Cant update to Curl 7.76.1

Active8

Verified User
Joined
Jul 13, 2013
Messages
674
On one of our boxes we cant install the latest curl:

Code:
vtls/openssl.c: In function 'SSL_CTX_use_certificate_chain_blob':
vtls/openssl.c:734: error: 'in' undeclared (first use in this function)
vtls/openssl.c:734: error: (Each undeclared identifier is reported only once
vtls/openssl.c:734: error: for each function it appears in.)
make[2]: *** [vtls/libcurl_la-openssl.lo] Error 1
make[2]: Leaving directory `/usr/local/directadmin/custombuild/curl-7.76.1/lib'
make[1]: *** [all] Error 2
make[1]: Leaving directory `/usr/local/directadmin/custombuild/curl-7.76.1/lib'
make: *** [all-recursive] Error 1

Code:
[[email protected] custombuild]# curl -V
curl 7.75.0 (x86_64-pc-linux-gnu) libcurl/7.75.0 OpenSSL/1.0.1e-fips zlib/1.2.3 zstd/1.4.5 nghttp2/1.42.0
Release-Date: 2021-02-03
Protocols: dict file ftp ftps gopher gophers http https imap imaps mqtt pop3 pop3s rtsp smb smbs smtp smtps telnet tftp
Features: alt-svc AsynchDNS HTTP2 HTTPS-proxy IPv6 Largefile libz NTLM NTLM_WB SSL UnixSockets zstd

This is an Centos 6 box with Extended Lifecycle Support from Cloudlinux till 2024, but i don't think this has anything to do with it
 
Last edited:

sysdev

Verified User
Joined
Jul 16, 2007
Messages
371
A quick fix is to

cd /usr/local/directadmin/custombuild/
# untarzip the curl package
tar -zxvf curl-7.76.1.tar.gz
#change to the directory where the error occurs
cd curl-7.76.1/lib/vtls/
# edit the file and remove the unused/unreference variable "(void)in" line at line 734
sed -i '734d' ./openssl.c
# make the file immutable to prevent vustombuild from overwriting it
chattr +i openssl.c
# build curl
cd /usr/local/directadmin/custombuild/
./build curl
# is everything is ok, remove the immutable flag from openssl.c
cd curl-7.76.1/lib/vtls/
chattr -i openssl.c
# cleanup
cd /usr/local/directadmin/custombuild/
rm -rf curl-7.76.1/
 
Last edited:

k1l0b1t

Verified User
Joined
May 10, 2020
Messages
386
Location
Belgium
I had another weird issue:

in the GUI it spits out fread() errors (enhanced skin), but running it from the cli works fine. I assume some issue with custombuild.

edit: I've tried building it from the gui again and that worked fine. I assume some temporary bug or something, weird :p
 
Last edited:

Peter Laws

Verified User
Joined
Sep 13, 2008
Messages
2,207
Location
London UK
I get this on Debian 8 too...... So, I guess it's upgrade OS or GTFO..... No guessing as to what I'm choosing! ;)
 

sysdev

Verified User
Joined
Jul 16, 2007
Messages
371
I get this on Debian 8 too...... So, I guess it's upgrade OS or GTFO..... No guessing as to what I'm choosing! ;)
Well, I think this is just a bug in the patch DA made. It's not in the original curl source code.
 

Active8

Verified User
Joined
Jul 13, 2013
Messages
674
think this is just a bug in the patch DA made
It pity that no one from the staff replied on this thread.

There is something wrong with the CS script and thanks to you we have managed to overcome the problem with the Centos 6 box, but I have expected this would fixed by DA but they didnt, even no any reply or whatsever
 
Last edited:

smtalk

Administrator
Staff member
Joined
Aug 22, 2006
Messages
10,177
Location
LT, EU
# untarzip the curl package
tar -zxvf curl-7.76.1.tar.gz
#change to the directory where the error occurs
cd curl-7.76.1/lib/vtls/
# edit the file and remove the unused/unreference variable "(void)in" line at line 734
sed -i '734d' ./openssl.c
Well, I think this is just a bug in the patch DA made. It's not in the original curl source code.
You extracted original curl package, then removed line 734. Why do you think it's a patch from DA?

By the way, is any non-eol OS affected?

Thank you.
 

sysdev

Verified User
Joined
Jul 16, 2007
Messages
371
You extracted original curl package, then removed line 734. Why do you think it's a patch from DA?

By the way, is any non-eol OS affected?

Thank you.
Because it's not in the original curl sourcecode but is in the source from the da-servers. Seemed obvious to me?
 

smtalk

Administrator
Staff member
Joined
Aug 22, 2006
Messages
10,177
Location
LT, EU
Because it's not in the original curl sourcecode but is in the source from the da-servers. Seemed obvious to me?
Code:
[[email protected] custombuild]# wget https://curl.se/download/curl-7.76.1.tar.gz
2021-05-19 20:25:40 (21.9 MB/s) - 'curl-7.76.1.tar.gz' saved [4096973/4096973]
[[email protected] custombuild]# md5sum curl-7.76.1.tar.gz
483abfeed7253b4791dbaa955a831dda  curl-7.76.1.tar.gz
[[email protected] custombuild]# rm -f curl-7.76.1.tar.gz
[[email protected] custombuild]# wget https://files-fr.directadmin.com/services/custombuild/curl-7.76.1.tar.gz
2021-05-19 20:26:39 (107 MB/s) - '/usr/local/directadmin/custombuild/curl-7.76.1.tar.gz' saved [4096973/4096973]
[[email protected] custombuild]# md5sum curl-7.76.1.tar.gz
483abfeed7253b4791dbaa955a831dda  curl-7.76.1.tar.gz

483abfeed7253b4791dbaa955a831dda = 483abfeed7253b4791dbaa955a831dda
 

Active8

Verified User
Joined
Jul 13, 2013
Messages
674
Good to see that this thread makes progress

@smtalk Yes, this is an EOL Centos 6 but as said in the first post we have an subscription with Cloudlinux for extended support, we are getting all relevant updates and security fixes on regular base

The question here is what is the solution then if the one offered by @sysdev is not correct?
 
Last edited:

sysdev

Verified User
Joined
Jul 16, 2007
Messages
371
Code:
[[email protected] custombuild]# wget https://curl.se/download/curl-7.76.1.tar.gz
2021-05-19 20:25:40 (21.9 MB/s) - 'curl-7.76.1.tar.gz' saved [4096973/4096973]
[[email protected] custombuild]# md5sum curl-7.76.1.tar.gz
483abfeed7253b4791dbaa955a831dda  curl-7.76.1.tar.gz
[[email protected] custombuild]# rm -f curl-7.76.1.tar.gz
[[email protected] custombuild]# wget https://files-fr.directadmin.com/services/custombuild/curl-7.76.1.tar.gz
2021-05-19 20:26:39 (107 MB/s) - '/usr/local/directadmin/custombuild/curl-7.76.1.tar.gz' saved [4096973/4096973]
[[email protected] custombuild]# md5sum curl-7.76.1.tar.gz
483abfeed7253b4791dbaa955a831dda  curl-7.76.1.tar.gz

483abfeed7253b4791dbaa955a831dda = 483abfeed7253b4791dbaa955a831dda
Hmm, i looked in this file: https://github.com/curl/curl/blob/master/lib/vtls/openssl.c
It's not there so i presumed it was the result of a patch. My bad!
 

Active8

Verified User
Joined
Jul 13, 2013
Messages
674
Why wouldn't it be correct? It's basic c...
I agree that it wont hurt and your solution just works, but when I look how @smtalk react it looks like he is not happy the way you solved this

An other side, I still don't see any solutions from DA staff for this problem only reply on the fix you had provide.
An extra check in CS must look if there is an supported OS on the server or not before listing this update
I assume they are not going to fix this
 

sysdev

Verified User
Joined
Jul 16, 2007
Messages
371
I agree that it wont hurt and your solution just works, but when I look how @smtalk react it looks like he is not happy the way you solved this

An other side, I still don't see any solutions from DA staff for this problem only reply on the fix you had provide.
An extra check in CS must look if there is an supported OS on the server or not before listing this update
I assume they are not going to fix this
Oh, I don't know about that. I presumed it was a DA patch, it wasn't. It also wasn't in the online sourcecode. But the tar.gz has a date of 14 apr. And the source file is changed only 12 days ago.

So it just looks like a bug in the current tar.gz where the (void)in is replaced with void(blob) which fixes it already. Besides waiting for a new version, DA doesn't really have to do anything.
 

smtalk

Administrator
Staff member
Joined
Aug 22, 2006
Messages
10,177
Location
LT, EU
I agree that it wont hurt and your solution just works, but when I look how @smtalk react it looks like he is not happy the way you solved this
No, I'm really happy to see @sysdev participating there :) I just want to collect more details on it, and it'd be the best to use a patched version from cURL or to always downgrade on EOL systems. We could backport the patch - but I've still got no details if CentOS 7/8, Debian 9/10, Ubuntu 18.04/20.04 or FreeBSD 11/12 are affected. I was unable to reproduce it on any non-EOL system, we've got no tickets yet, it didn't sound pretty serious/urgent to solve. And yes, I agree - it needs to be solved, I just didn't want to take any urgent actions to make things worse.
 
Top