Improve OpenSSL library version detection #938

Closed

wfr wants to merge 2 commits from v0.6-openssl-compat-signed into v0.6

pull from: v0.6-openssl-compat-signed

merge into: Bitmessage:v0.6

Bitmessage:v0.6

Bitmessage:gitea-115

Bitmessage:gitea-117

Bitmessage:gitea-130

Bitmessage:devcontainer-update-compat

Bitmessage:skiponionbootsraptest

Bitmessage:gitea-63

Bitmessage:gitea-125

Bitmessage:gitea-128

Bitmessage:test3

Bitmessage:test5

Bitmessage:test

Bitmessage:test4

Bitmessage:test2

Bitmessage:master

Bitmessage:bootstrap

Bitmessage:dependabot/pip/mistune-lt-2.0.6

Bitmessage:dependabot/pip/kivymd-1.1.1

Bitmessage:dependabot/pip/docutils-lt-0.20.0

Bitmessage:python3

Bitmessage:python3android

Conversation 7 Commits 2 Files Changed 4 +80 -6

wfr commented 2017-01-10 03:45:02 +01:00 (Migrated from github.com)

Copy Link

PyBitmessage depends on OpenSSL 1.0 but some GNU/Linux systems have
multiple versions installed. Try to locate the correct version.

https://bitmessage.org/forum/index.php/topic,5280.msg11431.html

PyBitmessage depends on OpenSSL 1.0 but some GNU/Linux systems have multiple versions installed. Try to locate the correct version. https://bitmessage.org/forum/index.php/topic,5280.msg11431.html

PeterSurda commented 2017-01-10 20:55:14 +01:00 (Migrated from github.com)

Copy Link

I don't see anything obviously wrong with it, give me a couple days for a closer code review and testing.

I don't see anything obviously wrong with it, give me a couple days for a closer code review and testing.

bmng-dev commented 2017-01-11 02:27:45 +01:00 (Migrated from github.com)

Copy Link

@PeterSurda perhaps you should check the landscape.io integration because landscape does highlight an obvious issue which looks like a showstopper on Windows.

Landscape.io Code Review for Pull Request #938

Edit: It seems only Landscapes successes are showing up. There should be brown dots when a check is pending and red X's if there are issues with a commit/pull request. This is possibly a configuration issue as these indicators appear on other repositories that use Landscape.

@PeterSurda perhaps you should check the landscape.io integration because landscape does highlight an obvious issue which looks like a showstopper on Windows. [Landscape.io Code Review for Pull Request #938](https://landscape.io/github/Bitmessage/PyBitmessage/pulls/938) Edit: It seems only Landscapes successes are showing up. There should be brown dots when a check is pending and red X's if there are issues with a commit/pull request. This is possibly a configuration issue as these indicators appear on other repositories that use Landscape.

bmng-dev commented 2017-01-11 03:22:03 +01:00 (Migrated from github.com)

Copy Link

@wfr that was fast. I don't see any other issues preventing this being accepted as it is.

@wfr that was fast. I don't see any other issues preventing this being accepted as it is.

PeterSurda commented 2017-01-12 19:46:35 +01:00 (Migrated from github.com)

Copy Link

Wouldn't it be better to support both 1.0.x and 1.1.0? If SSLeay_version fails, try OpenSSL_version and analogously with SSLeay -> OpenSSL_version_num. Or did something else change in 1.1.0? I don't have a suitable VM available now, can you test it? src/bitmessageqt/support.py would also have to be changed analogously.

Wouldn't it be better to support both 1.0.x and 1.1.0? If `SSLeay_version` fails, try `OpenSSL_version` and analogously with `SSLeay` -> `OpenSSL_version_num`. Or did something else change in 1.1.0? I don't have a suitable VM available now, can you test it? `src/bitmessageqt/support.py` would also have to be changed analogously.

PeterSurda commented 2017-01-12 22:13:24 +01:00 (Migrated from github.com)

Copy Link

So I checked it with Debian testing. It looks like there are more changed in OpenSSL 1.1.0 that make pyelliptic incompatible:

• ECDH_OpenSSL -> EC_KEY_OpenSSL
• ECDH_set_method -> EC_KEY_set_method
• EVP_CIPHER_CTX_cleanup -> EVP_CIPHER_CTX_reset
• EVP_MD_CTX_create -> EVP_MD_CTX_new
• EVP_MD_CTX_init -> EVP_MD_CTX_reset
• EVP_MD_CTX_destroy -> EVP_MD_CTX_free

Just renaming these looks sufficient. The problem is:

• EVP_ecdsa was deprecated and the relevant code needs to be rewritten to use the 'ecdsa-with-SHA1' method manually.

Anyone would like to fix that?

So I checked it with Debian testing. It looks like there are more changed in OpenSSL 1.1.0 that make pyelliptic incompatible: - `ECDH_OpenSSL` -> `EC_KEY_OpenSSL` - `ECDH_set_method` -> `EC_KEY_set_method` - `EVP_CIPHER_CTX_cleanup` -> `EVP_CIPHER_CTX_reset` - `EVP_MD_CTX_create` -> `EVP_MD_CTX_new` - `EVP_MD_CTX_init` -> `EVP_MD_CTX_reset` - `EVP_MD_CTX_destroy` -> `EVP_MD_CTX_free` Just renaming these looks sufficient. The problem is: - `EVP_ecdsa` was deprecated and the relevant code needs to be rewritten to use the `'ecdsa-with-SHA1'` method manually. Anyone would like to fix that?

PeterSurda commented 2017-01-12 23:30:56 +01:00 (Migrated from github.com)

Copy Link

So I tested it and other than the singing / signature verification it seems to work. If someone could fix that, that would be great.

So I tested it and other than the singing / signature verification it seems to work. If someone could fix that, that would be great.

PeterSurda commented 2017-01-13 10:11:37 +01:00 (Migrated from github.com)

Copy Link

Well, good news, EVP_ecdsa can be replaced with EVP_sha1. I tried it and it works both for signing and verification. So I'll provide my own patch instead and you can keep using OpenSSL 1.1.x.

Well, good news, `EVP_ecdsa` can be replaced with `EVP_sha1`. I tried it and it works both for signing and verification. So I'll provide my own patch instead and you can keep using OpenSSL 1.1.x.

This repo is archived. You cannot comment on pull requests.

Reviewers

No Reviewers

Labels

Clear labels

bug

Something isn't working as it's supposed to

build

Related to building or build system

dependencies

Pull requests that update a dependency file

developers

The issue is relevant mainly for developers rather than users

documentation

duplicate

enhancement

New feature

formatting

Code or UI text formatting

invalid

legal

mobile

Frontend for mobile devices (kivy)

obsolete

packaging

performance

protocol

Protocol change

question

refactoring

regression

Some issue, fixed in the past, appears again

security

test

translation

usability

wontfix

No Label

bug

Milestone

No items

No Milestone v0.6.2

Projects

Clear projects

No project

Assignees

Clear assignees

PeterSurda

No Assignees

1 Participants

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: Bitmessage/PyBitmessage-2025-02-21#938

No description provided.