constcast
/
vermont
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

vermont is not compatible with openssl 1.1.0 

openssl 1.1.0 is not API backward compatible with 1.0.0, and vermont
will not compile with the newer version.

The cmake find_package macro has no way to specify a maximum version
so check it explicitly.
master
Nicholas Brown 2017-06-19 15:02:23 +01:00 committed by Nicholas Brown
parent 454ea8d8a4
commit e77f883c56
2 changed files with 10 additions and 55 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
CMakeLists.txt
View File

@ -537,10 +537,13 @@ ENDIF(CONNECTION_FILTER)
OPTION(SUPPORT_DTLS "Enables/Disables encryption support for IPFIX messages." OFF)
IF (SUPPORT_DTLS)
FIND_PACKAGE(OpenSSL)
FIND_PACKAGE(OpenSSL 1.0.0)
IF (NOT OPENSSL_FOUND)
MESSAGE(FATAL_ERROR "Could not find openssl. Please install the library or turn off SUPPORT_DTLS")
ENDIF (NOT OPENSSL_FOUND)
IF (NOT (${OPENSSL_VERSION} VERSION_LESS 1.1.0))
MESSAGE(FATAL_ERROR "openssl version must be less than 1.1.0")
ENDIF (NOT (${OPENSSL_VERSION} VERSION_LESS 1.1.0))
INCLUDE_DIRECTORIES(${OPENSSL_INCLUDE_DIR})
TARGET_LINK_LIBRARIES(vermont ${OPENSSL_LIBRARIES})
ADD_DEFINITIONS(-DSUPPORT_DTLS)

60
README.md
View File

@ -32,9 +32,7 @@ The following packages are optional:
- libczmq-dev (for receiving IPFIX reports over ZMQ)
==> cmake option SUPPORT_ZMQ
For DTLS support, OpenSSL 1.0.0 or higher is required. It is recommended
to build OpenSSL based on the latest CVS revision. See DTLS instructions below.
For DTLS support, OpenSSL 1.0.0 is required.
## BUILDING AND INSTALLATION
@ -83,64 +81,18 @@ $ make install
### BUILDING WITH DTLS-OVER-UDP SUPPORT
VERMONT's DTLS support is based on OpenSSL version 1.0.0 (and maybe higher).
VERMONT's DTLS support is based on OpenSSL version 1.0.0. OpenSSL 1.1.0 is not currently supported.
Since the DTLS implementation in OpenSSL is fairly new and not as mature as
the TLS/SSL implementation, you should use the latest version of OpenSSL which
you can get from http://openssl.org/source/.
At the time of writing (July 2010), the latest version is 1.0.0a.
In order to compile VERMONT with DTLS-over-UDP support set the following option:
``` shell
$ wget http://openssl.org/source/openssl-1.0.0a.tar.gz
$ tar xzf openssl-1.0.0a.tar.gz
$ cd openssl-1.0.0a/
$ cmake -DSUPPORT_DTLS=YES
```
If you want to profit from the most recent bugfixes, you can check out the
sources from the OpenSSL CVS repository instead:
``` shell
$ cvs -z9 -d anonymous@cvs.openssl.org:/openssl-cvs co openssl
$ cd openssl/
If CMake does not find OPENSSL you can explicitly specify the include and library paths:
```
In order to avoid incompatibilities with other packages of your distribution,
you probably do not want the new version of OpenSSL to become the default
OpenSSL library on your system. Therefore, it is recommended to install the
new version in a local directory by using the --prefix option of the config
script.
To build OpenSSL and install it into a built/ subdirectory within the OpenSSL
source directory, call the following commands:
``` shell
$ ./config -d no-dso no-shared --prefix=`pwd`/built
$ make
$ make install
cmake -DSUPPORT_DTLS=YES -DCMAKE_INCLUDE_PATH=/path/to/openssl/include -DCMAKE_LIBRARY_PATH=/path/to/openssl/lib
```
The configure option "no-dso" turns off the use of shared-library methods which
avoids linking problems related to libdl on the Linux platform.
With the option "no-shared", only static libraries are built which makes it
easier to link VERMONT to the correct version of OpenSSL.
In order to compile VERMONT with DTLS-over-UDP support, change into the root
of VERMONT's source directory and execute cmake with the OpenSSL include and
library paths (replace "/path/to/openssl" by your OpenSSL source directory):
``` shell
$ cmake -DSUPPORT_DTLS=YES -DCMAKE_INCLUDE_PATH=/path/to/openssl/built/include -DCMAKE_LIBRARY_PATH=/path/to/openssl/built/lib
```
On 64 bit platforms, the library path might be different (mind the "64" at the
very end!):
``` shell
$ cmake -DSUPPORT_DTLS=YES -DCMAKE_INCLUDE_PATH=/path/to/openssl/built/include -DCMAKE_LIBRARY_PATH=/path/to/openssl/built/lib64
```
If you have previously built VERMONT with OpenSSL located in another
directory, you might need to manually remove the file CMakeCache.txt before
calling cmake.
### BUILDING WITH DTLS-OVER-SCTP SUPPORT
At the time of writing (July 2010), DTLS over SCTP can be used on FreeBSD only!