support for libressl 2.9
Greg Hudson
ghudson at mit.edu
Wed Nov 6 00:47:23 EST 2019
On 11/5/19 8:41 PM, Jerry wrote:
> Hi. I am trying to compile Kerberos v1.17 with LibreSSL 2.9.x, but I
> get error messages about not finding the header file 'asn1_mac.h'. In
> LibreSSL 2.9.0, that header file was removed. I tried a few obvious
> tricks with the #if #include options but encountered other errors. Is
> there a patch to allow Kerberos to compile with LibreSSL?
That's a little odd. asn1_mac.h is only included from
pkinit_crypto_openssl.h, conditionally:
#if OPENSSL_VERSION_NUMBER >= 0x10100000L
#include <openssl/asn1t.h>
#else
#include <openssl/asn1_mac.h>
#endif
LibreSSL defines OPENSSL_VERSION_NUMBER as 0x20000000L (a somewhat
contentious choice, but not for this particular reason). So I'm not
sure why you're seeing the code trying to include asn1_mac.h.
Regardless, we don't test against LibreSSL, but you might try the
patches from the FreeBSD port:
https://github.com/freebsd/freebsd-ports/tree/master/security/krb5-117/files
More information about the Kerberos
mailing list