Re: [stunnel-users] [stunnel-announce] stunnel 5.10 released - Problem compiling stunnel 5.10 with openssl 1.0.2
stunnel 5.10 openssl 1.0.2 Ubuntu 10.04 Server lucid
after installing automake-1.14.1 (required as of 5.08) and running configure without a problem, make fails with this message:
/usr/bin/ld: /ssl-1.0.2/lib/libssl.a(s2_srvr.o): relocation R_X86_64_32 against `.rodata' can not be used when making a shared object; recompile with -fPIC /ssl-1.0.2/lib/libssl.a: could not read symbols: Bad value
I can resolve this issue by commenting the assignment of CFLAGS and LDFLAGS in the stunnel configure script so -fPIE and -pie -fPIE are not implemented.
# stunnel_CFLAGS="$stunnel_CFLAGS -fPIE"
# stunnel_LDFLAGS="$stunnel_LDFLAGS -pie -fPIE"
This is not required in stunnel 5.07 or earlier versions. I'm not sure exactly what the issue is here.. can anyone explain what the conflict is? Thx Pete
-----Original Message----- From: Michal Trojnara [mailto:Michal.Trojnara@mirt.net] Sent: Thursday, January 22, 2015 9:20 AM To: stunnel-users@stunnel.org; stunnel-announce@stunnel.org; openssl-users@openssl.org Subject: [stunnel-announce] stunnel 5.10 released
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Dear Users,
I have released version 5.10 of stunnel.
The ChangeLog entry:
Version 5.10, 2015.01.22, urgency: LOW: * New features - OCSP AIA (Authority Information Access) support. This feature can be enabled with the new service-level option "OCSPaia". - Additional security features of the linker are enabled: "-z relro", "-z now", "-z noexecstack". * Bugfixes - OpenSSL DLLs updated to version 1.0.1l. https://www.openssl.org/news/secadv_20150108.txt - FIPS canister updated to version 2.0.9 in the Win32 binary build.
Home page: https://www.stunnel.org/ Download: https://www.stunnel.org/downloads.html
SHA-256 hashes: 032bfc1854f8a0b9e452343c36ec6b52c7e0daef0863423c6b13a61a7c92eb23 stunnel-5.10.tar.gz 7c29753b6488f37b29f365e9c4a6060c3da8a89000af1cd29eab7c37d419d148 stunnel-5.10-installer.exe 93cd0941580eaa7815ed62ec88a111cb449e9bad97cd1a35d7524867a8238234 stunnel-5.10-android.zip
Best regards, Mike
_______________________________________________ stunnel-announce mailing list stunnel-announce@stunnel.org https://www.stunnel.org/cgi-bin/mailman/listinfo/stunnel-announce
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Hi Pete,
New stunnel builds with ASLR support, which breaks when it's linked against static libraries compiled without ASLR support. Building your OpenSSL as shared libraries should help. I see that stunnel is not the only affected software: https://trac.torproject.org/projects/tor/ticket/6622
Out of topic: It's time to update your Ubuntu. The end of life for version 10.04 is April 2015.
Mike
On 25.02.2015 19:50, WNSDEV wrote:
stunnel 5.10 openssl 1.0.2 Ubuntu 10.04 Server lucid
after installing automake-1.14.1 (required as of 5.08) and running configure without a problem, make fails with this message:
/usr/bin/ld: /ssl-1.0.2/lib/libssl.a(s2_srvr.o): relocation R_X86_64_32 against `.rodata' can not be used when making a shared object; recompile with -fPIC /ssl-1.0.2/lib/libssl.a: could not read symbols: Bad value
I can resolve this issue by commenting the assignment of CFLAGS and LDFLAGS in the stunnel configure script so -fPIE and -pie -fPIE are not implemented.
# stunnel_CFLAGS="$stunnel_CFLAGS -fPIE"
# stunnel_LDFLAGS="$stunnel_LDFLAGS -pie -fPIE"
This is not required in stunnel 5.07 or earlier versions. I'm not sure exactly what the issue is here.. can anyone explain what the conflict is? Thx Pete
-----Original Message----- From: Michal Trojnara [mailto:Michal.Trojnara@mirt.net] Sent: Thursday, January 22, 2015 9:20 AM To: stunnel-users@stunnel.org; stunnel-announce@stunnel.org; openssl-users@openssl.org Subject: [stunnel-announce] stunnel 5.10 released
Dear Users,
I have released version 5.10 of stunnel.
The ChangeLog entry:
Version 5.10, 2015.01.22, urgency: LOW: * New features - OCSP AIA (Authority Information Access) support. This feature can be enabled with the new service-level option "OCSPaia". - Additional security features of the linker are enabled: "-z relro", "-z now", "-z noexecstack". * Bugfixes - OpenSSL DLLs updated to version 1.0.1l. https://www.openssl.org/news/secadv_20150108.txt - FIPS canister updated to version 2.0.9 in the Win32 binary build.
Home page: https://www.stunnel.org/ Download: https://www.stunnel.org/downloads.html
SHA-256 hashes: 032bfc1854f8a0b9e452343c36ec6b52c7e0daef0863423c6b13a61a7c92eb23 stunnel-5.10.tar.gz 7c29753b6488f37b29f365e9c4a6060c3da8a89000af1cd29eab7c37d419d148 stunnel-5.10-installer.exe 93cd0941580eaa7815ed62ec88a111cb449e9bad97cd1a35d7524867a8238234 stunnel-5.10-android.zip
Best regards, Mike _______________________________________________ stunnel-announce mailing list stunnel-announce@stunnel.org https://www.stunnel.org/cgi-bin/mailman/listinfo/stunnel-announce
_______________________________________________ stunnel-users mailing list stunnel-users@stunnel.org https://www.stunnel.org/cgi-bin/mailman/listinfo/stunnel-users
-
Michal Trojnara -
WNSDEV