Skip to content

Comments

Enable OpenSSL compiling in Linux#2

Open
aberenguel wants to merge 1 commit intosepinf-inc:4.12.0_iped_patchfrom
aberenguel:4.12.0_iped_patch
Open

Enable OpenSSL compiling in Linux#2
aberenguel wants to merge 1 commit intosepinf-inc:4.12.0_iped_patchfrom
aberenguel:4.12.0_iped_patch

Conversation

@aberenguel
Copy link

@aberenguel aberenguel commented Aug 29, 2023
edited
Loading

Related to sleuthkit#2862 (comment)

In order to compile APFS decryption code, the flag HAVE_LIBOPENSSL must be defined. However, even after running ./configure and the output shows the output bellow and the flag is not defined.

Building:
   openssl support:                       yes

   afflib support:                        yes
   libewf support:                        yes
   zlib support:                          yes

   libbfio support:                       yes
   libvhdi support:                       yes
   libvmdk support:                       yes
   libvslvm support:                      yes
Features:
   Java/JNI support:                      yes
   Multithreading:                        yes

After run autoheader command, the flag HAVE_LIBOPENSSL came back to tsk_config.h.in. So the APFS decryption code was compiled.

PS: Using Ubuntu 22.04.

Btw, Ubuntu 22.04 has OpenSSL 3.0. So in order to avoid deprecated errors in compilation, the configure must be run with:

./configure CXXFLAGS="-Wno-error=deprecated-declarations"

@lfcnassif
Copy link
Member

lfcnassif commented Aug 30, 2023

Thank you @aberenguel!

@arisjr I wonder if APFS encryption support works on your environment without this, does it?

@arisjr
Copy link

arisjr commented Aug 30, 2023
edited
Loading

The patch I made should add HAVE_LIBOPENSSL if it has the dev libs test passed. I made a pull on tsk also https://github.com/sleuthkit/sleuthkit/pull/2781/files that shows the change, but this PR was closed after because I needed to remove the sleuthkit fork from my account.

The patch was tested by the issue creator and others and worked at the time, but I didn't test on all environments.

The patch I made was to be used with openssl 1.1x, the lib version that was tested when APFS support was made by the author (that has not being changed since then). I must say that using openssl 3 is somehow not tested.

On the ipeddocker, even using Ubuntu 22.04 as a base system, we made a "hack" to use Ubuntu 20.04 openssl 1.1 dev libs for compiling with the APFS support.

@arisjr
Copy link

arisjr commented Aug 30, 2023

I must allocate some time to look it closely anyway. I'll take a look at the end of the day.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@aberenguel @lfcnassif @arisjr