOS, our main/openssl module links
> >>> statically, and doesn't apply any patches, so it might already work.
> >>>
> >>> -
> >>> LICENSING
> >>> -
> >>> Licensing has changed, as OpenSSL 3 is under the Apache Software 
> >>> License v2
> >>> like ourselves, and our LICENSE and NOTICE files have been greatly
> >>> simplified.
> >>>
> >>> -
> >>> CODE CHANGES
> >>> -
> >>> Remarkably, no changes to our C/C++ code were required. Some code 
> >>> changes
> >>> were required in the past, eg. 
> >>> f884850fece86ece56c7194bb1e746641f77c0a0 to
> >>> deal with EVP_CIPHER_CTX_init() -> EVP_CIPHER_CTX_new() between OpenSSL
> >>> 1.0.x and 1.1.x. However, nothing needed changing between 1.1.x and 
> >>> 3.0.13,
> >>> OpenSSL was sufficiently backward compatible.
> >>>
> >>> --
> >>> OTHER BRANCHES
> >>> --
> >>> While those 1.0.x -> 1.1.x code changes are in trunk, they may be 
> >>> absent
> >>> from other branches, 

Re: OpenSSL upgraded to 3.0.13

2024-03-31 Thread Matthias Seidel

Hi All,

Please find a Windows build here:

https://www.dropbox.com/scl/fi/mee9swkwgpa1gsw0axhl1/Apache_OpenOffice_4.5.0_Win_x86_install_en-US_openssl.exe?rlkey=3f9kyqdh4fmztllsda9pqbhmx=0

Happy testing!

Regards,

   Matthias

Am 31.03.24 um 15:27 schrieb Matthias Seidel:

Hi Damjan, All,

Am 29.03.24 um 15:32 schrieb Matthias Seidel:

Hi Damjan,

Am 29.03.24 um 10:33 schrieb Damjan Jovanovic:

Hi

I've now pushed commit 4c5b548fb6ece87dd30bbf720aca0d994a749167 into 
trunk,

upgrading our OpenSSL version from 1.0.2u to 3.0.13.


Great!

I am just doing a build on Windows.


Builds fine for me!

But I am not sure how to test OpenSSL functionality?

Regards,

   Matthias



Regards,

   Matthias



Some issues to consider:

-
PLATFORMS
-
It works on FreeBSD 14, both with system OpenSSL linked dynamically and
internal OpenSSL linked statically.

Linux hasn't been tested but is so similar to FreeBSD that it really 
should

work.

It works on Windows, with the following changes:
- OpenSSL requires Perl to build, but doesn't like Cygwin's Perl.
Previously, OpenSSL 1.0.2u was patched to use Cygwin's Perl, but 
OpenSSL 3
completely changed the build system, and I couldn't port the old 
patches.
Now note how traditionally our build tools (eg. make, Apache Ant, 
awk, sed,

etc.) were all installed prior to building OpenOffice, detected by
./configure, and then used during the build. I've done something 
different:
during ./bootstrap it will now download the Win32 Strawberry Perl 
portable
binaries as a dependency, and while building OpenSSL, it will unzip 
these
and temporarily use them as the Perl for building OpenSSL. This 
works, and
should reliably continue to work, but is a bit unusual, uses close 
to 800
MB extra disk space, and cannot use a system-wide Strawberry Perl 
instead
of the portable binaries, so it is something we may want to change 
going

forward. On the plus side, this new approach neither requires any
additional options to ./configure, nor babysitting any more build
dependencies, nor dragging around long patches to change OpenSSL to use
Cygwin's Perl. If anybody objects, speak up.
- Some defines were missing from MSVC's header files, for the ancient
version of the MSVC compiler we use, so I had to add them as command 
line

parameters to the compiler instead, eg.
"-DINT64_MAX=9223372036854775807i64".
- OpenSSL normally requires fairly recent versions of Windows, but also
supports the more minimal Windows CE, and so has fallback paths that 
can be
used for older versions of Windows. I've configured it to target 
Windows 95
and NT 4.0, and added a small number of patches that fix the build 
issues,

mostly by using the Windows CE fallback code.
- NASM is handled better: before, when NASM was already in the $PATH
instead of --with-nasm-path being passed to ./configure, building 
openssl

would break. It now works.
- Python needed a lot of patching to use OpenSSL 3, and the Win64 
build of

python is probably broken and will need further work.
- It takes really long to build. We could disable unit tests to 
speed it up

(by passing "no-tests" to Configure), but I am not sure I like skipping
tests. We should be testing more, not less.

macOS? Who knows. It looks like on macOS, our main/openssl module links
statically, and doesn't apply any patches, so it might already work.

-
LICENSING
-
Licensing has changed, as OpenSSL 3 is under the Apache Software 
License v2

like ourselves, and our LICENSE and NOTICE files have been greatly
simplified.

-
CODE CHANGES
-
Remarkably, no changes to our C/C++ code were required. Some code 
changes
were required in the past, eg. 
f884850fece86ece56c7194bb1e746641f77c0a0 to

deal with EVP_CIPHER_CTX_init() -> EVP_CIPHER_CTX_new() between OpenSSL
1.0.x and 1.1.x. However, nothing needed changing between 1.1.x and 
3.0.13,

OpenSSL was sufficiently backward compatible.

--
OTHER BRANCHES
--
While those 1.0.x -> 1.1.x code changes are in trunk, they may be 
absent
from other branches, so cherry picking this commit to other branches 
may

require more commits to be cherry picked.

-
FUTURE
-
OpenSSL 3.0.x is the LTS release series, and will be supported until
2026-09-07.

Regards
Damjan



smime.p7s
Description: Kryptografische S/MIME-Signatur


Re: OpenSSL upgraded to 3.0.13

2024-03-31 Thread Matthias Seidel

Hi Damjan, All,

Am 29.03.24 um 15:32 schrieb Matthias Seidel:

Hi Damjan,

Am 29.03.24 um 10:33 schrieb Damjan Jovanovic:

Hi

I've now pushed commit 4c5b548fb6ece87dd30bbf720aca0d994a749167 into 
trunk,

upgrading our OpenSSL version from 1.0.2u to 3.0.13.


Great!

I am just doing a build on Windows.


Builds fine for me!

But I am not sure how to test OpenSSL functionality?

Regards,

   Matthias



Regards,

   Matthias



Some issues to consider:

-
PLATFORMS
-
It works on FreeBSD 14, both with system OpenSSL linked dynamically and
internal OpenSSL linked statically.

Linux hasn't been tested but is so similar to FreeBSD that it really 
should

work.

It works on Windows, with the following changes:
- OpenSSL requires Perl to build, but doesn't like Cygwin's Perl.
Previously, OpenSSL 1.0.2u was patched to use Cygwin's Perl, but 
OpenSSL 3
completely changed the build system, and I couldn't port the old 
patches.
Now note how traditionally our build tools (eg. make, Apache Ant, 
awk, sed,

etc.) were all installed prior to building OpenOffice, detected by
./configure, and then used during the build. I've done something 
different:
during ./bootstrap it will now download the Win32 Strawberry Perl 
portable
binaries as a dependency, and while building OpenSSL, it will unzip 
these
and temporarily use them as the Perl for building OpenSSL. This 
works, and
should reliably continue to work, but is a bit unusual, uses close to 
800
MB extra disk space, and cannot use a system-wide Strawberry Perl 
instead

of the portable binaries, so it is something we may want to change going
forward. On the plus side, this new approach neither requires any
additional options to ./configure, nor babysitting any more build
dependencies, nor dragging around long patches to change OpenSSL to use
Cygwin's Perl. If anybody objects, speak up.
- Some defines were missing from MSVC's header files, for the ancient
version of the MSVC compiler we use, so I had to add them as command 
line

parameters to the compiler instead, eg.
"-DINT64_MAX=9223372036854775807i64".
- OpenSSL normally requires fairly recent versions of Windows, but also
supports the more minimal Windows CE, and so has fallback paths that 
can be
used for older versions of Windows. I've configured it to target 
Windows 95
and NT 4.0, and added a small number of patches that fix the build 
issues,

mostly by using the Windows CE fallback code.
- NASM is handled better: before, when NASM was already in the $PATH
instead of --with-nasm-path being passed to ./configure, building 
openssl

would break. It now works.
- Python needed a lot of patching to use OpenSSL 3, and the Win64 
build of

python is probably broken and will need further work.
- It takes really long to build. We could disable unit tests to speed 
it up

(by passing "no-tests" to Configure), but I am not sure I like skipping
tests. We should be testing more, not less.

macOS? Who knows. It looks like on macOS, our main/openssl module links
statically, and doesn't apply any patches, so it might already work.

-
LICENSING
-
Licensing has changed, as OpenSSL 3 is under the Apache Software 
License v2

like ourselves, and our LICENSE and NOTICE files have been greatly
simplified.

-
CODE CHANGES
-
Remarkably, no changes to our C/C++ code were required. Some code 
changes
were required in the past, eg. 
f884850fece86ece56c7194bb1e746641f77c0a0 to

deal with EVP_CIPHER_CTX_init() -> EVP_CIPHER_CTX_new() between OpenSSL
1.0.x and 1.1.x. However, nothing needed changing between 1.1.x and 
3.0.13,

OpenSSL was sufficiently backward compatible.

--
OTHER BRANCHES
--
While those 1.0.x -> 1.1.x code changes are in trunk, they may be absent
from other branches, so cherry picking this commit to other branches may
require more commits to be cherry picked.

-
FUTURE
-
OpenSSL 3.0.x is the LTS release series, and will be supported until
2026-09-07.

Regards
Damjan



smime.p7s
Description: Kryptografische S/MIME-Signatur


Re: OpenSSL upgraded to 3.0.13

2024-03-29 Thread Matthias Seidel

Hi Damjan,

Am 29.03.24 um 10:33 schrieb Damjan Jovanovic:

Hi

I've now pushed commit 4c5b548fb6ece87dd30bbf720aca0d994a749167 into trunk,
upgrading our OpenSSL version from 1.0.2u to 3.0.13.


Great!

I am just doing a build on Windows.

Regards,

   Matthias



Some issues to consider:

-
PLATFORMS
-
It works on FreeBSD 14, both with system OpenSSL linked dynamically and
internal OpenSSL linked statically.

Linux hasn't been tested but is so similar to FreeBSD that it really should
work.

It works on Windows, with the following changes:
- OpenSSL requires Perl to build, but doesn't like Cygwin's Perl.
Previously, OpenSSL 1.0.2u was patched to use Cygwin's Perl, but OpenSSL 3
completely changed the build system, and I couldn't port the old patches.
Now note how traditionally our build tools (eg. make, Apache Ant, awk, sed,
etc.) were all installed prior to building OpenOffice, detected by
./configure, and then used during the build. I've done something different:
during ./bootstrap it will now download the Win32 Strawberry Perl portable
binaries as a dependency, and while building OpenSSL, it will unzip these
and temporarily use them as the Perl for building OpenSSL. This works, and
should reliably continue to work, but is a bit unusual, uses close to 800
MB extra disk space, and cannot use a system-wide Strawberry Perl instead
of the portable binaries, so it is something we may want to change going
forward. On the plus side, this new approach neither requires any
additional options to ./configure, nor babysitting any more build
dependencies, nor dragging around long patches to change OpenSSL to use
Cygwin's Perl. If anybody objects, speak up.
- Some defines were missing from MSVC's header files, for the ancient
version of the MSVC compiler we use, so I had to add them as command line
parameters to the compiler instead, eg.
"-DINT64_MAX=9223372036854775807i64".
- OpenSSL normally requires fairly recent versions of Windows, but also
supports the more minimal Windows CE, and so has fallback paths that can be
used for older versions of Windows. I've configured it to target Windows 95
and NT 4.0, and added a small number of patches that fix the build issues,
mostly by using the Windows CE fallback code.
- NASM is handled better: before, when NASM was already in the $PATH
instead of --with-nasm-path being passed to ./configure, building openssl
would break. It now works.
- Python needed a lot of patching to use OpenSSL 3, and the Win64 build of
python is probably broken and will need further work.
- It takes really long to build. We could disable unit tests to speed it up
(by passing "no-tests" to Configure), but I am not sure I like skipping
tests. We should be testing more, not less.

macOS? Who knows. It looks like on macOS, our main/openssl module links
statically, and doesn't apply any patches, so it might already work.

-
LICENSING
-
Licensing has changed, as OpenSSL 3 is under the Apache Software License v2
like ourselves, and our LICENSE and NOTICE files have been greatly
simplified.

-
CODE CHANGES
-
Remarkably, no changes to our C/C++ code were required. Some code changes
were required in the past, eg. f884850fece86ece56c7194bb1e746641f77c0a0 to
deal with EVP_CIPHER_CTX_init() -> EVP_CIPHER_CTX_new() between OpenSSL
1.0.x and 1.1.x. However, nothing needed changing between 1.1.x and 3.0.13,
OpenSSL was sufficiently backward compatible.

--
OTHER BRANCHES
--
While those 1.0.x -> 1.1.x code changes are in trunk, they may be absent
from other branches, so cherry picking this commit to other branches may
require more commits to be cherry picked.

-
FUTURE
-
OpenSSL 3.0.x is the LTS release series, and will be supported until
2026-09-07.

Regards
Damjan



smime.p7s
Description: Kryptografische S/MIME-Signatur