Comments (40)
在编译包中有patches文件夹,把补丁放进去即可。
from helloworld.
那个请教一下,官方nftable的话要特别配置才能用吗?
from helloworld.
一周前编译还一点问题没有。今天拉取了最新的源码报错“shadowsocks-libev failed to build”,信息如下: 2024-05-01T04:33:34.2150424Z checking whether make sets
$(MAKE)... (cached) yes 2024-05-01T04:33:34.2272966Z checking for thread local storage (TLS) class... __thread 2024-05-01T04:33:34.2813498Z checking for mbedtls_cipher_setup in -lmbedcrypto... yes 2024-05-01T04:33:34.2962204Z configure: error: MBEDTLS_CIPHER_MODE_CFB required 2024-05-01T04:33:34.3306893Z make[3]: *** [Makefile:130: /workdir/openwrt/build_dir/target-x86_64_musl/shadowsocks-libev-3.3.5/.configured_68b329da9893e34099c7d8ad5cb9c940] Error 1 2024-05-01T04:33:34.3308493Z checking whether mbedtls supports Cipher Feedback mode or not... make[3]: Leaving directory '/workdir/openwrt/feeds/packages/net/shadowsocks-libev' 2024-05-01T04:33:34.3316655Z time: package/feeds/packages/shadowsocks-libev/compile#13.88#1.17#15.79 2024-05-01T04:33:34.3319930Z ERROR: package/feeds/packages/shadowsocks-libev failed to build. 2024-05-01T04:33:34.3323491Z make[2]: *** [package/Makefile:129: package/feeds/packages/shadowsocks-libev/compile] Error 1 2024-05-01T04:33:34.3329302Z make[2]: Leaving directory '/workdir/openwrt' 2024-05-01T04:33:34.3335820Z make[1]: *** [package/Makefile:123: /workdir/openwrt/staging_dir/target-x86_64_musl/stamp/.package_compile] Error 2 2024-05-01T04:33:34.3341011Z make[1]: Leaving directory '/workdir/openwrt' 2024-05-01T04:33:34.3349834Z make: *** [/workdir/openwrt/include/toplevel.mk:233: world] Error 22024-05-01T04:33:34.2150424Z checking whether make sets $ (MAKE)... (cached) yes 2024-05-01T04:33:34.2272966Z checking for thread local storage (TLS) class... __thread 2024-05-01T04:33:34.2813498Z checking for mbedtls_cipher_setup in -lmbedcrypto... yes 2024-05-01T04:33:34.2962204Z configure: error: MBEDTLS_CIPHER_MODE_CFB required 2024-05-01T04:33:34.3306893Z make[3]: *** [Makefile:130: /workdir/openwrt/build_dir/target-x86_64_musl/shadowsocks-libev-3.3.5/.configured_68b329da9893e34099c7d8ad5cb9c940] Error 1 2024-05-01T04:33:34.3308493Z checking whether mbedtls supports Cipher Feedback mode or not... make[3]: Leaving directory '/workdir/openwrt/feeds/packages/net/shadowsocks-libev' 2024-05-01T04:33:34.3316655Z time: package/feeds/packages/shadowsocks-libev/compile#13.88#1.17#15.79 2024-05-01T04:33:34.3319930Z ERROR: package/feeds/packages/shadowsocks-libev failed to build. 2024-05-01T04:33:34.3323491Z make[2]: *** [package/Makefile:129: package/feeds/packages/shadowsocks-libev/compile] Error 1 2024-05-01T04:33:34.3329302Z make[2]: Leaving directory '/workdir/openwrt' 2024-05-01T04:33:34.3335820Z make[1]: *** [package/Makefile:123: /workdir/openwrt/staging_dir/target-x86_64_musl/stamp/.package_compile] Error 2 2024-05-01T04:33:34.3341011Z make[1]: Leaving directory '/workdir/openwrt' 2024-05-01T04:33:34.3349834Z make: *** [/workdir/openwrt/include/toplevel.mk:233: world] Error 2.config没有变过
我也出一样的问题了,解决了的话说一下怎么解决的。
from helloworld.
make[3] -C package/utils/f2fs-tools compile
ERROR: package/feeds/packages/shadowsocks-libev failed to build.
make[3] -C package/utils/f2fs-tools compile
make -r world: build failed. Please re-run make with -j1 V=s or V=sc for a higher verbosity level to see what's going on
make: *** [/workdir/openwrt/include/toplevel.mk:233: world] Error 1
报错
from helloworld.
configure: error: MBEDTLS_CIPHER_MODE_CFB required
make[3]: *** [Makefile:130: /workdir/openwrt/build_dir/target-arm_cortex-a5+neon-vfpv4_musl_eabi/shadowsocks-libev-3.3.5/.configured_68b329da9893e34099c7d8ad5cb9c940] Error 1
checking whether mbedtls supports Cipher Feedback mode or not... make[3]: Leaving directory '/workdir/openwrt/feeds/packages/net/shadowsocks-libev'
time: package/feeds/packages/shadowsocks-libev/compile#13.92#0.54#15.27
ERROR: package/feeds/packages/shadowsocks-libev failed to build.
make[2]: *** [package/Makefile:129: package/feeds/packages/shadowsocks-libev/compile] Error 1
make[2]: Leaving directory '/workdir/openwrt'
make[1]: *** [package/Makefile:123: /workdir/openwrt/staging_dir/target-arm_cortex-a5+neon-vfpv4_musl_eabi/stamp/.package_compile] Error 2
make[1]: Leaving directory '/workdir/openwrt'
make: *** [/workdir/openwrt/include/toplevel.mk:233: world] Error 2
from helloworld.
官方master分支?
from helloworld.
官方master分支?
/immortalwrt/immortalwrt
from helloworld.
/immortalwrt/immortalwrt
看报错提示,你配置一下MBEDTLS_CIPHER_MODE_CFB=y
试试。。。。貌似是要有这个依赖。
from helloworld.
官方master分支?
是的 我用的是官方master
from helloworld.
@Aggrandiz 配置了MBEDTLS_CIPHER_MODE_CFB=y
问题解决了吗?
from helloworld.
是的 我用的是官方master
配置一下MBEDTLS_CIPHER_MODE_CFB=y
试试。。。。貌似是要有这个依赖,问题引起的是mbedtls更新到3.6.0版本。
from helloworld.
/immortalwrt/immortalwrt
看报错提示,你配置一下
MBEDTLS_CIPHER_MODE_CFB=y
试试。。。。貌似是要有这个依赖。
谢谢我试试
from helloworld.
@Aggrandiz 配置了
MBEDTLS_CIPHER_MODE_CFB=y
问题解决了吗?
明天搞
from helloworld.
谢谢我试试
如果不行,把Makefile
里的:
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://github.com/shadowsocks/shadowsocks-libev/releases/download/v$(PKG_VERSION)
PKG_HASH:=cfc8eded35360f4b67e18dc447b0c00cddb29cc57a3cec48b135e5fb87433488
```
**改成:**
```
PKG_SOURCE_PROTO:=git
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://github.com/shadowsocks/shadowsocks-libev.git
PKG_SOURCE_VERSION:=d83ace0f0d9c05656c13d66aa4a449bf70143254
PKG_MIRROR_HASH:=fdcd84cadd5b0b9162b2e81c4ce8e135d944e735a8c5bb79d349627df6ca76c2
试试!
from helloworld.
@copycodetest 可以了吗?
from helloworld.
checking whether ln -s works... yes
checking whether make sets $(MAKE)... (cached) yes
checking for thread local storage (TLS) class... __thread
checking for mbedtls_cipher_setup in -lmbedcrypto... yes
checking whether mbedtls supports Cipher Feedback mode or not... configure: error: MBEDTLS_CIPHER_MODE_CFB required
make[3]: *** [Makefile:130: /home/udb/openwrt/build_dir/target-x86_64_musl/shadowsocks-libev-3.3.5/.configured_68b329da9893e34099c7d8ad5cb9c940] Error 1
make[3]: Leaving directory '/home/udb/openwrt/feeds/packages/net/shadowsocks-libev'
time: package/feeds/packages/shadowsocks-libev/compile#8.19#2.29#11.09
ERROR: package/feeds/packages/shadowsocks-libev failed to build.
make[2]: *** [package/Makefile:129: package/feeds/packages/shadowsocks-libev/compile] Error 1
make[2]: Leaving directory '/home/udb/openwrt'
make[1]: *** [package/Makefile:123: /home/udb/openwrt/staging_dir/target-x86_64_musl/stamp/.package_compile] Error 2
make[1]: Leaving directory '/home/udb/openwrt'
make: *** [/home/udb/openwrt/include/toplevel.mk:233:world] 错误 2
from helloworld.
谢谢我试试
如果不行,把
Makefile
里的:PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=https://github.com/shadowsocks/shadowsocks-libev/releases/download/v$(PKG_VERSION) PKG_HASH:=cfc8eded35360f4b67e18dc447b0c00cddb29cc57a3cec48b135e5fb87433488
改成:
PKG_SOURCE_PROTO:=git PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=https://github.com/shadowsocks/shadowsocks-libev.git PKG_SOURCE_VERSION:=d83ace0f0d9c05656c13d66aa4a449bf70143254 PKG_MIRROR_HASH:=fdcd84cadd5b0b9162b2e81c4ce8e135d944e735a8c5bb79d349627df6ca76c2
试试!
make[3]: *** [Makefile:132: /home/udb/openwrt/build_dir/target-x86_64_musl/shadowsocks-libev-3.3.5/.configured_68b329da9893e34099c7d8ad5cb9c940] Error 1
make[3]: Leaving directory '/home/udb/openwrt/feeds/packages/net/shadowsocks-libev'
time: package/feeds/packages/shadowsocks-libev/compile#11.22#3.41#24.41
ERROR: package/feeds/packages/shadowsocks-libev failed to build.
make[2]: *** [package/Makefile:129: package/feeds/packages/shadowsocks-libev/compile] Error 1
make[2]: Leaving directory '/home/udb/openwrt'
make[1]: *** [package/Makefile:123: /home/udb/openwrt/staging_dir/target-x86_64_musl/stamp/.package_compile] Error 2
make[1]: Leaving directory '/home/udb/openwrt'
make: *** [/home/udb/openwrt/include/toplevel.mk:233:world] 错误 2
from helloworld.
mbedtls 降低版本即可
from helloworld.
mbedtls 降低版本即可
你好,请问下具体该如何降低版本?
from helloworld.
你好,请问下具体该如何降低版本?
官方3.60版本取消了mbedtls_aead_cipher_decrypt
和mbedtls_cipher_auth_encrypt
导致!
from helloworld.
打了下面的补丁:
diff --git a/m4/mbedtls.m4 b/m4/mbedtls.m4
index 2c478b9..e85be4b 100644
--- a/m4/mbedtls.m4
+++ b/m4/mbedtls.m4
@@ -31,7 +31,7 @@ AC_DEFUN([ss_MBEDTLS],
AC_COMPILE_IFELSE(
[AC_LANG_PROGRAM(
[[
-#include <mbedtls/config.h>
+#include <mbedtls/mbedtls_config.h>
]],
[[
#ifndef MBEDTLS_CIPHER_MODE_CFB
@@ -48,7 +48,7 @@ AC_DEFUN([ss_MBEDTLS],
AC_COMPILE_IFELSE(
[AC_LANG_PROGRAM(
[[
-#include <mbedtls/config.h>
+#include <mbedtls/mbedtls_config.h>
]],
[[
#ifndef MBEDTLS_ARC4_C
@@ -64,7 +64,7 @@ AC_DEFUN([ss_MBEDTLS],
AC_COMPILE_IFELSE(
[AC_LANG_PROGRAM(
[[
-#include <mbedtls/config.h>
+#include <mbedtls/mbedtls_config.h>
]],
[[
#ifndef MBEDTLS_BLOWFISH_C
@@ -80,7 +80,7 @@ AC_DEFUN([ss_MBEDTLS],
AC_COMPILE_IFELSE(
[AC_LANG_PROGRAM(
[[
-#include <mbedtls/config.h>
+#include <mbedtls/mbedtls_config.h>
]],
[[
#ifndef MBEDTLS_CAMELLIA_C
diff --git a/src/crypto.c b/src/crypto.c
index b44d867..3e76aff 100644
--- a/src/crypto.c
+++ b/src/crypto.c
@@ -104,7 +104,7 @@ crypto_md5(const unsigned char *d, size_t n, unsigned char *md)
md = m;
}
#if MBEDTLS_VERSION_NUMBER >= 0x02070000
- if (mbedtls_md5_ret(d, n, md) != 0)
+ if (mbedtls_md5(d, n, md) != 0)
FATAL("Failed to calculate MD5");
#else
mbedtls_md5(d, n, md);
--- a/src/aead.c
+++ b/src/aead.c
@@ -178,7 +178,7 @@ aead_cipher_encrypt(cipher_ctx_t *cipher_ctx,
case AES192GCM:
case AES128GCM:
- err = mbedtls_cipher_auth_encrypt(cipher_ctx->evp, n, nlen, ad, adlen,
+ err = mbedtls_cipher_auth_encrypt_ext(cipher_ctx->evp, n, nlen, ad, adlen,
m, mlen, c, clen, c + mlen, tlen);
*clen += tlen;
break;
@@ -226,7 +226,7 @@ aead_cipher_decrypt(cipher_ctx_t *cipher_ctx,
// Otherwise, just use the mbedTLS one with crappy AES-NI.
case AES192GCM:
case AES128GCM:
- err = mbedtls_cipher_auth_decrypt(cipher_ctx->evp, n, nlen, ad, adlen,
+ err = mbedtls_cipher_auth_decrypt_ext(cipher_ctx->evp, n, nlen, ad, adlen,
m, mlen - tlen, p, plen, m + mlen - tlen, tlen);
break;
case CHACHA20POLY1305IETF:
现在卡在这里了:
o './'`aead.c
aead.c: In function 'aead_cipher_encrypt':
aead.c:182:55: error: passing argument 9 of 'mbedtls_cipher_auth_encrypt_ext' makes integer from pointer without a cast [-Werror=int-conversion]
182 | m, mlen, c, clen, c + mlen, tlen);
| ^~~~
| |
| size_t * {aka long unsigned int *}
In file included from crypto.h:43,
from aead.h:26,
from aead.c:39:
/home/lin/ax6-6.1/staging_dir/target-aarch64_cortex-a53_musl/usr/include/mbedtls/cipher.h:1110:67: note: expected 'size_t' {aka 'long unsigned int'} but argument is of type 'size_t *' {aka 'long unsigned int *'}
1110 | unsigned char *output, size_t output_len,
| ~~~~~~~^~~~~~~~~~
aead.c:182:63: error: passing argument 10 of 'mbedtls_cipher_auth_encrypt_ext' from incompatible pointer type [-Werror=incompatible-pointer-types]
182 | m, mlen, c, clen, c + mlen, tlen);
| ~~^~~~~~
| |
| uint8_t * {aka unsigned char *}
/home/lin/ax6-6.1/staging_dir/target-aarch64_cortex-a53_musl/usr/include/mbedtls/cipher.h:1111:45: note: expected 'size_t *' {aka 'long unsigned int *'} but argument is of type 'uint8_t *' {aka 'unsigned char *'}
1111 | size_t *olen, size_t tag_len);
| ~~~~~~~~^~~~
aead.c: In function 'aead_cipher_decrypt':
aead.c:230:62: error: passing argument 9 of 'mbedtls_cipher_auth_decrypt_ext' makes integer from pointer without a cast [-Werror=int-conversion]
230 | m, mlen - tlen, p, plen, m + mlen - tlen, tlen);
| ^~~~
| |
| size_t * {aka long unsigned int *}
/home/lin/ax6-6.1/staging_dir/target-aarch64_cortex-a53_musl/usr/include/mbedtls/cipher.h:1166:67: note: expected 'size_t' {aka 'long unsigned int'} but argument is of type 'size_t *' {aka 'long unsigned int *'}
1166 | unsigned char *output, size_t output_len,
| ~~~~~~~^~~~~~~~~~
aead.c:230:77: error: passing argument 10 of 'mbedtls_cipher_auth_decrypt_ext' from incompatible pointer type [-Werror=incompatible-pointer-types]
230 | m, mlen - tlen, p, plen, m + mlen - tlen, tlen);
| ~~~~~~~~~^~~~~~
| |
| uint8_t * {aka unsigned char *}
/home/lin/ax6-6.1/staging_dir/target-aarch64_cortex-a53_musl/usr/include/mbedtls/cipher.h:1167:45: note: expected 'size_t *' {aka 'long unsigned int *'} but argument is of type 'uint8_t *' {aka 'unsigned char *'}
1167 | size_t *olen, size_t tag_len);
| ~~~~~~~~^~~~
aead.c: In function 'aead_key_init':
aead.c:727:21: error: 'cipher_kt_t' {aka 'mbedtls_cipher_info_t'} has no member named 'base'
727 | cipher->info->base = NULL;
| ^~
aead.c:728:21: error: 'cipher_kt_t' {aka 'mbedtls_cipher_info_t'} has no member named 'key_bitlen'
728 | cipher->info->key_bitlen = supported_aead_ciphers_key_size[method] * 8;
| ^~
aead.c:729:21: error: 'cipher_kt_t' {aka 'mbedtls_cipher_info_t'} has no member named 'iv_size'
729 | cipher->info->iv_size = supported_aead_ciphers_nonce_size[method];
| ^~
cc1: all warnings being treated as errors
Makefile:1162: recipe for target 'ss_local-aead.o' failed
make[5]: *** [ss_local-aead.o] Error 1
make[5]: Leaving directory '/home/lin/ax6-6.1/build_dir/target-aarch64_cortex-a53_musl/shadowsocks-libev-3.3.5/src'
Makefile:490: recipe for target 'all-recursive' failed
make[4]: *** [all-recursive] Error 1
make[4]: Leaving directory '/home/lin/ax6-6.1/build_dir/target-aarch64_cortex-a53_musl/shadowsocks-libev-3.3.5'
Makefile:399: recipe for target 'all' failed
make[3]: *** [all] Error 2
from helloworld.
这个101-fix-mbedtls3.6-build.patch
补丁能编译通过,有谁测试一下是否可用?
--- a/m4/mbedtls.m4
+++ b/m4/mbedtls.m4
@@ -31,7 +31,7 @@ AC_DEFUN([ss_MBEDTLS],
AC_COMPILE_IFELSE(
[AC_LANG_PROGRAM(
[[
-#include <mbedtls/config.h>
+#include <mbedtls/mbedtls_config.h>
]],
[[
#ifndef MBEDTLS_CIPHER_MODE_CFB
@@ -48,7 +48,7 @@ AC_DEFUN([ss_MBEDTLS],
AC_COMPILE_IFELSE(
[AC_LANG_PROGRAM(
[[
-#include <mbedtls/config.h>
+#include <mbedtls/mbedtls_config.h>
]],
[[
#ifndef MBEDTLS_ARC4_C
@@ -64,7 +64,7 @@ AC_DEFUN([ss_MBEDTLS],
AC_COMPILE_IFELSE(
[AC_LANG_PROGRAM(
[[
-#include <mbedtls/config.h>
+#include <mbedtls/mbedtls_config.h>
]],
[[
#ifndef MBEDTLS_BLOWFISH_C
@@ -80,7 +80,7 @@ AC_DEFUN([ss_MBEDTLS],
AC_COMPILE_IFELSE(
[AC_LANG_PROGRAM(
[[
-#include <mbedtls/config.h>
+#include <mbedtls/mbedtls_config.h>
]],
[[
#ifndef MBEDTLS_CAMELLIA_C
--- a/src/crypto.c
+++ b/src/crypto.c
@@ -103,7 +103,7 @@ crypto_md5(const unsigned char *d, size_t n, unsigned char *md)
if (md == NULL) {
md = m;
}
-#if MBEDTLS_VERSION_NUMBER >= 0x02070000
+#if MBEDTLS_VERSION_NUMBER < 0x03000000 && MBEDTLS_VERSION_NUMBER >= 0x02070000
if (mbedtls_md5_ret(d, n, md) != 0)
FATAL("Failed to calculate MD5");
#else
--- a/src/aead.c
+++ b/src/aead.c
@@ -178,8 +178,8 @@ aead_cipher_encrypt(cipher_ctx_t *cipher_ctx,
case AES192GCM:
case AES128GCM:
- err = mbedtls_cipher_auth_encrypt(cipher_ctx->evp, n, nlen, ad, adlen,
- m, mlen, c, clen, c + mlen, tlen);
+ err = mbedtls_cipher_auth_encrypt_ext(cipher_ctx->evp, n, nlen, ad, adlen,
+ m, mlen, c, *clen, clen, tlen);
*clen += tlen;
break;
case CHACHA20POLY1305IETF:
@@ -226,8 +226,8 @@ aead_cipher_decrypt(cipher_ctx_t *cipher_ctx,
// Otherwise, just use the mbedTLS one with crappy AES-NI.
case AES192GCM:
case AES128GCM:
- err = mbedtls_cipher_auth_decrypt(cipher_ctx->evp, n, nlen, ad, adlen,
- m, mlen - tlen, p, plen, m + mlen - tlen, tlen);
+ err = mbedtls_cipher_auth_decrypt_ext(cipher_ctx->evp, n, nlen, ad, adlen,
+ m, mlen - tlen, p, *plen, plen - tlen, tlen);
break;
case CHACHA20POLY1305IETF:
err = crypto_aead_chacha20poly1305_ietf_decrypt(p, &long_plen, NULL, m, mlen,
@@ -724,9 +724,9 @@ aead_key_init(int method, const char
if (method >= CHACHA20POLY1305IETF) {
cipher_kt_t *cipher_info = (cipher_kt_t *)ss_malloc(sizeof(cipher_kt_t));
cipher->info = cipher_info;
- cipher->info->base = NULL;
- cipher->info->key_bitlen = supported_aead_ciphers_key_size[method] * 8;
- cipher->info->iv_size = supported_aead_ciphers_nonce_size[method];
+ cipher->info->private_base_idx = 0;
+ cipher->info->private_key_bitlen = supported_aead_ciphers_key_size[method] * 8;
+ cipher->info->private_iv_size = supported_aead_ciphers_nonce_size[method];
} else {
cipher->info = (cipher_kt_t *)aead_get_cipher_type(method);
}
--- a/src/stream.c
+++ b/src/stream.c
@@ -174,7 +174,7 @@ cipher_nonce_size(const cipher_t *cipher)
if (cipher == NULL) {
return 0;
}
- return cipher->info->iv_size;
+ return cipher->info->private_iv_size;
}
int
@@ -192,7 +192,7 @@ cipher_key_size(const cipher_t *cipher)
return 0;
}
/* From Version 1.2.7 released 2013-04-13 Default Blowfish keysize is now 128-bits */
- return cipher->info->key_bitlen / 8;
+ return cipher->info->private_key_bitlen / 8;
}
const cipher_kt_t *
@@ -645,9 +645,9 @@ stream_key_init(int method, const char
if (method == SALSA20 || method == CHACHA20 || method == CHACHA20IETF) {
cipher_kt_t *cipher_info = (cipher_kt_t *)ss_malloc(sizeof(cipher_kt_t));
cipher->info = cipher_info;
- cipher->info->base = NULL;
- cipher->info->key_bitlen = supported_stream_ciphers_key_size[method] * 8;
- cipher->info->iv_size = supported_stream_ciphers_nonce_size[method];
+ cipher->info->private_base_idx = 0;
+ cipher->info->private_key_bitlen = supported_stream_ciphers_key_size[method] * 8;
+ cipher->info->private_iv_size = supported_stream_ciphers_nonce_size[method];
} else {
cipher->info = (cipher_kt_t *)stream_get_cipher_type(method);
}
from helloworld.
降级的编译使用正常,
from helloworld.
降级的编译使用正常
这个补丁目的是测试不降级情况下是否可用。。。
from helloworld.
降级的编译使用正常
这个补丁目的是测试不降级情况下是否可用。。。
这个补丁要放在什么位置?
from helloworld.
编译不过,还是替换降价的好用,这么久了master也没修,都不用吗?
from helloworld.
编译不过,还是替换降价的好用,这么久了master也没修,都不用吗?
怎么可能编译不过,你肯定哪里错了!
from helloworld.
这个
101-fix-mbedtls3.6-build.patch
补丁能编译通过,有谁测试一下是否可用?--- a/m4/mbedtls.m4 +++ b/m4/mbedtls.m4 @@ -31,7 +31,7 @@ AC_DEFUN([ss_MBEDTLS], AC_COMPILE_IFELSE( [AC_LANG_PROGRAM( [[ -#include <mbedtls/config.h> +#include <mbedtls/mbedtls_config.h> ]], [[ #ifndef MBEDTLS_CIPHER_MODE_CFB @@ -48,7 +48,7 @@ AC_DEFUN([ss_MBEDTLS], AC_COMPILE_IFELSE( [AC_LANG_PROGRAM( [[ -#include <mbedtls/config.h> +#include <mbedtls/mbedtls_config.h> ]], [[ #ifndef MBEDTLS_ARC4_C @@ -64,7 +64,7 @@ AC_DEFUN([ss_MBEDTLS], AC_COMPILE_IFELSE( [AC_LANG_PROGRAM( [[ -#include <mbedtls/config.h> +#include <mbedtls/mbedtls_config.h> ]], [[ #ifndef MBEDTLS_BLOWFISH_C @@ -80,7 +80,7 @@ AC_DEFUN([ss_MBEDTLS], AC_COMPILE_IFELSE( [AC_LANG_PROGRAM( [[ -#include <mbedtls/config.h> +#include <mbedtls/mbedtls_config.h> ]], [[ #ifndef MBEDTLS_CAMELLIA_C --- a/src/crypto.c +++ b/src/crypto.c @@ -103,7 +103,7 @@ crypto_md5(const unsigned char *d, size_t n, unsigned char *md) if (md == NULL) { md = m; } -#if MBEDTLS_VERSION_NUMBER >= 0x02070000 +#if MBEDTLS_VERSION_NUMBER < 0x03000000 && MBEDTLS_VERSION_NUMBER >= 0x02070000 if (mbedtls_md5_ret(d, n, md) != 0) FATAL("Failed to calculate MD5"); #else --- a/src/aead.c +++ b/src/aead.c @@ -178,8 +178,8 @@ aead_cipher_encrypt(cipher_ctx_t *cipher_ctx, case AES192GCM: case AES128GCM: - err = mbedtls_cipher_auth_encrypt(cipher_ctx->evp, n, nlen, ad, adlen, - m, mlen, c, clen, c + mlen, tlen); + err = mbedtls_cipher_auth_encrypt_ext(cipher_ctx->evp, n, nlen, ad, adlen, + m, mlen, c, *clen, c + mlen, tlen); *clen += tlen; break; case CHACHA20POLY1305IETF: @@ -226,8 +226,8 @@ aead_cipher_decrypt(cipher_ctx_t *cipher_ctx, // Otherwise, just use the mbedTLS one with crappy AES-NI. case AES192GCM: case AES128GCM: - err = mbedtls_cipher_auth_decrypt(cipher_ctx->evp, n, nlen, ad, adlen, - m, mlen - tlen, p, plen, m + mlen - tlen, tlen); + err = mbedtls_cipher_auth_decrypt_ext(cipher_ctx->evp, n, nlen, ad, adlen, + m, mlen - tlen, p, *plen, plen - tlen, tlen); break; case CHACHA20POLY1305IETF: err = crypto_aead_chacha20poly1305_ietf_decrypt(p, &long_plen, NULL, m, mlen, @@ -724,9 +724,9 @@ aead_key_init(int method, const char if (method >= CHACHA20POLY1305IETF) { cipher_kt_t *cipher_info = (cipher_kt_t *)ss_malloc(sizeof(cipher_kt_t)); cipher->info = cipher_info; - cipher->info->base = NULL; - cipher->info->key_bitlen = supported_aead_ciphers_key_size[method] * 8; - cipher->info->iv_size = supported_aead_ciphers_nonce_size[method]; + cipher->info->private_base_idx = 0; + cipher->info->private_key_bitlen = supported_aead_ciphers_key_size[method] * 8; + cipher->info->private_iv_size = supported_aead_ciphers_nonce_size[method]; } else { cipher->info = (cipher_kt_t *)aead_get_cipher_type(method); } --- a/src/stream.c +++ b/src/stream.c @@ -174,7 +174,7 @@ cipher_nonce_size(const cipher_t *cipher) if (cipher == NULL) { return 0; } - return cipher->info->iv_size; + return cipher->info->private_iv_size; } int @@ -192,7 +192,7 @@ cipher_key_size(const cipher_t *cipher) return 0; } /* From Version 1.2.7 released 2013-04-13 Default Blowfish keysize is now 128-bits */ - return cipher->info->key_bitlen / 8; + return cipher->info->private_key_bitlen / 8; } const cipher_kt_t * @@ -645,9 +645,9 @@ stream_key_init(int method, const char if (method == SALSA20 || method == CHACHA20 || method == CHACHA20IETF) { cipher_kt_t *cipher_info = (cipher_kt_t *)ss_malloc(sizeof(cipher_kt_t)); cipher->info = cipher_info; - cipher->info->base = NULL; - cipher->info->key_bitlen = supported_stream_ciphers_key_size[method] * 8; - cipher->info->iv_size = supported_stream_ciphers_nonce_size[method]; + cipher->info->private_base_idx = 0; + cipher->info->private_key_bitlen = supported_stream_ciphers_key_size[method] * 8; + cipher->info->private_iv_size = supported_stream_ciphers_nonce_size[method]; } else { cipher->info = (cipher_kt_t *)stream_get_cipher_type(method); }
这个
101-fix-mbedtls3.6-build.patch
补丁能编译通过,有谁测试一下是否可用?--- a/m4/mbedtls.m4 +++ b/m4/mbedtls.m4 @@ -31,7 +31,7 @@ AC_DEFUN([ss_MBEDTLS], AC_COMPILE_IFELSE( [AC_LANG_PROGRAM( [[ -#include <mbedtls/config.h> +#include <mbedtls/mbedtls_config.h> ]], [[ #ifndef MBEDTLS_CIPHER_MODE_CFB @@ -48,7 +48,7 @@ AC_DEFUN([ss_MBEDTLS], AC_COMPILE_IFELSE( [AC_LANG_PROGRAM( [[ -#include <mbedtls/config.h> +#include <mbedtls/mbedtls_config.h> ]], [[ #ifndef MBEDTLS_ARC4_C @@ -64,7 +64,7 @@ AC_DEFUN([ss_MBEDTLS], AC_COMPILE_IFELSE( [AC_LANG_PROGRAM( [[ -#include <mbedtls/config.h> +#include <mbedtls/mbedtls_config.h> ]], [[ #ifndef MBEDTLS_BLOWFISH_C @@ -80,7 +80,7 @@ AC_DEFUN([ss_MBEDTLS], AC_COMPILE_IFELSE( [AC_LANG_PROGRAM( [[ -#include <mbedtls/config.h> +#include <mbedtls/mbedtls_config.h> ]], [[ #ifndef MBEDTLS_CAMELLIA_C --- a/src/crypto.c +++ b/src/crypto.c @@ -103,7 +103,7 @@ crypto_md5(const unsigned char *d, size_t n, unsigned char *md) if (md == NULL) { md = m; } -#if MBEDTLS_VERSION_NUMBER >= 0x02070000 +#if MBEDTLS_VERSION_NUMBER < 0x03000000 && MBEDTLS_VERSION_NUMBER >= 0x02070000 if (mbedtls_md5_ret(d, n, md) != 0) FATAL("Failed to calculate MD5"); #else --- a/src/aead.c +++ b/src/aead.c @@ -178,8 +178,8 @@ aead_cipher_encrypt(cipher_ctx_t *cipher_ctx, case AES192GCM: case AES128GCM: - err = mbedtls_cipher_auth_encrypt(cipher_ctx->evp, n, nlen, ad, adlen, - m, mlen, c, clen, c + mlen, tlen); + err = mbedtls_cipher_auth_encrypt_ext(cipher_ctx->evp, n, nlen, ad, adlen, + m, mlen, c, *clen, c + mlen, tlen); *clen += tlen; break; case CHACHA20POLY1305IETF: @@ -226,8 +226,8 @@ aead_cipher_decrypt(cipher_ctx_t *cipher_ctx, // Otherwise, just use the mbedTLS one with crappy AES-NI. case AES192GCM: case AES128GCM: - err = mbedtls_cipher_auth_decrypt(cipher_ctx->evp, n, nlen, ad, adlen, - m, mlen - tlen, p, plen, m + mlen - tlen, tlen); + err = mbedtls_cipher_auth_decrypt_ext(cipher_ctx->evp, n, nlen, ad, adlen, + m, mlen - tlen, p, *plen, plen - tlen, tlen); break; case CHACHA20POLY1305IETF: err = crypto_aead_chacha20poly1305_ietf_decrypt(p, &long_plen, NULL, m, mlen, @@ -724,9 +724,9 @@ aead_key_init(int method, const char if (method >= CHACHA20POLY1305IETF) { cipher_kt_t *cipher_info = (cipher_kt_t *)ss_malloc(sizeof(cipher_kt_t)); cipher->info = cipher_info; - cipher->info->base = NULL; - cipher->info->key_bitlen = supported_aead_ciphers_key_size[method] * 8; - cipher->info->iv_size = supported_aead_ciphers_nonce_size[method]; + cipher->info->private_base_idx = 0; + cipher->info->private_key_bitlen = supported_aead_ciphers_key_size[method] * 8; + cipher->info->private_iv_size = supported_aead_ciphers_nonce_size[method]; } else { cipher->info = (cipher_kt_t *)aead_get_cipher_type(method); } --- a/src/stream.c +++ b/src/stream.c @@ -174,7 +174,7 @@ cipher_nonce_size(const cipher_t *cipher) if (cipher == NULL) { return 0; } - return cipher->info->iv_size; + return cipher->info->private_iv_size; } int @@ -192,7 +192,7 @@ cipher_key_size(const cipher_t *cipher) return 0; } /* From Version 1.2.7 released 2013-04-13 Default Blowfish keysize is now 128-bits */ - return cipher->info->key_bitlen / 8; + return cipher->info->private_key_bitlen / 8; } const cipher_kt_t * @@ -645,9 +645,9 @@ stream_key_init(int method, const char if (method == SALSA20 || method == CHACHA20 || method == CHACHA20IETF) { cipher_kt_t *cipher_info = (cipher_kt_t *)ss_malloc(sizeof(cipher_kt_t)); cipher->info = cipher_info; - cipher->info->base = NULL; - cipher->info->key_bitlen = supported_stream_ciphers_key_size[method] * 8; - cipher->info->iv_size = supported_stream_ciphers_nonce_size[method]; + cipher->info->private_base_idx = 0; + cipher->info->private_key_bitlen = supported_stream_ciphers_key_size[method] * 8; + cipher->info->private_iv_size = supported_stream_ciphers_nonce_size[method]; } else { cipher->info = (cipher_kt_t *)stream_get_cipher_type(method); }
大佬本人小白这补丁怎么打,能详细说下吗?
from helloworld.
mbedtls 降低版本即可
大佬能详细说下吗?小白一枚
from helloworld.
mbedtls 降低版本即可
大佬能详细说下吗?小白一枚
把源码中package/libs/目录下以下三个文件夹用lede源码中的替换
mbedtls
ustream-ssl
uclient
from helloworld.
我就替换了一个,用的官方2305的,也可以
from helloworld.
把源码中package/libs/目录下以下三个文件夹用lede源码中的替换
mbedtls
ustream-ssl
uclient
降级就没意义了!
from helloworld.
把源码中package/libs/目录下以下三个文件夹用lede源码中的替换
mbedtls
ustream-ssl
uclient降级就没意义了!
但你这个补丁我弄不好,还是报错
from helloworld.
我是直接把ss和ssr都去掉了,不编译进去,不用SS节点就行了,没影响。
from helloworld.
但你这个补丁我弄不好,还是报错
已修改补丁。
from helloworld.
Related Issues (20)
- 求教,编译报错 HOT 3
- hysteria-app-v2.4.1编译出错 HOT 4
- 无法从外网访问 HOT 2
- 希望能支持IMAP 邮箱需要使用 HOT 3
- xray-plugin 编译出错,求解决
- 服务端Shadowsocks不支持ipv6 HOT 2
- missing dependency libpcre HOT 1
- 写错了删了
- SSR plus 只需要 v2ray,请问 make menuconfig 时应该怎么选择? HOT 1
- ssr-plus禁用国内网站的ipv6解析,但没有禁用海外网站的ipv6解析,这算bug吗?
- 编译报错 HOT 2
- Rust编译过程报错 HOT 3
- 每次都是编译错误,Code2,从网上找了很多资料也没能解决。 HOT 1
- 编译报错,rust-dev 无法下载 HOT 3
- Vless节点油管速度上不去 HOT 6
- ERROR: package/feeds/helloworld/shadowsocks-rust failed to build. HOT 9
- 导入trojor链接时设置allowInsecure或者insecure字段无效,导致无法设置跳过tls证书 HOT 5
- ./scripts/feeds update -a时出现ERROR: please fix feeds/helloworld/shadowsocks-rust/Makefile - see logs/feeds/helloworld/shadowsocks-rust/dump.txt for details HOT 1
- ssrplus服务反复重启 HOT 14
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from helloworld.