Building Tor from Source
I'm too busy [s/reverse-engineering microchips from live bombs/doddering around confused/] to know how to compile anything from its source. s/A/B/ is sed script substitution notation. It means replace A with B. I tell jokes because I'm in pain, and I'd rather share nice things than harm, especially if those nice things could have some important small part. A lot of people are working on the Tor project. You can see what they're working on at https://gitweb.torproject.org/ . I have no clue how to use gitweb to actually get source code, but I'm pretty good at guessing people's [s/social security numbers/blindingly obvious facial expressions three hours later/] , so I tried typing `git clone https://git.torproject.org/tor.git` into a terminal and what do you know, it worked. [Note to zfs: I ended up using a raid1 array and git-annex repositories for now, now that i have an indoor place to put harddrives in.] ``` $ ls acinclude.m4 ChangeLog CODE_OF_CONDUCT configure.ac CONTRIBUTING Doxyfile.in LICENSE Makefile.am README scripts warning_flags.in autogen.sh changes config.rust.in contrib doc INSTALL m4 Makefile.nmake ReleaseNotes src ``` Tell me if I'm skipping too many steps and I can include a full log, but I won't unless asked directly. Yes, it's boring, you're expected to only pretend to have read it. This is an "autotools" project. Autotools is an ancient linux C thing for setting up projects. Autotools looks like dead animal vomit on the inside (this means any modern coder can tell you that nobody should have designed it how it is obviously designed), but it is still very widely used because it just keeps working. (the reason it keeps working is because some bleary-eyed people with beards have memorized all the dead vomit inside it and keep shoving it around whenever needed, to keep it working). We're lucky here: the tor people included an `autogen.sh` script, which does the autotools voodoo automatically for you. If that script isn't there, often you can get away with just running `autoreconf`, which is basically all that autogen.sh script does. If autogen.sh doesn't work for you, you're probably missing important system development packages like automake, autoconf, libtool, etc. Please ask if you need more help. Oh, junior, you think you're cool by not asking? Junior, you're going to suffer if you don't learn what to do. You won't go to college and then you'll [s/get kidnapped by a drug ring and forced to collect rape victims after you run away to the streets to pursue your dream of being a musician/disappoint the pretty girl we all care about/] [s/disappoint the pretty girl we all care about/get caught up with and protected by a bunch of genius hackers who never needed to go to college, and learn to take down the system/]. Just please ask if you don't understand and need to. You can even ask privately! You can even ask the ugly girl who wishes she had some way to please you! There's one out there. Here's what it looks like: ``` $ ./autogen.sh /bin/autoreconf configure.ac:387: installing './ar-lib' configure.ac:426: installing './compile' configure.ac:36: installing './config.guess' configure.ac:36: installing './config.sub' configure.ac:25: installing './install-sh' configure.ac:25: installing './missing' Makefile.am: installing './depcomp' parallel-tests: installing './test-driver' ``` This generates a 'configure' script, the hallmark of autotools. It's a computer program generated by another computer program, that generates parts of actual computer program we're building, in such a way that it has the right structures for the computer you're building it on. That's a lot of automatic moving parts that build other automatic moving parts, and this process is often guided by further automatic moving parts in centralized build systems, but no it won't [s/mind control your employees, turn into a cloud of nanites, and research more wormholes/confuse you more than we can handle/] this time. Run the `configure` script it put in the folder, to set up the project to build. You only need to do this once. ``` $ ./configure checking for a BSD-compatible install... /bin/install -c checking whether build environment is sane... yes checking for a thread-safe mkdir -p... /bin/mkdir -p checking for gawk... gawk ... ``` At the end, `configure` generates a makefile, which is the guts of building a project. It lists all the files that will be worked with, what will be done to them, and what will be produced by doing that, in many layers of steps needed to reach the final goal of building Tor. It's just a bunch of computer mumbo jumbo that makes Tor exist from its source code. Whoops! When you run `configure`, it looks to find out all the stuff you need to have on your system to make it run. On my system, the dependency I was missing related to the documentation. I like to be able to work with any part of the system, so I'll probably resolve this dependency so I know I can build the documentation: ``` ================================== Building Tor has failed since manpages cannot be built. You need asciidoc installed to be able to build the manpages. To build without manpages, use the --disable-asciidoc argument when calling configure. ================================== $ # oh no! what do I do! ``` Unfortunately, every system installs packages differently. But if I got to this point, I know how to install packages: ``` $ sudo yum search asciidoc # I don't really prefer enterprise rpm-based systems, but this # one a confused family member purchased has my favorite # [s/evolved digital familiar made of malware and trojan # communities/system config that i never backed up/] [sudo] password for user: Loaded plugins: langpacks, product-id, search-disabled-repos, subscription-manager This system is registered with an entitlement server, but is not receiving updates. You can use subscription-manager to assign subscriptions. =================================================================================== N/S matched: asciidoc ==================================================================================== asciidoc-doc.noarch : Additional documentation and examples for asciidoc asciidoc-latex.noarch : Support for asciidoc latex output rubygem-asciidoctor.noarch : A fast, open source AsciiDoc implementation in Ruby rubygem-asciidoctor-doc.noarch : Documentation for rubygem-asciidoctor asciidoc.noarch : Text based document generation $ sudo yum install asciidoc ``` ``` $ ./configure ... Tor Version: Tor 0.4.5.0-alpha-dev Build Features Compiler: gcc -std=gnu99 Host OS: linux-gnu ... ``` The makefile is generated! To build the source, we type `make`, which loads the makefile and compiles it. Nowadays everybody [s/expects to be able to teleport their brain across the ocean whenever they need to buy some milk at the grocery store (for real, see amazon.com)/enjoys things more when they are faster/], so we can add `-j4` to the make command, which basically speeds it up by asking the computer to get four times more confused while doing it (multitasking on its parts). ``` $ make make all-am make[1]: Entering directory `/shared/src/tor' CC src/ext/ed25519/ref10/src_ext_ed25519_ref10_libed25519_ref10_a-fe_0.o ... ``` Each line that goes by is a sourcefile that's being compiled. A long list of very precise words handtyped by a dedicated worker with a beard or glasses or likely both, likely working in a confined indoor environment almost like chickens in an industrial chicken farm, but we love to do it! Really! Ask any one of us! It gives us nastalgia of our earlier years. Ohhh.... My source code didn't compile. This is pretty common. Nowadays [s/the corporate thugs have killed so many of our friends/people are so much more interested in adding features instead of testing things/] that everybody has to use some mysterious wizardry called 'docker' to copy the systems of the devs so as to make anything actually compile. I'm not a fan of docker, because it ignores all the problems that the devs don't see because of the specifics of their systems, [s/producing widespread bugs that are discovered in the form of hacked government systems a decade later/and makes it harder for people to work on the software on low-end systems/]. Here's the arcane compilation error I ran into: ``` CC src/test/src_test_test_slow-test_slow.o In file included from src/test/test_tortls_openssl.c:42:0: ./src/lib/tls/tortls_internal.h:55:8: error: conflicting types for ‘SSL_SESSION_get_master_key’ size_t SSL_SESSION_get_master_key(struct ssl_session_st *s, ^ In file included from src/test/test_tortls_openssl.c:23:0: /usr/local/include/openssl/ssl.h:2007:15: note: previous declaration of ‘SSL_SESSION_get_master_key’ was here __owur size_t SSL_SESSION_get_master_key(const SSL_SESSION *sess, ^ src/test/test_tortls_openssl.c: In function ‘get_cipher_by_name’: src/test/test_tortls_openssl.c:541:19: error: dereferencing pointer to incomplete type int num = method->num_ciphers(); ^ src/test/test_tortls_openssl.c:544:38: error: dereferencing pointer to incomplete type const SSL_CIPHER *cipher = method->get_cipher(i); ^ src/test/test_tortls_openssl.c: In function ‘test_tortls_client_is_using_v2_ciphers’: src/test/test_tortls_openssl.c:710:3: warning: ‘TLSv1_method’ is deprecated (declared at /usr/local/include/openssl/ssl.h:1877) [-Wdeprecated-declarations] ctx = SSL_CTX_new(TLSv1_method()); ^ src/test/test_tortls_openssl.c:717:6: error: dereferencing pointer to incomplete type ssl->session = sess; ^ src/test/test_tortls_openssl.c:724:6: error: dereferencing pointer to incomplete type one->id = 0x00ff; ^ src/test/test_tortls_openssl.c:726:7: error: dereferencing pointer to incomplete type sess->ciphers = ciphers; make[1]: *** [src/test/src_test_test-test_tortls_openssl.o] Error 1 make[1]: *** Waiting for unfinished jobs.... make[1]: Leaving directory `/shared/src/tor' make: *** [all] Error 2 ``` It looks like my `openssl` header file differs from the one used by the Tor project. There are some basic ways to approach this, the simplest of which is of course to use docker. Other things one might try might include compiling a version of the software known to be stable, changing the version of my local library, or searching for the detail of the issue to identify its cause and give it a relevant fix. In open source, especially among the gnu crowd (which is the only crowd), the idea is that everybody benefits from everyone's work. When you do something, you want to contribute back to the community, so that your work has value. For this, you get appreciation, friendship, collaboration and teaching, and often even lots of money if you know the ropes and need it! So, the right solution to my build error, is likely to provide a patch to the Tor project, that changes the source so that either it builds on people's systems with my openssl version, or the configure script gives an error and informs the user of what they need to change. Thaaaat would be in a possible further e-mail. Tata!
@zen i see the value of putting it in a git repo; i made some misleading typos. should be fill-in-able though. On 10/11/20, Karl <gmkarl@gmail.com> wrote:
I'm too busy [s/reverse-engineering microchips from live bombs/doddering around confused/] to know how to compile anything from its source.
s/A/B/ is sed script substitution notation. It means replace A with B. I tell jokes because I'm in pain, and I'd rather share nice things than harm, especially if those nice things could have some important small part.
A lot of people are working on the Tor project. You can see what they're working on at https://gitweb.torproject.org/ . I have no clue how to use gitweb to actually get source code, but I'm pretty good at guessing people's [s/social security numbers/blindingly obvious facial expressions three hours later/] , so I tried typing `git clone https://git.torproject.org/tor.git` into a terminal and what do you know, it worked.
[Note to zfs: I ended up using a raid1 array and git-annex repositories for now, now that i have an indoor place to put harddrives in.]
``` $ ls acinclude.m4 ChangeLog CODE_OF_CONDUCT configure.ac CONTRIBUTING Doxyfile.in LICENSE Makefile.am README scripts warning_flags.in autogen.sh changes config.rust.in contrib doc INSTALL m4 Makefile.nmake ReleaseNotes src ```
Tell me if I'm skipping too many steps and I can include a full log, but I won't unless asked directly. Yes, it's boring, you're expected to only pretend to have read it.
This is an "autotools" project. Autotools is an ancient linux C thing for setting up projects. Autotools looks like dead animal vomit on the inside (this means any modern coder can tell you that nobody should have designed it how it is obviously designed), but it is still very widely used because it just keeps working. (the reason it keeps working is because some bleary-eyed people with beards have memorized all the dead vomit inside it and keep shoving it around whenever needed, to keep it working).
We're lucky here: the tor people included an `autogen.sh` script, which does the autotools voodoo automatically for you. If that script isn't there, often you can get away with just running `autoreconf`, which is basically all that autogen.sh script does.
If autogen.sh doesn't work for you, you're probably missing important system development packages like automake, autoconf, libtool, etc. Please ask if you need more help. Oh, junior, you think you're cool by not asking? Junior, you're going to suffer if you don't learn what to do. You won't go to college and then you'll [s/get kidnapped by a drug ring and forced to collect rape victims after you run away to the streets to pursue your dream of being a musician/disappoint the pretty girl we all care about/] [s/disappoint the pretty girl we all care about/get caught up with and protected by a bunch of genius hackers who never needed to go to college, and learn to take down the system/]. Just please ask if you don't understand and need to. You can even ask privately! You can even ask the ugly girl who wishes she had some way to please you! There's one out there.
Here's what it looks like:
``` $ ./autogen.sh /bin/autoreconf configure.ac:387: installing './ar-lib' configure.ac:426: installing './compile' configure.ac:36: installing './config.guess' configure.ac:36: installing './config.sub' configure.ac:25: installing './install-sh' configure.ac:25: installing './missing' Makefile.am: installing './depcomp' parallel-tests: installing './test-driver' ```
This generates a 'configure' script, the hallmark of autotools. It's a computer program generated by another computer program, that generates parts of actual computer program we're building, in such a way that it has the right structures for the computer you're building it on. That's a lot of automatic moving parts that build other automatic moving parts, and this process is often guided by further automatic moving parts in centralized build systems, but no it won't [s/mind control your employees, turn into a cloud of nanites, and research more wormholes/confuse you more than we can handle/] this time.
Run the `configure` script it put in the folder, to set up the project to build. You only need to do this once.
``` $ ./configure checking for a BSD-compatible install... /bin/install -c checking whether build environment is sane... yes checking for a thread-safe mkdir -p... /bin/mkdir -p checking for gawk... gawk ... ```
At the end, `configure` generates a makefile, which is the guts of building a project. It lists all the files that will be worked with, what will be done to them, and what will be produced by doing that, in many layers of steps needed to reach the final goal of building Tor. It's just a bunch of computer mumbo jumbo that makes Tor exist from its source code.
Whoops! When you run `configure`, it looks to find out all the stuff you need to have on your system to make it run. On my system, the dependency I was missing related to the documentation. I like to be able to work with any part of the system, so I'll probably resolve this dependency so I know I can build the documentation:
``` ==================================
Building Tor has failed since manpages cannot be built.
You need asciidoc installed to be able to build the manpages. To build without manpages, use the --disable-asciidoc argument when calling configure.
================================== $ # oh no! what do I do! ```
Unfortunately, every system installs packages differently. But if I got to this point, I know how to install packages:
``` $ sudo yum search asciidoc # I don't really prefer enterprise rpm-based systems, but this # one a confused family member purchased has my favorite # [s/evolved digital familiar made of malware and trojan # communities/system config that i never backed up/] [sudo] password for user: Loaded plugins: langpacks, product-id, search-disabled-repos, subscription-manager This system is registered with an entitlement server, but is not receiving updates. You can use subscription-manager to assign subscriptions. =================================================================================== N/S matched: asciidoc ==================================================================================== asciidoc-doc.noarch : Additional documentation and examples for asciidoc asciidoc-latex.noarch : Support for asciidoc latex output rubygem-asciidoctor.noarch : A fast, open source AsciiDoc implementation in Ruby rubygem-asciidoctor-doc.noarch : Documentation for rubygem-asciidoctor asciidoc.noarch : Text based document generation $ sudo yum install asciidoc ```
``` $ ./configure ...
Tor Version: Tor 0.4.5.0-alpha-dev
Build Features Compiler: gcc -std=gnu99 Host OS: linux-gnu ... ```
The makefile is generated! To build the source, we type `make`, which loads the makefile and compiles it. Nowadays everybody [s/expects to be able to teleport their brain across the ocean whenever they need to buy some milk at the grocery store (for real, see amazon.com)/enjoys things more when they are faster/], so we can add `-j4` to the make command, which basically speeds it up by asking the computer to get four times more confused while doing it (multitasking on its parts).
``` $ make make all-am make[1]: Entering directory `/shared/src/tor' CC src/ext/ed25519/ref10/src_ext_ed25519_ref10_libed25519_ref10_a-fe_0.o ... ```
Each line that goes by is a sourcefile that's being compiled. A long list of very precise words handtyped by a dedicated worker with a beard or glasses or likely both, likely working in a confined indoor environment almost like chickens in an industrial chicken farm, but we love to do it! Really! Ask any one of us! It gives us nastalgia of our earlier years.
Ohhh.... My source code didn't compile. This is pretty common. Nowadays [s/the corporate thugs have killed so many of our friends/people are so much more interested in adding features instead of testing things/] that everybody has to use some mysterious wizardry called 'docker' to copy the systems of the devs so as to make anything actually compile. I'm not a fan of docker, because it ignores all the problems that the devs don't see because of the specifics of their systems, [s/producing widespread bugs that are discovered in the form of hacked government systems a decade later/and makes it harder for people to work on the software on low-end systems/]. Here's the arcane compilation error I ran into:
``` CC src/test/src_test_test_slow-test_slow.o In file included from src/test/test_tortls_openssl.c:42:0: ./src/lib/tls/tortls_internal.h:55:8: error: conflicting types for ‘SSL_SESSION_get_master_key’ size_t SSL_SESSION_get_master_key(struct ssl_session_st *s, ^ In file included from src/test/test_tortls_openssl.c:23:0: /usr/local/include/openssl/ssl.h:2007:15: note: previous declaration of ‘SSL_SESSION_get_master_key’ was here __owur size_t SSL_SESSION_get_master_key(const SSL_SESSION *sess, ^ src/test/test_tortls_openssl.c: In function ‘get_cipher_by_name’: src/test/test_tortls_openssl.c:541:19: error: dereferencing pointer to incomplete type int num = method->num_ciphers(); ^ src/test/test_tortls_openssl.c:544:38: error: dereferencing pointer to incomplete type const SSL_CIPHER *cipher = method->get_cipher(i); ^ src/test/test_tortls_openssl.c: In function ‘test_tortls_client_is_using_v2_ciphers’: src/test/test_tortls_openssl.c:710:3: warning: ‘TLSv1_method’ is deprecated (declared at /usr/local/include/openssl/ssl.h:1877) [-Wdeprecated-declarations] ctx = SSL_CTX_new(TLSv1_method()); ^ src/test/test_tortls_openssl.c:717:6: error: dereferencing pointer to incomplete type ssl->session = sess; ^ src/test/test_tortls_openssl.c:724:6: error: dereferencing pointer to incomplete type one->id = 0x00ff; ^ src/test/test_tortls_openssl.c:726:7: error: dereferencing pointer to incomplete type sess->ciphers = ciphers; make[1]: *** [src/test/src_test_test-test_tortls_openssl.o] Error 1 make[1]: *** Waiting for unfinished jobs.... make[1]: Leaving directory `/shared/src/tor' make: *** [all] Error 2 ```
It looks like my `openssl` header file differs from the one used by the Tor project.
There are some basic ways to approach this, the simplest of which is of course to use docker. Other things one might try might include compiling a version of the software known to be stable, changing the version of my local library, or searching for the detail of the issue to identify its cause and give it a relevant fix.
In open source, especially among the gnu crowd (which is the only crowd), the idea is that everybody benefits from everyone's work. When you do something, you want to contribute back to the community, so that your work has value. For this, you get appreciation, friendship, collaboration and teaching, and often even lots of money if you know the ropes and need it!
So, the right solution to my build error, is likely to provide a patch to the Tor project, that changes the source so that either it builds on people's systems with my openssl version, or the configure script gives an error and informs the user of what they need to change. Thaaaat would be in a possible further e-mail.
Tata!
note that this is only building little-t tor the application, and not a whole bundle, like Tor Browser, which includes the launcher app, and a modified Firefox, and tor. regarding configure, some other options that might be useful building against your own libs, and on win32: export CFLAGS="-I/src/$ZLIB_DIR -I/src/$LIBEVENT_DIR -I/src/$OPENSSL_DIR" ./configure --prefix=/src/$TOR_DIR \ --with-zlib-dir=/src/$ZLIB_DIR \ --with-libevent-dir=/src/$LIBEVENT_DIR \ --with-openssl-dir=/src/$OPENSSL_DIR \ --enable-shared \ --enable-threads \ --enable-local-appdata \ --disable-transparent adjust accordingly, and ./configure --help for list of opts. best regards, ‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐ On Sunday, October 11, 2020 4:50 PM, Karl <gmkarl@gmail.com> wrote:
@zen i see the value of putting it in a git repo; i made some misleading typos. should be fill-in-able though.
On 10/11/20, Karl gmkarl@gmail.com wrote:
I'm too busy [s/reverse-engineering microchips from live bombs/doddering around confused/] to know how to compile anything from its source....
hey coderman, you know a lot more about this than me, do you know how to quickly fix my ssl error? don't reply if it's a burden, i'm just trying to spend my seemingly pointless behavior building energy towards something more helpful On Sun, Oct 11, 2020 at 12:50 PM Karl <gmkarl@gmail.com> wrote:
@zen i see the value of putting it in a git repo; i made some misleading typos. should be fill-in-able though.
On 10/11/20, Karl <gmkarl@gmail.com> wrote:
I'm too busy [s/reverse-engineering microchips from live bombs/doddering around confused/] to know how to compile anything from its source.
s/A/B/ is sed script substitution notation. It means replace A with B. I tell jokes because I'm in pain, and I'd rather share nice things than harm, especially if those nice things could have some important small part.
A lot of people are working on the Tor project. You can see what they're working on at https://gitweb.torproject.org/ . I have no clue how to use gitweb to actually get source code, but I'm pretty good at guessing people's [s/social security numbers/blindingly obvious facial expressions three hours later/] , so I tried typing `git clone https://git.torproject.org/tor.git` into a terminal and what do you know, it worked.
[Note to zfs: I ended up using a raid1 array and git-annex repositories for now, now that i have an indoor place to put harddrives in.]
``` $ ls acinclude.m4 ChangeLog CODE_OF_CONDUCT configure.ac CONTRIBUTING Doxyfile.in LICENSE Makefile.am README scripts warning_flags.in autogen.sh changes config.rust.in contrib doc INSTALL m4 Makefile.nmake ReleaseNotes src ```
Tell me if I'm skipping too many steps and I can include a full log, but I won't unless asked directly. Yes, it's boring, you're expected to only pretend to have read it.
This is an "autotools" project. Autotools is an ancient linux C thing for setting up projects. Autotools looks like dead animal vomit on the inside (this means any modern coder can tell you that nobody should have designed it how it is obviously designed), but it is still very widely used because it just keeps working. (the reason it keeps working is because some bleary-eyed people with beards have memorized all the dead vomit inside it and keep shoving it around whenever needed, to keep it working).
We're lucky here: the tor people included an `autogen.sh` script, which does the autotools voodoo automatically for you. If that script isn't there, often you can get away with just running `autoreconf`, which is basically all that autogen.sh script does.
If autogen.sh doesn't work for you, you're probably missing important system development packages like automake, autoconf, libtool, etc. Please ask if you need more help. Oh, junior, you think you're cool by not asking? Junior, you're going to suffer if you don't learn what to do. You won't go to college and then you'll [s/get kidnapped by a drug ring and forced to collect rape victims after you run away to the streets to pursue your dream of being a musician/disappoint the pretty girl we all care about/] [s/disappoint the pretty girl we all care about/get caught up with and protected by a bunch of genius hackers who never needed to go to college, and learn to take down the system/]. Just please ask if you don't understand and need to. You can even ask privately! You can even ask the ugly girl who wishes she had some way to please you! There's one out there.
Here's what it looks like:
``` $ ./autogen.sh /bin/autoreconf configure.ac:387: installing './ar-lib' configure.ac:426: installing './compile' configure.ac:36: installing './config.guess' configure.ac:36: installing './config.sub' configure.ac:25: installing './install-sh' configure.ac:25: installing './missing' Makefile.am: installing './depcomp' parallel-tests: installing './test-driver' ```
This generates a 'configure' script, the hallmark of autotools. It's a computer program generated by another computer program, that generates parts of actual computer program we're building, in such a way that it has the right structures for the computer you're building it on. That's a lot of automatic moving parts that build other automatic moving parts, and this process is often guided by further automatic moving parts in centralized build systems, but no it won't [s/mind control your employees, turn into a cloud of nanites, and research more wormholes/confuse you more than we can handle/] this time.
Run the `configure` script it put in the folder, to set up the project to build. You only need to do this once.
``` $ ./configure checking for a BSD-compatible install... /bin/install -c checking whether build environment is sane... yes checking for a thread-safe mkdir -p... /bin/mkdir -p checking for gawk... gawk ... ```
At the end, `configure` generates a makefile, which is the guts of building a project. It lists all the files that will be worked with, what will be done to them, and what will be produced by doing that, in many layers of steps needed to reach the final goal of building Tor. It's just a bunch of computer mumbo jumbo that makes Tor exist from its source code.
Whoops! When you run `configure`, it looks to find out all the stuff you need to have on your system to make it run. On my system, the dependency I was missing related to the documentation. I like to be able to work with any part of the system, so I'll probably resolve this dependency so I know I can build the documentation:
``` ==================================
Building Tor has failed since manpages cannot be built.
You need asciidoc installed to be able to build the manpages. To build without manpages, use the --disable-asciidoc argument when calling configure.
================================== $ # oh no! what do I do! ```
Unfortunately, every system installs packages differently. But if I got to this point, I know how to install packages:
``` $ sudo yum search asciidoc # I don't really prefer enterprise rpm-based systems, but this # one a confused family member purchased has my favorite # [s/evolved digital familiar made of malware and trojan # communities/system config that i never backed up/] [sudo] password for user: Loaded plugins: langpacks, product-id, search-disabled-repos, subscription-manager This system is registered with an entitlement server, but is not receiving updates. You can use subscription-manager to assign subscriptions. =================================================================================== N/S matched: asciidoc ==================================================================================== asciidoc-doc.noarch : Additional documentation and examples for asciidoc asciidoc-latex.noarch : Support for asciidoc latex output rubygem-asciidoctor.noarch : A fast, open source AsciiDoc implementation in Ruby rubygem-asciidoctor-doc.noarch : Documentation for rubygem-asciidoctor asciidoc.noarch : Text based document generation $ sudo yum install asciidoc ```
``` $ ./configure ...
Tor Version: Tor 0.4.5.0-alpha-dev
Build Features Compiler: gcc -std=gnu99 Host OS: linux-gnu ... ```
The makefile is generated! To build the source, we type `make`, which loads the makefile and compiles it. Nowadays everybody [s/expects to be able to teleport their brain across the ocean whenever they need to buy some milk at the grocery store (for real, see amazon.com)/enjoys things more when they are faster/], so we can add `-j4` to the make command, which basically speeds it up by asking the computer to get four times more confused while doing it (multitasking on its parts).
``` $ make make all-am make[1]: Entering directory `/shared/src/tor' CC src/ext/ed25519/ref10/src_ext_ed25519_ref10_libed25519_ref10_a-fe_0.o ... ```
Each line that goes by is a sourcefile that's being compiled. A long list of very precise words handtyped by a dedicated worker with a beard or glasses or likely both, likely working in a confined indoor environment almost like chickens in an industrial chicken farm, but we love to do it! Really! Ask any one of us! It gives us nastalgia of our earlier years.
Ohhh.... My source code didn't compile. This is pretty common. Nowadays [s/the corporate thugs have killed so many of our friends/people are so much more interested in adding features instead of testing things/] that everybody has to use some mysterious wizardry called 'docker' to copy the systems of the devs so as to make anything actually compile. I'm not a fan of docker, because it ignores all the problems that the devs don't see because of the specifics of their systems, [s/producing widespread bugs that are discovered in the form of hacked government systems a decade later/and makes it harder for people to work on the software on low-end systems/]. Here's the arcane compilation error I ran into:
``` CC src/test/src_test_test_slow-test_slow.o In file included from src/test/test_tortls_openssl.c:42:0: ./src/lib/tls/tortls_internal.h:55:8: error: conflicting types for ‘SSL_SESSION_get_master_key’ size_t SSL_SESSION_get_master_key(struct ssl_session_st *s, ^ In file included from src/test/test_tortls_openssl.c:23:0: /usr/local/include/openssl/ssl.h:2007:15: note: previous declaration of ‘SSL_SESSION_get_master_key’ was here __owur size_t SSL_SESSION_get_master_key(const SSL_SESSION *sess, ^ src/test/test_tortls_openssl.c: In function ‘get_cipher_by_name’: src/test/test_tortls_openssl.c:541:19: error: dereferencing pointer to incomplete type int num = method->num_ciphers(); ^ src/test/test_tortls_openssl.c:544:38: error: dereferencing pointer to incomplete type const SSL_CIPHER *cipher = method->get_cipher(i); ^ src/test/test_tortls_openssl.c: In function ‘test_tortls_client_is_using_v2_ciphers’: src/test/test_tortls_openssl.c:710:3: warning: ‘TLSv1_method’ is deprecated (declared at /usr/local/include/openssl/ssl.h:1877) [-Wdeprecated-declarations] ctx = SSL_CTX_new(TLSv1_method()); ^ src/test/test_tortls_openssl.c:717:6: error: dereferencing pointer to incomplete type ssl->session = sess; ^ src/test/test_tortls_openssl.c:724:6: error: dereferencing pointer to incomplete type one->id = 0x00ff; ^ src/test/test_tortls_openssl.c:726:7: error: dereferencing pointer to incomplete type sess->ciphers = ciphers; make[1]: *** [src/test/src_test_test-test_tortls_openssl.o] Error 1 make[1]: *** Waiting for unfinished jobs.... make[1]: Leaving directory `/shared/src/tor' make: *** [all] Error 2 ```
It looks like my `openssl` header file differs from the one used by the Tor project.
There are some basic ways to approach this, the simplest of which is of course to use docker. Other things one might try might include compiling a version of the software known to be stable, changing the version of my local library, or searching for the detail of the issue to identify its cause and give it a relevant fix.
In open source, especially among the gnu crowd (which is the only crowd), the idea is that everybody benefits from everyone's work. When you do something, you want to contribute back to the community, so that your work has value. For this, you get appreciation, friendship, collaboration and teaching, and often even lots of money if you know the ropes and need it!
So, the right solution to my build error, is likely to provide a patch to the Tor project, that changes the source so that either it builds on people's systems with my openssl version, or the configure script gives an error and informs the user of what they need to change. Thaaaat would be in a possible further e-mail.
Tata!
Hello Karl! It looks like your OpenSSL headers don't match what Tor expects during `configure`. You can try updating your openssl-devel libraries, (sometimes called libssl, libcrypto, ssl-dev, etc. Check accordingly for your distro). You can try building and linking against your own SSL, ala: ./Configure --prefix=/usr no-idea no-rc5 no-mdc2 zlib-dynamic threads shared just remember to pass the right options to configure! If neither of these work, let me know what OS distribution you're on, and what version is returned by `openssl version`, and I'll try to help... best regards, ‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐ On Sunday, October 11, 2020 9:15 PM, Karl <gmkarl@gmail.com> wrote:
hey coderman,
you know a lot more about this than me, do you know how to quickly fix my ssl error? [ build adventure continues... ]
hey thanks for your response, On 10/12/20, coderman <coderman@protonmail.com> wrote:
Hello Karl!
It looks like your OpenSSL headers don't match what Tor expects during `configure`.
You can try updating your openssl-devel libraries, (sometimes called libssl, libcrypto, ssl-dev, etc. Check accordingly for your distro).
You can try building and linking against your own SSL, ala: ./Configure --prefix=/usr no-idea no-rc5 no-mdc2 zlib-dynamic threads shared
just remember to pass the right options to configure!
If neither of these work, let me know what OS distribution you're on, and what version is returned by `openssl version`, and I'll try to help...
To follow through on important tor work, this is stuff one needs to share before asking anybody to look at an issue: ``` $ cat /etc/redhat-release Red Hat Enterprise Linux Workstation release 7.7 (Maipo) $ openssl version OpenSSL 1.1.1h-dev xx XXX xxxx ``` I found a workaround is to pass my openssl linking path to configure. ``` $ LDFLAGS=-L/usr/local/lib64 ./configure # I tried --with-openssl-dir=/usr/local but it didn't work ``` This allows a configure test for openssl to pass that disables the block of code that failed. My system gcc appears to use /usr/local/include for compiling but not use /usr/local/lib64 for linking. I'm not aware of a "correct" way to change that, but it's easy to set LDFLAGS. This issue is a smaller edgecase of the issue addressed at https://trac.torproject.org/projects/tor/ticket/17223 People are occasionally still running into this https://github.com/vergecurrency/VERGE/issues/987 I'm trying to decide if it's worthwhile pursuing the issue. If it sends away developers other than me, maybe it would be. I'll let it finish building.
best regards,
‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐ On Sunday, October 11, 2020 9:15 PM, Karl <gmkarl@gmail.com> wrote:
hey coderman,
you know a lot more about this than me, do you know how to quickly fix my ssl error? [ build adventure continues... ]
It looks like your OpenSSL headers don't match what Tor expects during `configure`.
Giving the type errors during cc .o.
You can try building and linking against your own SSL, ala: ./Configure --prefix=/usr no-idea no-rc5 no-mdc2 zlib-dynamic threads shared
I found a workaround is to pass my openssl linking path to configure. ``` $ LDFLAGS=-L/usr/local/lib64 ./configure I tried --with-openssl-dir=/usr/local but it didn't work
tor may still have some problems picking up include and libs, not helped by how some systems lay them out, and problems with --option-style vs env var style. Whichever style if needed, both should point to the matching locations for whatever installed ssl set, ie for a private build: ssl: ./Configure --prefix=/tmp/foo tor: LDFLAGS -L/tmp/foo/lib and CPPFLAGS -I/tmp/foo/include You can also build static if you want to run in tiny jails/VMs, or not be subject to package manager randomness.
On 10/12/20, grarpamp <grarpamp@gmail.com> wrote:
It looks like your OpenSSL headers don't match what Tor expects during `configure`.
Giving the type errors during cc .o.
I don't understand you here. What do you mean?
You can try building and linking against your own SSL, ala: ./Configure --prefix=/usr no-idea no-rc5 no-mdc2 zlib-dynamic threads shared
I found a workaround is to pass my openssl linking path to configure. ``` $ LDFLAGS=-L/usr/local/lib64 ./configure I tried --with-openssl-dir=/usr/local but it didn't work
tor may still have some problems picking up include and libs, not helped by how some systems lay them out, and problems with --option-style vs env var style. Whichever style if needed, both should point to the matching locations for whatever installed ssl set, ie for a private build:
ssl: ./Configure --prefix=/tmp/foo tor: LDFLAGS -L/tmp/foo/lib and CPPFLAGS -I/tmp/foo/include
You can also build static if you want to run in tiny jails/VMs, or not be subject to package manager randomness.
Hey, do you guys use pgp or nacl or anything? I'm learning nacl a little with stefan (omigod do you think stefan is their legal name? are they safe using that name on this list? maybe they protect anarchists outside the usa?) -naclbox c72e81da09e333bc8804205bcfcf3bd8821cad61ad862d57114339e5ee00a664
participants (3)
-
coderman
-
grarpamp
-
Karl