Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Thu, 4 Aug 2016 13:06:25 +0300
From: Solar Designer <solar@...nwall.com>
To: john-users@...ts.openwall.com
Subject: Re: SSL headers and JTR compile on MAC

On Thu, Aug 04, 2016 at 08:56:33AM +0200, websiteaccess@...il.com wrote:
> Thanks for your reply, but how install these openssl development files  ?
> 
> > Le 3 ao??t 2016 ?? 19:59, Matus UHLAR - fantomas <uhlar@...tomas.sk> a ??crit :
> > you need openssl development files.

Guys, please try to keep your postings actually useful.  Neither of the
two above was useful: a non-helpful answer, and an obvious rewording of
the question.  Also, W.A., please don't top-post.

Apple says:

http://lists.apple.com/archives/macnetworkprog/2015/Jun/msg00025.html

"We recommend that developers who need OpenSSL build their own copy of
it and include that copy in their app.  Alternatively you can use native
OS X APIs, like Secure Transport."

Other OpenSSL-using projects and their users are typically posting this
kind of instructions for installing OpenSSL with Homebrew:

http://brew.sh
https://github.com/phusion/passenger/issues/1630#issuecomment-147464414
https://solitum.net/openssl-os-x-el-capitan-and-brew/
http://stackoverflow.com/questions/32960032/nginx-cannot-find-openssl-development-headers/32964832#32964832

An excessive superset of those appears to be:

brew doctor
brew update
brew upgrade
brew install openssl
brew link openssl --force
cd /usr/local/include
ln -s ../opt/openssl/include/openssl .

Per a GitHub comment above, this might also work:

xcode-select --install
cd /usr/local/include
ln -s ../opt/openssl/include/openssl .

The symlink should take care of the JtR build finding the headers.
For linking, you might (or might not) also need
"-L/usr/local/opt/openssl/lib" added to LDFLAGS.

Some other people are building OpenSSL from source manually:

http://mac-dev-env.patrickbougie.com/openssl/

If you do this, you should preferably verify the signature on your
download before extracting the tarball, and avoid building as root.

I haven't tested any of this.  W.A., or anyone, if you do, please post
in here to let us know which of these worked for you, and please be
specific about issues you might run into and work around, if any.

Alexander

Powered by blists - more mailing lists

Your e-mail address:

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.