packages icon indicating copy to clipboard operation
packages copied to clipboard
verified publisher icon openwrt

emailrelay: Support compiling with MbedTLS

Open stokito opened this issue 3 years ago • 2 comments

Maintainer: @fededim Compile tested: not yet :(

The EmailRelay has MbedTLS support. Ideally it would be great to have a separate package emailrelay-mdtls but at least for now we can make a first step. The OpenWrt will get back from WolfSSL to MbedTLS by default. Then installing of the EmailRelay bey be so cheap so that can be installed to OpenWrt by default.

Also please check my #18536 and update EmailRealy version. In a day or two it should be released v2.3.1

stokito avatar Jul 04 '22 20:07 stokito

Also we can make a binary smaller by disabling i18n e.g../configure --without-gettext. On my x64 the resulted binary become smaller from 35,488,584 bytes to 35,389,000 e.g. was saved 99,584 bytes

stokito avatar Jul 04 '22 21:07 stokito

See also Shrink size issue https://sourceforge.net/p/emailrelay/feature-requests/29/ We have to split the package to a separate emailrelay-tools. Another thing to to is to disable admin service. Also compilation optimization options must be checked.

stokito avatar Oct 01 '22 23:10 stokito

Please do no longer set PKG_RELEASE to AUTORELEASE as the feature is deprecated. Please use an integer instead. Below is a list of affected packages including correct PKG_RELEASE:

  • mail/emailrelay/Makefile: PKG_RELEASE:=5

github-actions[bot] avatar Dec 06 '22 21:12 github-actions[bot]

I tried to compile with the mbedtls bug got the error:

Making all in gssl
make[6]: Entering directory '/mnt/work/wrt/openwrt/build_dir/target-x86_64_musl/emailrelay-2.4.1/src/gssl'
x86_64-openwrt-linux-musl-g++ -DHAVE_CONFIG_H -I. -I../../src  -I../../src/glib -I/mnt/work/wrt/openwrt/staging_dir/toolchain-x86_64_gcc-11.3.0_musl/usr/include -I/mnt/work/wrt/openwrt/staging_dir/toolchain-x86_64_gcc-11.3.0_musl/include/fortify -I/mnt/work/wrt/openwrt/staging_dir/toolchain-x86_64_gcc-11.3.0_musl/include   -Os -pipe -fno-caller-saves -fno-plt -fhonour-copts -Wno-error=unused-but-set-variable -Wno-error=unused-result -fmacro-prefix-map=/mnt/work/wrt/openwrt/build_dir/target-x86_64_musl/emailrelay-2.4.1=emailrelay-2.4.1 -Wformat -Werror=format-security -fstack-protector -D_FORTIFY_SOURCE=1 -Wl,-z,now -Wl,-z,relro -ffunction-sections -fdata-sections -flto -Wl,--gc-sections,--as-needed  -MT gssl_mbedtls.o -MD -MP -MF .deps/gssl_mbedtls.Tpo -c -o gssl_mbedtls.o gssl_mbedtls.cpp
gssl_mbedtls.cpp: In static member function 'static std::string GSsl::MbedTls::LibraryImp::version()':
gssl_mbedtls.cpp:213:9: error: 'mbedtls_version_get_string' was not declared in this scope; did you mean 'mbedtls_mpi_write_string'?
  213 |         mbedtls_version_get_string( &buffer[0] ) ;
      |         ^~~~~~~~~~~~~~~~~~~~~~~~~~
      |         mbedtls_mpi_write_string
gssl_mbedtls.cpp: In static member function 'static std::string GSsl::MbedTls::LibraryImp::sid()':
gssl_mbedtls.cpp:222:9: error: 'mbedtls_version_get_string_full' was not declared in this scope; did you mean 'mbedtls_asn1_get_bitstring_null'?
  222 |         mbedtls_version_get_string_full( &buffer[0] ) ;
      |         ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
      |         mbedtls_asn1_get_bitstring_null
gssl_mbedtls.cpp: In constructor 'GSsl::MbedTls::ProfileImp::ProfileImp(const GSsl::MbedTls::LibraryImp&, bool, const string&, const string&, const string&, const string&, const string&, const string&)':
gssl_mbedtls.cpp:622:34: error: 'mbedtls_version_get_number' was not declared in this scope
  622 |                         else if( mbedtls_version_get_number() <= 0x02040200 )
      |                                  ^~~~~~~~~~~~~~~~~~~~~~~~~~
gssl_mbedtls.cpp:666:17: error: 'mbedtls_ssl_conf_renegotiation' was not declared in this scope; did you mean 'mbedtls_ssl_conf_legacy_renegotiation'?
  666 |                 mbedtls_ssl_conf_renegotiation( &m_config , MBEDTLS_SSL_RENEGOTIATION_DISABLED ) ;
      |                 ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
      |                 mbedtls_ssl_conf_legacy_renegotiation
make[6]: *** [Makefile:406: gssl_mbedtls.o] Error 1

this happens because the emailrelay -V tries to show an SSL library version. But the mbedtls on OpenWrt is compiled with the disabled CONFIG_MBEDTLS_VERSION_C so the version.h file with the mbedtls_version_get_string is not included.

One possible solution to solve this is to add DEPENDS:=@CONFIG_MBEDTLS_VERSION_C but I'm not sure how to do that. Maybe it would be better to ask the ER author to add come compilation check and don't call the function if not exists. Then it can work with the already compiled libmbedtls from OpenWrt feed.

For my project I decided to use openssl for now so I don't know if this is needed for anyone else. So I closing the PR

stokito avatar Dec 06 '22 23:12 stokito