[Bug 955371] Re: Build deps don't reflect failure of simple backport on Lucid's openssl
The latest openconnect 3.20-1 release builds in Lucid. https://launchpad.net/ubuntu/+source/openconnect/3.20-1 ** Changed in: openconnect (Ubuntu) Status: In Progress => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/955371 Title: Build deps don't reflect failure of simple backport on Lucid's openssl To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openconnect/+bug/955371/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 955371] Re: Build deps don't reflect failure of simple backport on Lucid's openssl
Great, thanks David! Builds and works on my freshly installed Lucid VM. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/955371 Title: Build deps don't reflect failure of simple backport on Lucid's openssl To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openconnect/+bug/955371/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 955371] Re: Build deps don't reflect failure of simple backport on Lucid's openssl
This one is even tested (albeit with my own build of Lucid's OpenSSL from its source, statically linked and run on Fedora): http://git.infradead.org/users/dwmw2/openconnect.git/commitdiff/0c94594f88 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/955371 Title: Build deps don't reflect failure of simple backport on Lucid's openssl To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openconnect/+bug/955371/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 955371] Re: Build deps don't reflect failure of simple backport on Lucid's openssl
I can't help you with access to a shell, maybe someone else can, I'm building in a chroot for this and will eventually set up a Lucid VM for further testing. If you want to see if you can use the static version of the Lucid build with your --with-openssl option, you can try this: mkdir lucidssl cd lucidssl wget ftp://ftp.ubuntu.com/ubuntu/pool/main/o/openssl/libssl-dev_0.9.8k-7ubuntu8.11_amd64.deb ar pf libssl-dev_0.9.8k-7ubuntu8.11_amd64.deb data.tar.gz \ | zcat \ | tar xf - ./usr/include/openssl ./usr/lib/libcrypto.a ./usr/lib/libssl.a mv ./usr/include ./usr/lib/lib* . Works for me, in that it gets to the same error I saw in a lucid chroot. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/955371 Title: Build deps don't reflect failure of simple backport on Lucid's openssl To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openconnect/+bug/955371/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 955371] Re: Build deps don't reflect failure of simple backport on Lucid's openssl
OK, doing this blind from the OpenSSL CVS history probably isn't the sanest approach; the whole point being that Lucid's OpenSSL has diverged somewhat from any upstream version that ever existed? Can I have a shell on a Lucid box? http://david.woodhou.se/authorized_keys {,asc} -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/955371 Title: Build deps don't reflect failure of simple backport on Lucid's openssl To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openconnect/+bug/955371/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 955371] Re: Build deps don't reflect failure of simple backport on Lucid's openssl
** Tags removed: patch -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/955371 Title: Build deps don't reflect failure of simple backport on Lucid's openssl To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openconnect/+bug/955371/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 955371] Re: Build deps don't reflect failure of simple backport on Lucid's openssl
The attachment "lucid-openssl-compat.patch" of this bug report has been identified as being a patch. The ubuntu-reviewers team has been subscribed to the bug report so that they can review the patch. In the event that this is in fact not a patch you can resolve this situation by removing the tag 'patch' from the bug report and editing the attachment so that it is not flagged as a patch. Additionally, if you are member of the ubuntu-reviewers team please also unsubscribe the team from this bug report. [This is an automated message performed by a Launchpad user owned by Brian Murray. Please contact him regarding any issues with the action taken in this bug report.] ** Tags added: patch -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/955371 Title: Build deps don't reflect failure of simple backport on Lucid's openssl To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openconnect/+bug/955371/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 955371] Re: Build deps don't reflect failure of simple backport on Lucid's openssl
Fixed patch to this, still fails to build: dtls.c: In function 'dtls_try_handshake': dtls.c:321: error: 'BIO_CTRL_DGRAM_SET_TIMEOUT' undeclared (first use in this function) dtls.c:321: error: (Each undeclared identifier is reported only once dtls.c:321: error: for each function it appears in.) ** Patch added: "lucid-openssl-compat.patch" https://bugs.launchpad.net/ubuntu/+source/openconnect/+bug/955371/+attachment/3139904/+files/lucid-openssl-compat.patch -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/955371 Title: Build deps don't reflect failure of simple backport on Lucid's openssl To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openconnect/+bug/955371/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 955371] Re: Build deps don't reflect failure of simple backport on Lucid's openssl
This should fix it sanely on Lucid, I think: http://david.woodhou.se /lucid-openssl-compat.patch -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/955371 Title: Build deps don't reflect failure of simple backport on Lucid's openssl To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openconnect/+bug/955371/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 955371] Re: Build deps don't reflect failure of simple backport on Lucid's openssl
I could probably do with making upstream build on lucid anyway. Can you show me what the dtls1_stop_timer() function looks like there? Ideally I can reproduce its effects somehow, or failing that I'll just make it build without DTLS there. It really does suck that dtls1_stop_timer() is hidden from applications! -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/955371 Title: Build deps don't reflect failure of simple backport on Lucid's openssl To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openconnect/+bug/955371/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 955371] Re: Build deps don't reflect failure of simple backport on Lucid's openssl
I was going to go with the latter, simply require 0.9.8m and newer. I'd say this was an oversight when I took over the Debian package and updated from 3.02 to 3.15. Backporting to lucid would require backporting openssl as well. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/955371 Title: Build deps don't reflect failure of simple backport on Lucid's openssl To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openconnect/+bug/955371/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 955371] Re: Build deps don't reflect failure of simple backport on Lucid's openssl
Something like http://david.woodhou.se/openssl-wtf.patch should make it build, perhaps? -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/955371 Title: Build deps don't reflect failure of simple backport on Lucid's openssl To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openconnect/+bug/955371/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 955371] Re: Build deps don't reflect failure of simple backport on Lucid's openssl
Er, you have a version of OpenSSL 0.9.8g which *has* the Cisco DTLS compatibility backported (otherwise you wouldn't be building this code at all), but which *doesn't* have BIO_CTRL_DGRAM_SET_NEXT_TIMEOUT? Um do we really care about making it work with that strange version of OpenSSL, or can we just get away with requiring a newer version? I'd quite like to make the upstream source at least *build* on such systems, even if it lacks DTLS support there. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/955371 Title: Build deps don't reflect failure of simple backport on Lucid's openssl To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openconnect/+bug/955371/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 955371] Re: Build deps don't reflect failure of simple backport on Lucid's openssl
Confirmed. This will be fixed in 3.18-2. ** Changed in: openconnect (Ubuntu) Status: New => In Progress ** Changed in: openconnect (Ubuntu) Assignee: (unassigned) => Mike Miller (mtmiller) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/955371 Title: Build deps don't reflect failure of simple backport on Lucid's openssl To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openconnect/+bug/955371/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 955371] Re: Build deps don't reflect failure of simple backport on Lucid's openssl
** Description changed: When I try to build on Lucid, I get the following compiler errors: - CC openconnect-dtls.o + CC openconnect-dtls.o dtls.c: In function ‘dtls_try_handshake’: dtls.c:310: error: ‘struct dtls1_state_st’ has no member named ‘next_timeout’ dtls.c:311: error: ‘struct dtls1_state_st’ has no member named ‘next_timeout’ dtls.c:312: error: ‘struct dtls1_state_st’ has no member named ‘timeout_duration’ dtls.c:314: error: ‘BIO_CTRL_DGRAM_SET_NEXT_TIMEOUT’ undeclared (first use in this function) dtls.c:314: error: (Each undeclared identifier is reported only once dtls.c:314: error: for each function it appears in.) dtls.c:315: error: ‘struct dtls1_state_st’ has no member named ‘next_timeout’ The corresponding source is as follows: - /* Debian restricts visibility of dtls1_stop_timer() - so do it manually. Thankfully this *should* work, - from 0.9.8m to 1.0.0d inclusive, and we don't have - to worry about future changes because we don't do - this for 1.0.0e and above anyway */ - memset (&(vpninfo->dtls_ssl->d1->next_timeout), 0, - sizeof((vpninfo->dtls_ssl->d1->next_timeout))); - vpninfo->dtls_ssl->d1->timeout_duration = 1; - BIO_ctrl(SSL_get_rbio(vpninfo->dtls_ssl), -BIO_CTRL_DGRAM_SET_NEXT_TIMEOUT, 0, -&(vpninfo->dtls_ssl->d1->next_timeout)); + /* Debian restricts visibility of dtls1_stop_timer() + so do it manually. Thankfully this *should* work, + from 0.9.8m to 1.0.0d inclusive, and we don't have + to worry about future changes because we don't do + this for 1.0.0e and above anyway */ + memset (&(vpninfo->dtls_ssl->d1->next_timeout), 0, + sizeof((vpninfo->dtls_ssl->d1->next_timeout))); + vpninfo->dtls_ssl->d1->timeout_duration = 1; + BIO_ctrl(SSL_get_rbio(vpninfo->dtls_ssl), + BIO_CTRL_DGRAM_SET_NEXT_TIMEOUT, 0, + &(vpninfo->dtls_ssl->d1->next_timeout)); This seems to indicate that building should require OpenSSL 0.9.8m or greater, while the build dependencies only ask for libssl-dev (>= 0.9.8g-14). + + The corresponding commit message in + 269a2e16a2686b0d416e4b78f6ecd4b44b6b3e1e says the same thing. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/955371 Title: Build deps don't reflect failure of simple backport on Lucid's openssl To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openconnect/+bug/955371/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs