skipfish icon indicating copy to clipboard operation
skipfish copied to clipboard
verified publisher icon spinkham

Does not build against openssl-1.1?

Open roseswe opened this issue 5 years ago • 2 comments

As openssl 1.1 is now default, it seems to have build issues....

$ make cc -L/usr/local/lib/ -L/opt/local/lib src/skipfish.c -o skipfish
-O3 -Wno-format -Wall -funsigned-char -g -ggdb -I/usr/local/include/ -I/opt/local/include/ -DVERSION="2.10b" src/http_client.c src/database.c src/crawler.c src/analysis.c src/report.c src/checks.c src/signatures.c src/auth.c src/options.c -lcrypto -lssl -lidn -lz -lpcre src/http_client.c: In function 'check_ssl': src/http_client.c:1965:10: error: dereferencing pointer to incomplete type 'SSL_CIPHER {aka const struct ssl_cipher_st}' if(!(cp->algo_strength & SSL_MEDIUM) && !(cp->algo_strength & SSL_HIGH)) ^~ src/http_client.c:1982:34: error: dereferencing pointer to incomplete type 'X509 {aka struct x509_st}' if (ASN1_UTCTIME_cmp_time_t(p->cert_info->validity->notBefore, cur_time) ^~ src/http_client.c:2027:11: warning: 'ASN1_STRING_data' is deprecated [-Wdeprecated-declarations] buf = (char*)ASN1_STRING_data(name->d.dNSName); ^~~ In file included from /usr/include/openssl/e_os2.h:13:0, from /usr/include/openssl/ssl.h:45, from src/http_client.c:37: /usr/include/openssl/asn1.h:553:1: note: declared here DEPRECATEDIN_1_1_0(unsigned char *ASN1_STRING_data(ASN1_STRING *x)) ^ src/report.c: In function 'collect_samples': src/report.c:447:5: warning: this 'for' clause does not guard... [-Wmisleading-indentation] for (i=0;i<m_samp_cnt;i++) ^~~ src/report.c:450:7: note: ...this statement, but the latter is misleadingly indented as if it were guarded by the 'for' if (i == m_samp_cnt) { ^~ make: *** [Makefile:48: skipfish] Error 1

roseswe avatar Sep 30 '20 09:09 roseswe

Hi. I don't know exactly. However, the following error was resolved with openssl-1.0.1u. I'm using CentOS 8.

Error: Incomplete type'Reverse reference of pointer to SSL_CIPHER

I think it will work if I compile it using openssl-1.0.1u.

reference LDFLAGS = "-L /usr/local/openssl-1.0.1u/lib" CC = "gcc -I / usr / local / openssl-1.0.1u / include /" make

I used the following openssl. https://www.openssl.org/source/old/1.0.1/openssl-1.0.1u.tar.gz I used the openssl shared library.

If you get another error, try installing the following files as well: pcre-devel libidn-devel I don't know the specific package name because I don't know the distribution I'm using.

I solved the error, but I haven't used it much as a scanner yet. Please give it a try.

yut148 avatar Oct 22 '20 02:10 yut148

You can build this without much issue against alpine 3.3 docker image, I just setup an alias skipfish = docker run ....

S4lt5 avatar May 30 '21 20:05 S4lt5