Nmap Development mailing list archives
Re: nping fails to build on Mac OS X <10.6 because openssl is too old.
From: "Luis MartinGarcia." <luis.mgarc () gmail com>
Date: Mon, 10 Jan 2011 09:55:29 +0100
Hi Daniel, Thank you for reporting this. Nping requires SHA-256 for its "Echo Mode" protocol but, as you may know, it is possible to disable cryptographic support using: ./configure --with-openssl=no Unfortunately there is no way to have crypto support without SHA-256, so users with OpenSSL<=0.97 will have to upgrade (0.9.8 has been around for almost 6 years so I expect systems with 0.9.7 or less to be a tiny fraction) Anyway, I've added a check for EVP_sha256() that aborts compilation in case of failure. I attach a new version of configure.ac. Could you please give a try and let me know if it works? Thank you and best regards, Luis MartinGarcia. On 01/10/2011 12:44 AM, Daniel Johnson wrote:
I maintain the nmap package for fink and after updating to 5.36TEST3 I've gotten reports from 10.5 users that it won't build. This is the failure in nping/Crypto.cc: Crypto.cc: In static member function 'static int Crypto::hmac_sha256(u8*, size_t, u8*, u8*, size_t)': Crypto.cc:127: error: 'EVP_sha256' was not declared in this scope Crypto.cc: In static member function 'static u8* Crypto::deriveKey(const u8*, size_t, size_t*)': Crypto.cc:262: error: 'EVP_sha256' was not declared in this scope Crypto.cc:266: error: 'EVP_sha256' was not declared in this scope Sure enough, EVP_sha256 is only available starting with openssl 0.9.8 and 10.5 only has 0.9.7. At the very least, nping/configure.ac should probably check for EVP_sha256 rather than just blindly trusting that the user's openssl is new enough. I'm going to use fink's openssl100 to satisfy the dependency, but I thought it was worth bringing to your attention. Daniel _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Attachment:
configure.ac
Description:
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- nping fails to build on Mac OS X <10.6 because openssl is too old. Daniel Johnson (Jan 09)
- Re: nping fails to build on Mac OS X <10.6 because openssl is too old. Luis MartinGarcia. (Jan 10)
- Re: nping fails to build on Mac OS X <10.6 because openssl is too old. Daniel Johnson (Jan 11)
- Re: nping fails to build on Mac OS X <10.6 because openssl is too old. Luis MartinGarcia. (Jan 10)